šŸ’° Security, Funded #191 - RSA State of Mind

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of April 21, 2025.

Author

Mike Privette
April 28, 2025 ā€¢ Reading Time: 17 minutes

Security, Funded by Return on Security, is a weekly analysis of economic activity in the cybersecurity market. This weekā€™s issue is brought to you by Palo Alto Networks, Cydea, and Material Security.


THIS WEEKā€™S LEAD PARTNER

Hey there,

I hope you had a great weekend, and Happy RSA Conference week to all those who celebrate!

Fresh off the heels of BSidesSF, where I gave my first conference presentation (!!), this weekā€™s post is coming to you live and direct from RSA in San Francisco. The vibe is electric, and Iā€™m already exhausted, but this bread isnā€™t going to get itself, family. šŸ˜¤ šŸ‘Š šŸ„– 

There were an insane number of transactions last week, so go ahead and hit that ā€œRead Onlineā€ link at the top of the email so you donā€™t miss anything.

Also, Iā€™ll be bouncing around all over the place this week, so please feel free to stop me and say hello. Iā€™ll have Return on Security stickers that you can slap on your laptop, water bottles, or even your friends!

PARTNER

Is Posture Security A Match for the Modern Threat Landscape?

In the race between cloud attackers and defenders, time is the critical factor ā€” and time increasingly favors the attackers.

Security teams take approximately 145 hours to resolve a single alert ā€” far too late to prevent a breach. Meanwhile, attackers are now exfiltrating data nearly twice as fast as they did just 12 months ago.

The widening gap between attack speed and response time exposes a fundamental truth: traditional peace-time cloud security approaches are no longer sufficient in today's threat landscape.

šŸ˜Ž Vibe Check

Make sure to click on the options below to vote in this weekā€™s poll, whether youā€™re a practitioner, founder, or investor!

Whatā€™s your take on the rise of vibe coding from a security perspective?

Login or Subscribe to participate in polls.

Last issueā€™s vibe check:
Whatā€™s the biggest thing that undermines a security leaderā€™s influence?
šŸŸØšŸŸØšŸŸØšŸŸØā¬œļøā¬œļø Seen as ā€œthe blockerā€ (13)
šŸŸØšŸŸØšŸŸØšŸŸØā¬œļøā¬œļø Poor risk communication (13)
šŸŸ©šŸŸ©šŸŸ©šŸŸ©šŸŸ©šŸŸ© Weak executive alignment (29)
šŸŸØšŸŸØā¬œļøā¬œļøā¬œļøā¬œļø Misaligned with operations (9)
šŸŸØā¬œļøā¬œļøā¬œļøā¬œļøā¬œļø Other (leave comment) (5)
69 Votes (newsletter + LinkedIn)

Last weekā€™s vibe check showed that weak executive alignment is the number one reason security leaders lose influence. Almost half of all voters picked it, ahead of being seen as "the blocker" or struggling with risk communication.

The lesson is pretty clear - if you donā€™t have leadership support, you also won't win at the operational level (as one commenter rightly pointed out). Without executives reinforcing security priorities, even the best ideas and programs struggle to gain traction. Building influence in security is not just about technical expertise or the strength of your arguments, itā€™s about making sure the right people are standing with you when it counts.

Some of the top comments from last weekā€™s vibe check:

Weak executive alignment - ā€œIf you can't get a VP or better to call someone who isn't doing what they need to do to improve security, you don't have any executive support and you can't be effective.ā€

Blocker - ā€œSuccessful businesses don't like being blocked. They're looking for opportunities, and value the people who enable them.ā€

Other - ā€œExpecting to earn influence as a byproduct of transactional work rather than learning how to identify & establish the necessary relationships to be a successful political player.ā€

šŸ’° Market Summary

Private Markets

  • 24 companies from 6 countries raised $741.6M across 18 unique product categories

  • 2 companies were acquired or had a merger event across 2 unique product categories

  • 100% of funding went to product-based cybersecurity companies

Public Markets

  • 1 public cyber company had an earnings report

  • Public market moves last week

As of markets closed on April 25, 2025.

šŸ“ø YoY Snapshot

Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.

Click to see a larger version

Last week was a massive week of funding ahead of the RSA Conference and the week with the highest volume of transactions all year.

Click to see a larger version

A slower week on the M&A front last week, but that script is going to flip this week while at RSA. Itā€™s all about coming out of stealth and making a splash the weeks before RSA, but itā€™s all about the flashy acquisitions the week of RSA.

PARTNER

šŸŽ™ļø New Video Series: Communicating Cyber

Real CISOs. Real stories. Real impact.

How do top CISOs get boardroom buy-in? Communicating Cyber goes behind the scenes with seasoned security leaders to reveal how they turn technical risks into clear, compelling narratives.

Practical tips, battle-tested stories, no fluff.

ā˜Žļø Earnings Reports

Earnings reports from last week: $CHKP ( ā–¼ 0.92% )

Macro Context:

  • Markets gave back some of the massive gains they lost due to tariff and policy uncertainty, as there appeared to be a softening of approach on tariffs more broadly.

Check Point Software - $CHKP ( ā–¼ 0.92% )

Check Point delivered a solid first quarter, with revenue growing 7% to reach $638 million. This success was driven by strong demand for ā€œQuantum Forceā€ appliances and the Infinity platform, which saw double-digit growth. Most notably, the company's deferred revenue grew by 5% to $1.95 billion, showing healthy future demand.

A partnership with Wiz, along with a focus on SASE and AI, also drove significant growth. However, there are concerns about the impact of tariffs and the broader macroeconomic environment as a company that still ships physical devices. Tariff concerns for firewall companies were something I called out in a deep dive post on The Uncertainty Era.

That being said, Iā€™m still bullish on Check Point and its ability to execute.

Earning reports to watch this coming week: $TENB ( ā–¼ 0.75% )

šŸ§© Funding By Product Category

Click to see a larger version

  • $464.0M for Software Supply Chain Security across 3 deals

  • $50.0M for Data Security Posture Management (DSPM) across 1 deal

  • $49.3M for Identity Threat Detection and Response (ITDR) across 2 deals

  • $37.0M for Cybersecurity Program Management across 1 deal

  • $25.0M for SaaS Security Posture Management (SSPM) across 1 deal

  • $20.0M for Internet Security across 1 deal

  • $17.6M for Fraud and Financial Crime Protection across 2 deals

  • $17.0M for Application Security across 1 deal

  • $10.1M for Security Operations across 3 deals

  • $10.0M for Digital Footprint Management across 1 deal

  • $8.0M for AI Adversary Simulation across 1 deal

  • $7.6M for Software Composition Analysis (SCA) across 1 deal

  • $7.5M for Identity Governance & Administration (IGA) across 1 deal

  • $7.0M for Threat Intelligence across 1 deal

  • $7.0M for Attack Surface Management (ASM) across 1 deal

  • $3.3M for Non-Human Identity (NHI) Security across 1 deal

  • $1.3M for Blockchain Security across 1 deal

  • An undisclosed amount for Anti-Malware across 1 deal

šŸ¢ Funding By Company

Product Companies:

Service Companies:

  • None

šŸŒŽ Funding By Country

Click to see a larger version

  • $562.9M for the United States across 13 deals

  • $82.6M for Israel across 4 deals

  • $67.0M for the United Kingdom across 3 deals

  • $21.3M for Singapore across 2 deals

  • $4.6M for Spain across 1 deal

  • $3.3Mfor Gibraltar across 1 deal

šŸ¤ Mergers & Acquisitions

Product Companies:

  • appNovi, a United States-based attack surface management (ASM) platform, was acquired by Fenix24 for an undisclosed amount. appNovi has not publicly disclosed any funding events. (more)

  • Coana, a Denmark-based software composition analysis (SCA) platform, was acquired by Socket for an undisclosed amount. Coana had previously raised $2.1M in funding. (more)

Service Companies:

  • None

šŸ“š Great Reads

  • Signal v. Noise in the RSA Innovation Sandbox - Is winning the RSA Innovation Sandbox a good signal? Check out this analysis that Rami McCarthy and I did of the last 20 years of the competition and see the economic impact on the cybersecurity industry.

  • *Piecing Together a Fragmented Landscape of Email Security - Attackers already see the cracks in your standard email security, and the only question is how long youā€™ll pretend they arenā€™t there.

  • Secure Coding Starter Pack - My friend Tanya Janca (SheHacksPurple) has put together a free secure coding guideline to help developers build safer software from the start. Itā€™s practical, and you get it when you join her newsletter on secure coding best practices.

  • Your Strengths Are Your Weaknesses - A short and helpful review of how your strengths and weaknesses can be two sides of the same coin and how this can be a superpower with the right context.

*Sponsored

šŸ§Ŗ Labs

Forget survival guides, tell me about your RSA battle scars

Security ROI > Coffee ROI

Get value every week? Back the mission.

Or forward this to someone smart.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using the Return on Security system.

  • Sometimes deal details, like who led the round, how much was raised, or the deal stage, may be updated after publication.

  • Let us know if you spot any errors, and weā€™ll fix them.

Reply

or to participate.