💰 Security, Funded #193 - From RSA to ROI

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of May 5, 2025.

Security, Funded by Return on Security, is a weekly analysis of economic activity in the cybersecurity market. This week’s issue is brought to you by Dropzone AI, Cydea, and Specops.


LEAD PARTNER

Hey there,

I hope you had a great weekend, and a late Happy Mother’s Day to all those who serve! 🫡 

I’m sure many of you are like me and are almost dug out of the backlog from RSA. Just in time, too, because Cyber Earnings Season™️ for this quarter is upon us.

A common thread I have seen so far is that almost every company (in and out of cyber) is mentioning macroeconomic uncertainty and tariffs, even if they are beating their expected results. Volatility has been “priced in,” and that’s leading to weaker forward-looking guidance (meaning how well they think they’ll do the rest of the year), and weaker stock performance than they have otherwise had.

These kinds of expectations will drive expense pressure, curb hiring, and lead companies to lean more into AI (which was already happening). These next five weeks of earnings season will show us if these companies are just being overly cautious or if we are seeing a real, lasting set of problems.

PARTNER

SOC Leaders & Analysts Trust Dropzone AI to Investigate Every Alert

Gartner Cool Vendor. RSA Finalist. Proven in production.

Analysts waste hours chasing alerts. SOC leaders struggle to scale. AI solutions often fall short, leaving teams overworked and real threats unchecked.

Dropzone AI is different. The AI SOC Analyst autonomously investigates every alert, reducing manual workload while ensuring no real threats go unnoticed. Faster investigations, fewer missed incidents, and a SOC that runs efficiently.

😎 Vibe Check

Make sure to click on the options below to vote, whether you’re a practitioner, founder, or investor!

What’s the biggest lie we tell ourselves in cybersecurity?

Login or Subscribe to participate in polls.

Last issue’s vibe check:
What trend in security is most misunderstood right now?
🟩🟩🟩🟩🟩🟩 Agents will replace analysts (85)
🟨⬜️⬜️⬜️⬜️⬜️ Secure-by-default is easy (29)
🟨🟨🟨⬜️⬜️⬜️ AI makes us less secure (32)
🟨🟨⬜️⬜️⬜️⬜️ AppSec is solved (30)
⬜️⬜️⬜️⬜️⬜️⬜️ Other (leave comment) (3)
179 Votes (Newsletter + LinkedIn) ← New High Score!

Wow, if this poll doesn’t sum up the state of the cybersecurity industry in 2025 in one swoop, I don’t know what does.

Over these last two years, we’ve seen an industry dumping billions into AI for Security to reduce the burden and workload from human defenders who are (some say) objectively “losing the fight” against attackers. And then, on the other hand, you’ve got practitioners who believe this is the least likely path of what will happen.

Innovation in any field requires making leaps that aren’t always obvious. Maybe we’re in that awkward, uncomfortable period of time where we can’t let go of the past but can’t yet envision the future. Will this be a real innovation leap in our field? The results last week tell a real story that security folks don’t think agents are coming to save them any time soon.

Some of the top comments from last week’s vibe check:

Agents Replace - “Analysts need to configure/monitor agents”

AppSec Solved - “AppSec will massively benefit from AI-driven bug finding (and hopefully fixing), while at the same time suffering from vulnerabilities introduced by AI coding tools used by junior engineers.”

AI Less Secure - “‘Vibe Coding’ will be the new hacking gold rush (supported with AI agents, of course)”

💰 Market Summary

Private Markets

  • 4 companies from 4 countries raised $69.0M across 4 unique product categories

  • 6 companies were acquired or had a merger event across 2 unique product categories

  • 100%of funding went to product-based cybersecurity companies

Public Markets

  • 3 public cyber companies had an earnings report

  • Public market moves last week

As of markets close on May 9, 2025.

📸 YoY Snapshot

Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.

Click to see a larger version

April 2025 finished on a very strong note, with cybersecurity companies raising over $2.1 billion in funding. April marked the first month to see over $2 billion in cybersecurity funding since May 2024. If you’re wondering why last year’s total funding for the week was so high, it’s because that was the week when Wiz announced a $1 billion Series E funding round at RSA and blew everyone’s mind.

From Security Funded #143

Click to see a larger version

April was also a very strong month for cyber M&A, with over 20 transactions as we strode into the start of the cyber conference season with the RSA Conference.

PARTNER

What if your board actually understood cyber risk?

From risk data to boardroom decisions

Drowning in technical data? Not all vulnerabilities are created equal. Make better decisions faster and without dumbing things down.

Cydea helps you connect cyber risk with business goals - giving security teams the context they need to prioritize smarter, justify the spending, and start securing what’s most important.

☎️ Earnings Reports

Macro Context:

  • The US Federal Reserve (and my boy JPow) kept interest rates steady but warned of economic problems due to trade policies and tariffs.

Fortinet kicked off 2025 with a strong first quarter, highlighting a 14% YoY growth in revenue, reaching $1.54 billion. Fortinet reported a record operating margin of 34%, showing a strong balance between growth and profitability.

EMEA was specifically called out as having a breakout quarter, while America and APAC were assumed to be consistent with expectations. While Fortinet's performance was strong, the company acknowledged potential headwinds from geopolitical uncertainties and currency fluctuations.

As a cyber vendor still selling physical hardware devices, supply chain constraints, tariffs, and the weakening USD can have real ripple effects.

Qualys delivered a solid first quarter, with revenue growing 10% to $159.9 million. This growth was driven by the strong performance of their channel strategy, with 49% of total revenues coming from channel partners, up from 45% a year ago. Qualys also saw more customer demand for their cloud security platform.

Despite the positive results, Qualys was cautious about the macroeconomic environment, noting increased scrutiny on spending and longer sales cycles. The market response was still strong here, and the stock rose 4% after the call.

Varonis Systems delivered a stellar first quarter, with revenue climbing 20% (!!) to $136.4 million. This growth was driven by a strong push in their SaaS transition, with SaaS ARR now making up 61% of total ARR, reaching $403.9 million.

As businesses rush to use more AI and Agentic AI (even though we’re still figuring out what that means as an industry), there will be a greater need for more data security and more access governance of sensitive data.

Despite the positive numbers and Varonis raising its forward-looking guidance, it also cited the challenges ahead, including a competitive landscape and uncertain macroeconomic factors.

Earning reports to watch this coming week: $CYBR ( ▲ 1.4% ) and $RPD ( ▲ 1.89% )

Layoffs

  • CrowdSrike, a United States-based platform of endpoint detection and response (EDR) tools, laid off 500 people (5% of its workforce) due to streamlining operations and reducing costs. AI was mentioned on page 5 👀 (more)

🧩 Funding By Product Category

Click to see a larger version

  • $60.0M for Software Supply Chain Security across 1 deal

  • $7.0M for Secure Communications across 1 deal

  • $2.0M for Application Security across 1 deal

  • An undisclosed amount for Identity Governance & Administration (IGA) across 1 deal

🏢 Funding By Company

Product Companies:

Service Companies:

  • None

🌎 Funding By Country

Click to see a larger version

  • $60.0M for Israel across 1 deal

  • $7.0M for the United Kingdom across 1 deal

  • $2.0M for the United States across 1 deal

  • An undisclosed amount for Denmark across 1 deal

🤝 Mergers & Acquisitions

Product Companies:

  • spiderSilk, a United Arab Emirates-based continuous threat exposure management (CTEM) platform, was acquired by CPX for an undisclosed amount. spiderSilk had previously raised $11.3M in funding. (more)

Service Companies:

  • Datcom Cloud, an Australia-based managed security services provider (MSSP), was acquired by EFEX for an undisclosed amount. Datcom Cloud has not publicly disclosed any funding events. (more)

  • Nitra Security, a United States-based professional services firm focused on security engineering and compliance, was acquired by Qubika for an undisclosed amount. Nitra Security has not publicly disclosed any funding events. (more)

  • stackArmor, a United States-based professional services firm focused on cybersecurity and cloud compliance for the US federal sector, was acquired by Tyto Athene for an undisclosed amount. stackArmor has not publicly disclosed any funding events. (more)

  • Stratum Security, a United States-based professional services firm focused on application and cloud security services, was acquired by Cyber Advisors for an undisclosed amount. Stratum Security has not publicly disclosed any funding events. (more)

  • Triaplex, a United States-based professional services firm focused on network security for defense and military applications, was acquired by VT Group for an undisclosed amount. Triaplex has not publicly disclosed any funding events. (more)

  • Trustlink Technologies, a United States-based professional services firm focused on network security services, was acquired by Business Communications for an undisclosed amount. Trustlink Technologies has not publicly disclosed any funding events. (more)

📚 Great Reads

*Sponsored

🧪 Labs

Let’s get this intergalactic space bread

Security ROI > Coffee ROI

Get value every week? Back the mission.

Or forward this to someone smart.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using the Return on Security system.

  • Sometimes deal details, like who led the round, how much was raised, or the deal stage, may be updated after publication.

  • Let us know if you spot any errors, and we’ll fix them.

Reply

or to participate.