- Return on Security
- Posts
- 💰 Security, Funded #203 - Porto Folio Management
💰 Security, Funded #203 - Porto Folio Management
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of July 14, 2025.
Mike Privette
July 21, 2025 • Reading Time: 12 minutes
Security, Funded by Return on Security, is a weekly analysis of economic activity in the cybersecurity market. This week’s issue is brought to you by Maze and Prophet Security.
Hey there,
Hope you had a great weekend, and hello from sunny Portugal this week! 🇵🇹 I’ll be out here standing on business (😤 👊) for a bit and enjoying Porto for a short holiday. If you have any places I must see/drink/eat, send them my way!
I’ll be traveling for the next few weeks and look forward to seeing/meeting many of you out at Black Hat US this year.
Let’s get to it.
PARTNER
Why Vulnerability Management Is Failing Security Teams
Stop with the acronyms and focus on making teams more effective.
Most organizations have thousands - or even millions - of open vulnerabilities. Maybe 0.1% are real threats, but no one knows which ones. Adrian Jozwik, co-founder and CPO of Maze, has been obsessing over the problem and just published a blog on what he believes needs to change.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
Which of these security efforts has driven the most real impact in your org? |
Last issue’s vibe check:
Which security tradeoff is most underappreciated today?
🟨🟨🟨⬜️⬜️⬜️ Cost vs coverage (10)
🟨🟨🟨⬜️⬜️⬜️ Speed vs thoroughness (10)
🟩🟩🟩🟩🟩🟩 User experience vs security (25)
🟨🟨🟨🟨🟨⬜️ Innovation vs control (19)
🟨⬜️⬜️⬜️⬜️⬜️ Other (leave comment) (3)
67 Votes
No real contest last week with user experience (UX) vs. security taking the top spot. This one’s near and dear for me. Some of the biggest wins I’ve ever had in security came from just removing friction. It wasn’t by adding more controls, it was doing the “ugly” work and just making things suck less.
Bad UX is a silent killer. But when you fix it, even just a little it, you can get people on your side.
Some of the top comments from last week’s vibe check:
💬 “Maybe I’ve heard a few too many coworkers say “it doesn’t matter how intrusive it is, we’ll just scare them into compliance”. Cultures of fear suck though — both the experience and the innovation.”
💬 “Unbridled innovation without controls has led us to madness, stupidly.”
💰 Market Summary
Private Markets
15 companies from 6 countries raised $240.0M across 11 unique product categories
100% of funding went to product-based cybersecurity companies
4 companies were acquired or had a merger event across 4 unique product categories
Public Markets
No public cyber companies had an earnings report.
As of market close on July 18, 2025.
📸 YoY Snapshot
Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.
It’s really interesting to me how so many weeks look very similar year over year in terms of dollars raised and number of events. It’s almost like there’s some industry rhythm and an “invisible hand” moving the wheels of the market. Or maybe it’s just cyclical ahead of Black Hat US ¯\_(ツ)_/¯
M&A activity continues on its aggressive pace this year.
PARTNER
Smarter alert triage. Faster investigations. Powered by Prophet Security.
Cuts the noise. Surfaces what matters. Explains every decision.
SOC teams face the same inefficiencies: endless alert backlogs, hours spent on manual triage, investigation bottlenecks, and too much noise obscuring real threats.
Prophet Security delivers an Agentic AI SOC Analyst that acts as a force multiplier for security operations. It autonomously triages and investigates every alert in seconds, and delivers clear, explainable findings so your team can focus on real threats.
☎️ Earnings Reports
Earnings reports from last week: None
Earning reports to watch this coming week: None
🪦 Stop, Drop, Shut’em Down…
🧩 Funding By Product Category
$81.3M for Internet of Things (IoT) Security across 1 deal
$48.8M for Fraud and Financial Crime Protection across 2 deals
$32.2M for Threat Intelligence across 3 deals
$28.0M for Application Security across 1 deal
$23.0M for Threat & Vulnerability Management (TVM) across 2 deals
$13.5M for Security and Compliance Automation across 1 deal
$5.2M for Email Security across 1 deal
$4.2M for AI Privacy Assurance across 1 deal
$3.8M for Secure File Sharing across 1 deal
An undisclosed amount for Security Operations across 1 deal
An undisclosed amount for Brand Protection across 1 deal
🏢 Funding By Company
Product Companies:
Exein, an Italy-based firmware and Internet of Things (IoT) security platform, raised a $81.3M Series C from Balderton Capital. (more)
CertifID, a United States-based wire fraud protection and recovery service, raised a $47.5M Series C from Centana Growth Partners. (more)
iCOUNTER, a United States-based cyber threat intelligence platform, raised a $30.0M Series A from SYN Ventures. (more)
Crash Override, a United States-based application security platform, raised a $28.0M Seed from Google Ventures and SYN Ventures. (more)
Zip Security, a United States-based security and compliance automation platform for small businesses, raised a $13.5M Series A from Ballistic Ventures. (more)
Empirical Security, a United States-based platform offering AI models for threat and vulnerability management programs, raised a $12.0M Seed from Costanoa Ventures. (more)
Cogent Security, a United States-based AI-agent enabled threat and vulnerability management platform, raised a $11.0M Seed from Greylock. (more)
StrongestLayer, a United States-based AI-assisted email security platform, raised a $5.2M Seed from Sorenson Capital. (more)
Confident Security, a United States-based private cloud compute platform for enforcing data privacy with AI application interactions, raised a $4.2M Seed from South Park Commons, Ex Ante, Swyx, and Decibel Partners. (more)
Internxt, a Spain-based secure file storage and sharing platform, raised a $3.8M Venture Round from Prosegur Tech Ventures and Andorra Telecom. (more)
Whisper, a Netherlands-based predictive cyber threat intelligence platform, raised a $1.9M Pre-Seed from Atlas SGR. (more)
Deep Algorithms Solutions, an India-based fraud protection platform for financial institutions, raised a $1.3M Seed from Unicorn India Ventures. (more)
AVIEL Intelligence, a United Kingdom-based threat intelligence platform identifying fraud and scam networks for the financial services industry, raised a $335.3K Pre-Seed from Osney Capital. (more) (->Full Disclosure - I am a limited partner in this fund.)
Ldotr, an India-based brand monitoring and protection platform, raised an undisclosed Angel round. (more)
TandemTrace, a Spain-based agentic AI-enhanced security operations platform, raised an undisclosed Seed from Acurio Ventures and Adara Ventures. (more)
Service Companies:
None
🌎 Funding By Country
$151.4M for the United States across 8 deals
$81.3M for Italy across 1 deal
$3.8M for Spain across 2 deals
$1.9M for The Netherlands across 1 deal
$1.3M for India across 2 deals
$335.3K for the United Kingdom across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Redjack, a United States-based cyber attack surface management platform, was acquired by Lansweeper for an undisclosed amount. Redjack has not previously disclosed any funding events. (more)
Riskey, an Israel-based third-party vendor risk management platform, was acquired by Vanta for an undisclosed amount. Riskey has not previously disclosed any funding events. (more)
Service Companies:
DigitalXRAID, a United Kingdom-based managed security services provider (MSSP), was acquired by Limerston Capital for an undisclosed amount. DigitalXRAID has not previously disclosed any funding events. (more)
Enigma International, a United States-based professional services firm that provided cyber threat intelligence for national defense, was acquired by Sphinx for an undisclosed amount. Enigma International has not previously disclosed any funding events. (more)
📚 Great Reads
Debating AI with Marcus Hutchins: Part 1 - Marcus Hutchins and Daniel Miessler debate AI capabilities from nearly polar opposite ends.
The First Security Hire Rule of Thumb - When should you hire that first security person? Rami McCarthy gives us his take on when and why.
*A message from our partner
🧪 Labs
Good morning, say it back.
The lion IS the threat actor
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.
Reply