- Return on Security
- Posts
- 💰 Security, Funded #207 - New High Score!
💰 Security, Funded #207 - New High Score!
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of August 11, 2025.
Mike Privette
August 18, 2025 • Reading Time: 9 minutes
Security, Funded by Return on Security, is a weekly analysis of economic activity in the cybersecurity market. This week’s issue is brought to you by Palo Alto Networks and Maze.
Hey -
Hope you had a great weekend! I think I’m mostly recovered from Black Hat and all the jet lag now. 🥴
Well, friends, it’s official. Cybersecurity funding for 2025 has already officially surpassed ALL of the funding raised in 2024. That’s right, the industry has raised over $14 billion as of August 17, 2025, looking at both the private and public markets! 🤯
Much of the momentum has obviously been boosted by AI investments into the three buckets I’m seeing:
AI for Security
Security for AI
Security from AI
If you’re seeing other groupings, let me know!
Momentum doesn’t always necessarily translate into volume from a dollar's perspective, however, but AI is driving other parts of the ecosystem. AI is driving an increase in cloud and SaaS spending and adoption, which, in turn, is generating increased demand for cyber products and services across both AI and non-AI variations.
What a timeline to be alive in. Let’s get this bread, fam. 🥖
PARTNER
Redefining AppSec with the Industry’s Most Comprehensive Prevention-First ASPM
Cortex Cloud
AI-driven development is accelerating insecure code into production—and security teams can’t keep up. While shift-left aims to catch issues earlier, it often fails to prevent them from reaching production without slowing development.
Cortex Cloud breaks the cycle with a prevention-first approach powered by unified data from code to cloud to SOC. By correlating findings from AppSec scanners with cloud and runtime context, teams can stop chasing risks and start preventing them.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
How's your team handling the AI tool explosion? |
Last issue’s vibe check:
How does your team really prepare for budget season?
🟩🟩🟩🟩🟩🟩 Last year's plan + 10%
🟨🟨🟨🟨🟨⬜️ Ask ChatGPT / Claude
🟨🟨🟨🟨⬜️⬜️ Throw darts at vendor list
⬜️⬜️⬜️⬜️⬜️⬜️ Oprah Method - Everyone gets new tools
The fact that "It depends 2.0" won with 46% of votes is peak cybersecurity, honesty. We started in this world of cyber with "it depends" to acknowledging that we're running "it depends" as the actual operating model. The spreadsheet warriors coming in second (24%) confirm what we all know > Excel is the ultimate security platform. 🙄 (but for real 👀 ).
Some of the top comments from last week’s vibe check:
💬 “Most security teams cannot comprehend the idea of reducing costs or reusing existing budget to improve. It's always more more more... ”
💬 “😭” (lol)
💰 Market Summary
Private Markets
2 companies from 2 countries raised $69.0M across 2 unique product categories
Average deal size was $34.5M (median: $34.5M)
100% of funding went to product companies
4 companies from 3 countries were acquired for $336.0M
M&A activity was evenly split between product and service companies
1 company announced layoffs
Public Markets
No public cyber companies had earnings reports
As of market close on August 15, 2025.
📸 YoY Snapshot
Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.
Funding activity over the past 12 weeks totaled $6.9B across 153 deals (mean: $52.0M, median: $9.2M), representing a 132% increase compared to the same period last year when $3.0B was invested across 133 deals.
M&A activity remained strong, with 92 acquisitions completed over the trailing 12 weeks (averaging 7.7 per week). This represents a 77% increase from the 52 acquisitions during the same period in the previous year.
☎️ Earnings Reports
❌ Layoffs
F5, a United States-based networking and network security platform, laid off 106 employees, or 1.6% of its workforce, as part of a restructuring effort. (more)
🧩 Funding By Product Category
$67.0M for Passwordless Authentication across 2 deals
$2.0M for Operational Technology (OT) Security across 1 deal
🏢 Funding By Company
Product Companies:
1Kosmos, a United States-based passwordless authentication and multi-factor authentication (MFA) platform, raised a $57.0M Series B from Forgepoint Capital and Oquirrh Ventures and a $10.0M Debt Financing from Bridge Bank. (more)
BLUESKYTEC, a United Kingdom-based hardware and software security platform for operational technology and critical infrastructure, raised a $2.0M Venture Round from Maven Capital Partners. (more)
Service Companies:
None
🌎 Funding By Country
$67.0M for the United States across 2 deals
$2.0M for the United Kingdom across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Findings, a United States-based automated third-party risk assessment platform, was acquired by Diginex for $305.0M. Findings has not previously disclosed any funding events. (more)
Kondukto, a United States-based application security orchestration platform, was acquired by Invicti Security for an undisclosed amount. Kondukto had previously raised $1.0M in funding. (more)
Service Companies:
QinetiQ Group's - Federal Information Technology Services Business, a United Kingdom-based professional services firm focused on cybersecurity services for the U.S. federal sector, was acquired by V2X for $31.0M. QinetiQ Group's - Federal Information Technology Services Business has not previously disclosed any funding events. (more)
CyberCX, an Australia-based professional services firm focused on cyber threat assessments and compliance, was acquired by Accenture for an undisclosed amount. CyberCX has not previously disclosed any funding events. (more)
📚 Great Reads
State of Security Vendors - Black Hat 2025 - Andy Ellis pulls together his key takeaways and some visuals on the state of cybersecurity vendors at Black Hat USA 2025 by walking the floor, talking to people, and making notes. h/t to Lawrence Munro.
*The Flaw in Rule-Based Vulnerability Management - Rules flag every possible risk. Reasoning filters to the ones that matter - and the difference could decide whether you stop the next breach. Discover the real driver behind the next wave of vulnerability management.
AI is Eating Venture Capital - Jon Sakoda breaks down the VC Dry Powder Forecast when it comes to AI (which includes AI spend in Security) and how it will affect investors and startups.
*A message from our partner
🧪 Labs
Same as it ever was.
POV: your Cybersecurity team securing your AI workloads
— rekdt (@rekdt)
7:28 PM • Jul 7, 2025
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.
Reply