šŸ’° Security, Funded #187 - It Was the FAFO of Times

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of March 24, 2025.

Author

Mike Privette
March 31, 2025 ā€¢ Reading Time: 12 minutes

Security, Funded by Return on Security, is a weekly analysis of economic activity in the cybersecurity market. This weekā€™s issue is brought to you by Palo Alto Networks and Tines.


TOGETHER WITH
Palo Alto Networks

Hey there,

I hope you had a great weekend, and Happy End of Q1 to all those who celebrate!

With all the excitement from the largest cybersecurity acquisition in history behind us, it left many wondering ā€œwhat if.ā€ What if Wiz had gone public? What if it could have reached a $100 billion market cap?

Sadly, weā€™ll never know the answers to those questions. But we can glimpse into how Wizā€™s debut into the public market may have been perceived, given these *checks notes* unprecedented times. šŸ§ CoreWeave went public last week on a very muted note. šŸ˜Ø Like I said last week, businesses arenā€™t going to venture into a chaotic market if they donā€™t have to, and for those that do? Well, itā€™s FAFO season.

In other news, I launched a support tier for Return on Security last week.

The newsletter will always remain free (thanks to the fantastic sponsors). No pressure, no guilt trips. Just an option for those who've wondered how to support beyond opening emails (which is still much appreciated!).

TOGETHER WITH

Go on Offense with Real-Time Security from Code to Cloud to SOC

Cloud threats evolve fast, and traditional security can't keep up. 

Introducing Cortex Cloudā€”bringing together best-in-class CDR with the next version of Prisma Cloud's leading CNAPP for real-time cloud security. 

Built on Cortex, it enables seamless adoption of integrated capabilities within the worldā€™s most complete enterprise-to-cloud SecOps platform. Gain context-driven defense and resolve threats in real timeā€”because attackers move in minutes, not days.

šŸ˜Ž Vibe Check

Make sure to click on the options below to vote in this weekā€™s poll, whether youā€™re a practitioner, founder, or investor!

Whatā€™s the first sign a security tool wonā€™t deliver value?

Login or Subscribe to participate in polls.

Last issueā€™s vibe check:
Whatā€™s the biggest reason cybersecurity tools donā€™t get fully adopted?
šŸŸØšŸŸØšŸŸØā¬œļøā¬œļøā¬œļø šŸ˜µā€šŸ’« Priorities keep changing (7)
šŸŸ©šŸŸ©šŸŸ©šŸŸ©šŸŸ©šŸŸ© šŸ§  Lack of internal expertise (11)
šŸŸØšŸŸØšŸŸØšŸŸØšŸŸØā¬œļø šŸ‘Ž Tools overpromise and underdeliver (10)
šŸŸ©šŸŸ©šŸŸ©šŸŸ©šŸŸ©šŸŸ© šŸ“‰ Poor integration with existing workflows (11)
39 Votes

If thereā€™s any clearer signal than the results of last weekā€™s poll, Iā€™m not sure what it is. The results show that internal friction and an over-built, under-supported cybersecurity ecosystem are what is holding things back. Security teams arenā€™t struggling with focus or motivation.

Instead, theyā€™re struggling with execution, and the challenge here is with fixing the customer-product relationship.

Some of the top comments from last weekā€™s vibe check:

Poor integration - ā€œI'll be a bit contrarian here and say it can often have less to do with how integratable the new tool is, and instead how well the existing workflow can accommodate changes -- is there enough surface, and what integration can you use? Like trying to make office cubicles out of IKEA shelving, nails, and tons and tons of glue...ā€

Poor integration - ā€œTeams want to buy a tool and be done with it, whereas the work only begins with the purchase.ā€

šŸ’° Market Summary

Private Markets

  • 9 companies from 3 countries raised $459.7M across 6 unique product categories

  • 2 companies were acquired or had a merger event across 2 unique product categories

  • 100% of funding went to product-based cybersecurity companies

Public Markets

  • One public cyber company had an earnings report last week

  • Public market moves last week

As of market close on March 28, 2025.

šŸ“ø YoY Snapshot

Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.

A line chart showing how total cybersecurity funding and total events changed compared to the previous week and year over year.

Click to view larger version

Another big week on the cybersecurity funding front, dominated by huge late-stage investments. A strong leaning toward securing your personal life has been picking up steam from continued focus on managing your digital footprint.

A line chart showing how total cybersecurity M&A activity changed compared to the previous week and year over year.

Click to see larger version

And with the end of Q1 2025, M&A transaction counts match those of Q1 2024, totaling 61 transactions. Based on this trajectory, I expect 2025 to be an even busier year than 2024.

TOGETHER WITH

Automate and Streamline Vulnerability Management

22% of cybersecurity professionals have ignored a critical security alert. The longer a vulnerability goes unaddressed, the greater the risk.

Thatā€™s why many organizations are turning to automation to streamline vulnerability management. Register for this Tines webinar on April 9 to learn: 

  • Challenges security teams face in vulnerability management today

  • How LivePerson optimizes its workflows to stay ahead of evolving threats

  • Best practices for integrating automation with your existing tools

ā˜Žļø Earnings Reports

Earnings reports from last week: SailPoint

Macro Context:

  • The U.S. market continued its downward spiral, dragging down most tech and cyber stocks again on the news of more tariffs.

  • Many executives expect a recession, and Goldman Sachs raised the probability of a U.S. recession to 35% from 20%.

SailPoint delivered a solid fourth-quarter result with its first earnings call since returning to the public markets after going public (again) in February 2025. SailPoint saw revenue grow 18% to reach $240 million and a 29% increase in ARR, reaching $877 million.

These strong growth numbers came from increased customer demand for Non-Human Identity (NHI) security and privileged identity management. Unsurprisingly, solutions for AI Agent identity management and governance were high on the demand list for its customers, setting SailPoint up well for future growth in this space. Just like most companies today rely on a sprawling ecosystem of SaaS applications, expect an explosion of Agentic AI identity needs with Computer-Using Agents (CUA), just like the NHI needs that came out of the woodwork the last two years.

Continued geopolitical uncertainties and a competitive landscape with strong players like CyberArk present challenges, but I think SailPoint is strongly positioned here. The market reaction post-earnings was down, but I think this was largely due to everything else in tech being down as US markets continue their downward spiral.

Earning reports to watch this coming week: None

šŸ§© Funding By Product Category

A bar chart breakdown of cybersecurity funding amounts by product category for the previous week.

Click to see larger version

  • $250.0M for Remote Browser Isolation across 1 deal

  • $140.0M for Personal Cybersecurity across 3 deals

  • $28.0M for Artificial Intelligence (AI) Security across 2 deals

  • $17.5M for Trust & Safety across 1 deal

  • $13.5M for Penetration Testing across 1 deal

  • $8.0M for Fraud and Financial Crime Protection across 1 deal

  • $2.7M for Threat Intelligence across 1 deal

šŸ¢ Funding By Company

Product Companies:

Service Companies:

  • None

šŸŒŽ Funding By Country

A chart showing which countries raised the most in cybersecurity funding this week.

Click to see larger version

  • $443.5M for the United States across 8 deals

  • $13.5M for the United Kingdom across 1 deal

  • $2.7M for Canada across 1 deal

šŸ¤ Mergers & Acquisitions

A summary chart showing the number of M&A deals in cybersecurity the previous week.

Click to see larger version

Product Companies:

  • None

Service Companies:

  • Blaze Networks, a United Kingdom-based managed security and secure networking provider, was acquired by Communicate Technology for an undisclosed amount. Blaze Networks has not publicly disclosed any funding events. (more)

  • Roka Security, a United States-based professional services firm focused on cyber consulting and data center operations, was acquired by Nightwing Group, LLC for an undisclosed amount. Roka Security has not publicly disclosed any funding events. (more)

šŸ“š Great Reads

  • The Signal Chat Leak and the NSA - Bruce Schneier talks about the second and third order national security and cybersecurity impacts from discovering the secure messaging platform Signal is used for official U.S. government communications.

  • Security Leadersā€™ Reading List - Phil Venables, the former CISO of Google Cloud, puts together his go-to set of books for people at all levels in the cybersecurity field.

*A message from our sponsor

šŸ§Ŗ Labs

Be the meme you want to see in this world. šŸŒˆ šŸŒŸ 

A hilarious image
Security ROI > Coffee ROI

Get value every week? Back the mission.

Or just forward this to someone smart

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using our system at Return on Security, and we write all the company descriptions.

  • Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.

  • Let us know if you spot any errors, and weā€™ll fix them.

Reply

or to participate.