- Return on Security
- Posts
- 💰 Security, Funded #206 - Cyber Stacked the Deck
💰 Security, Funded #206 - Cyber Stacked the Deck
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of August 4, 2025.
Mike Privette
August 11, 2025 • Reading Time: 12 minutes
Security, Funded by Return on Security, is a weekly analysis of economic activity in the cybersecurity market. This week’s issue is brought to you by Maze and Nudge Security.
Hey there,
Hope you had a great weekend, and what a week it was at Black Hat!
From emceeing the Innovators & Investors Summit (with summary write-up), to co-hosting the Decibel Founder "Oasis" party, and meeting and catching up with so many people, it was truly a blast. I always leave these events completely exhausted, but wishing I’d spent more days there and more time connecting with everyone.
It’s events like these that keep the cybersecurity industry moving forward, and I’m already planning the next one.
Never bet against the Cyber House. ♠️ 💪
PARTNER
Why Vulnerability Management Is Failing Security Teams
Stop with the acronyms and focus on making teams more effective.
Most organizations have thousands - or even millions - of open vulnerabilities. Maybe 0.1% are real threats, but no one knows which ones. Adrian Jozwik, co-founder and CPO of Maze, has been obsessing over the problem and just published a blog on what he believes needs to change.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
How does your team really prepare for budget season? |
Last issue’s vibe check:
What’s your real security operating model?
🟨⬜️⬜️⬜️⬜️⬜️ Panic-driven planning
🟨🟨🟨⬜️⬜️⬜️ Spreadsheets
🟩🟩🟩🟩🟩🟩 “It depends” 2.0
🟨🟨⬜️⬜️⬜️⬜️ Ctrl-F in a PDF
The fact that "It depends 2.0" won with 46% of votes is peak cybersecurity, honesty. We started in this world of cyber with "it depends" to acknowledging that we're running "it depends" as the actual operating model. The spreadsheet warriors coming in second (24%) confirm what we all know > Excel is the ultimate security platform. 🙄 (but for real 👀 ).
Some of the top comments from last week’s vibe check:
💬 We rely a lot on (inadequate) built-in features and deal with things as they come. Hard to be proactive when things change too often to even panic-plan.
💬 "We're investigating" = spreadsheets. "We have a plan" = spreadsheets. "We use a proprietary platform with integrated intelligence and ticketing" = 12 spreadsheets in a trench coat, don't @ me.
💰 Market Summary
Private Markets
12 companies from 7 countries raised $56.8M across 9 unique product categories
Average deal size was $5.2M (median: $2.4M)
80% of funding went to product companies
6 companies from 3 countries were acquired for $250.0M
83% of M&A activity went to product companies
Public Markets
4 public cyber companies had earnings reports
📸 YoY Snapshot
Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.
Funding activity over the past 12 weeks totaled $7.6B across 171 deals (mean: $51.8M, median: $9.8M), representing a 172% increase compared to the same period last year.
M&A activity remained robust, with 95 acquisitions completed over the trailing 12 weeks (averaging 7.9 per week). This represents a 76% increase from the 54 acquisitions during the same period in the previous year.
PARTNER
How to remove Otter AI from your org
Your AI notetaker has just joined... but did anyone invite it?
AI notetakers like Otter AI spread fast. In fact, one Nudge Security customer discovered 800 new accounts created in only 90 days. 😱 Viral AI notetakers introduce a slew of data privacy risks by gaining access to calendars and adding themselves to every meeting.
Learn how to find and remove viral AI notetakers.
☎️ Earnings Reports
🧩 Funding By Product Category
$18.9M for Secure Networking across 1 deal
$10.8M for Managed Security Services Provider (MSSP) across 4 deals
$10.0M for Security and Compliance Automation across 1 deal
$6.6M for Mobile Application Security across 1 deal
$5.9M for Cyber Insurance across 1 deal
$2.4M for Continuous Threat Exposure Management (CTEM) across 1 deal
$1.3M for AI Security across 1 deal
$445.0K for Smart Contract Security across 1 deal
$420.0K for Secure Communications across 1 deal
🏢 Funding By Company
Product Companies:
FORT Robotics, a United States-based secure network communication platform for autonomous machines, raised a $18.9M Series B from Tiger Global Management. (more)
Vendict, an Israel-based security questionnaire review and automation platform, raised a $10.0M Series A from JAL Ventures and Moneta VC. (more)
Approov, a Scotland-based mobile application and API security platform, raised a $6.6M Series A from Maven Capital Partners. (more)
Mitigata, an India-based cyber risk insurance platform, raised a $5.9M Series A from Nexus Venture Partners. (more)
WiseBee, a United States-based continuous threat exposure management platform, raised a $2.4M Pre-Seed from Frontline Ventures and BrightCap Ventures. (more)
Aim Intelligence, a South Korea-based threat detection, red teaming, and security platform for AI models, raised a $1.3M Pre-Series A from Mirae Asset Capital. (more)
Hedy Cyber, a United States-based secure communications platform, raised a $420.0K Seed.
Service Companies:
CISO Global, a United States-based managed compliance and cybersecurity services company, raised a $9.0M Post-IPO Equity. (more)
Cycurion, a United States-based managed security services provider (MSSP), raised a $1.0M Post-IPO Equity from iQSTEL. (more)
OneClickComply, a United Kingdom-based managed security services provider (MSSP) focused on automated compliance, raised a $772.6K Seed from Northstar Ventures. (more)
Vital Block Security, a Canada-based smart contract security auditing platform, raised a $445.0K Seed from Circle.
Ostra Cybersecurity, a United States-based managed security services provider (MSSP), raised an undisclosed Series A from General Catalyst and Rally Ventures. (more)
🌎 Funding By Country
$31.8M for the United States across 6 deals
$10.0M for Israel across 1 deal
$6.6M for Scotland across 1 deal
$5.9M for India across 1 deal
$1.3M for South Korea across 1 deal
$772.6K for the United Kingdom across 1 deal
$445.0K for Canada across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Prompt Security, a United States-based browser extension platform protecting against sensitive data usage and attacks in generative AI applications, was acquired by SentinelOne for $250.0M. Prompt Security had previously raised $23.0M in funding. (more)
Kosai, a United States-based open-source software supply chain security platform, was acquired by Root.io for an undisclosed amount. Kosai has not previously disclosed any funding events. (more)
Mirato, an Israel-based vulnerability management platform that discovers, prioritizes, and remediates security vulnerabilities, was acquired by Sayari Labs for an undisclosed amount. Mirato has not previously disclosed any funding events. (more)
Risk Assure, a United States-based security questionnaire review and automation platform, was acquired by Wisr AI for an undisclosed amount. Risk Assure has not previously disclosed any funding events. (more)
Blackwell Security, a United States-based managed extended detection and response (XDR) for healthcare organizations, was acquired by Ostra Cybersecurity for an undisclosed amount. Blackwell Security had previously raised $13.0M in funding. (more)
Service Companies:
Seamless Intelligence, an Australia-based managed security services provider (MSSP), was acquired by Bastion Security Group for an undisclosed amount. Seamless Intelligence has not previously disclosed any funding events. (more)
📚 Great Reads
AI versus Industry Analysts - Oliver Rochford shares his take on why AI probably won't be taking over the role of Industry Analysts anytime soon.
How Much Capital Does It Take for a Cybersecurity Company to Go Public? - Cole Grolmus shares a data-driven analysis of funding trends and outcomes for cybersecurity's public and later-stage companies.
*A message from our partner
🧪 Labs
Go on, I’ll wait. 🧐 🧠 💡
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.
Reply