💰 Security, Funded #210 - Chasing the Puck

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of September 1, 2025.

Author

Mike Privette
September 08, 2025 • Reading Time: 13 minutes

Security, Funded by Return on Security, is a weekly analysis of the public and private economic activity in the cybersecurity market. This week’s issue is brought to you by Intruder, Nudge Security, and Palo Alto Networks.

Hey -

I hope you had a great weekend!

These past several weeks have been quite exciting in the cyber industry, with Q2 public earnings being in full swing and a slew of high-profile announcements.

It seems that just as quickly as the “AI for Security” and “Security for AI” companies hit the scene, they are being consolidated at a rapid pace. And so is just about anything in its adjacent path.

Anything that has a unique or novel dataset (Email Security), or anything that can control the integration, authentication, and authorization (IAM/PAM) choke points for AI workflows, is a really hot commodity right now. Earlier this year, and over the past two years, that “roll-up point” was heavily concentrated around data discovery and posture management.

The speed of the lifecycle of these deals is fast, even for cyber! The question now is - where is the puck going next?

I don’t think we’re in a bubble (and certainly less so than the overall AI market), but with AI in the mix with cyber, the reaction time to that question is getting shorter and shorter. ⌚️

Also, looking forward to being at Cybersec Netherlands this week. If you’re there and happen to see me, please stop me and say hello!

PARTNER

Shadow IT May Hide – But Intruder Seeks

Intruder’s security team ran an experiment: how much Shadow IT could we uncover using only public data? The answer: way too much — from backups with live credentials to admin panels with no authentication.

If those assets never make it into your vulnerability management program, they stay invisible to you, but not to attackers. Intruder helps you discover them first and keep them secure. Read the full research to make sure your Shadow IT doesn’t make headlines.

😎 Vibe Check

Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!

Do you think 1-person security teams will become the norm as AI capabilities grow?

Login or Subscribe to participate in polls.

Last issue’s vibe check:
How do you really use industry analyst reports?
🟨🟨🟨⬜️⬜️⬜️ 📊 Strategic guidance
🟩🟩🟩🟩🟩🟩 🎯 Vendor validation theater
🟨⬜️⬜️⬜️⬜️⬜️ 🔲 Expensive quadrant decoration
🟨🟨⬜️⬜️⬜️⬜️ 🔥 Monitor stand/kindling

Vendor validation theater crushed it last week with 44% of the votes (no surprise there). I thought strategic guidance might do a bit better, but apparently, most of us see analyst reports for what they really are.

I think the population of people who rely heavily on these kinds of reports is dwindling in our industry, especially with the rise of smaller and independent platforms and other media formats. I don’t think it’s “done done” by any means, and I think reports like those can still be valuable in the right context.

Some of the top comments from last week’s vibe check:

💬 “I still read the Gartner reports, but not for the reasons the vendors think. I use them to understand what I’m going to be pitched and what questions my board is going to ask after they talk to their golf buddies.”

💰 Market Summary

Private Markets

  • 11 companies from 4 countries raised $259.4M across 10 unique product categories

  • Average deal size was $32.4M (median: $27.5M)

  • 100% of funding went to product companies

  • 6 companies from 5 countries were acquired for $150.0M

  • 67% of M&A activity went to product companies

Public Markets

  • 1 public cyber company had an earnings report

As of markets close on September 5, 2025.

📸 YoY Snapshot

Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.

Funding activity over the past 12 weeks totaled $5.5B across 134 deals (mean: $48.4M, median: $7.0M), a 59% increase compared to the same period last year when $3.4B was invested across 117 deals.

M&A activity remained robust with 77 acquisitions completed over the trailing 12 weeks (averaging 6.4 per week), a 40% increase from the 55 acquisitions during the same period in the previous year.

PARTNER

The SaaS supply chain is a hot mesh

Why the Salesloft Drift breach should be a wake-up call

In the recent Salesloft Drift breach, attackers didn’t break into Salesforce directly. Instead, they exploited OAuth tokens from a trusted app integration (Drift) to quietly exfiltrate sensitive data from hundreds of organizations.

This incident underscores how fragile and over-trusted today’s web of SaaS and AI integrations has become, and why organizations need to rethink how they secure it.

☎️ Earnings Reports

This analysis is personal research and opinions only. This is not financial or investing advice. Do your own due diligence before making investment decisions.

Earnings reports from last week: $ZS ( ▲ 0.77% ) 

Zscaler delivered a strong Q4 with revenue growing 21% to $772M, operating margins hitting a record 22.1%, and ARR surpassing $3B (!) while noting that nearly 40% of Global 2000 companies are customers.

Zscaler also mentioned strong growth in its zero-trust, data protection, and AI Security use cases, and increased its forward-looking guidance, but cited that macro uncertainty continues to impact deal cycles. Even still, the stock rallied post-earnings call as investors are optimistic about the organic growth trajectory.

Zscaler continues to show up and make the AI Security use case that many large organizations want to follow → Let’s wait until our incumbent vendors acquire or “turn on” the new capabilities we need instead of taking a chance on an unproven startup.

Earning reports to watch this coming week: $RBRK ( ▲ 6.2% ) and $SAIL ( ▲ 1.82% )

🧩 Funding By Product Category

  • $75.0M for Operational Technology (OT) Security across 1 deal

  • $67.5M for Fraud and Financial Crime Protection across 2 deals

  • $50.0M for Secure Access Service Edge (SASE) across 1 deal

  • $35.0M for Security Operations across 1 deal

  • $20.0M for Breach & Attack Simulation (BAS) across 1 deal

  • $10.0M for Threat Informed Defense (TID) across 1 deal

  • $1.9M for Deepfake Detection across 1 deal

  • An undisclosed amount for Professional Services across 1 deal

  • An undisclosed amount for Endpoint Detection and Response (EDR) across 1 deal

  • An undisclosed amount for Identity and Access Management (IAM) across 1 deal

🏢 Funding By Company

Product Companies:

Service Companies:

🌎 Funding By Country

  • $170.0M for the United States across 7 deals

  • $85.0M for Israel across 2 deals

  • $2.5M for Australia across 1 deal

  • $1.9M for Germany across 1 deal

🤝 Mergers & Acquisitions

Product Companies:

  • SlashNext, a United States-based email security platform, was acquired by Varonis Systems for $150.0M. SlashNext had previously raised $40.5M in funding. (more)

  • Aim Security, an Israel-based Holistic GenAI Security Platform, was acquired by Cato Networks for an undisclosed amount. Aim Security had previously raised $28.0M in funding. (more)

  • BlackDuck’s Application Security Testing (AST) services business was acquired by UltraViolet Cyber for an undisclosed amount. BlackDuck had previously raised $82.5M in funding.

  • SecuritySide, a Portugal-based privileged access and multi-factor authentication platform, was acquired by ebankIT for an undisclosed amount. SecuritySide has not previously disclosed any funding events. (more)

Service Companies:

  • Cloud4C, a Singapore-based professional services firm focused on cloud security and disaster recovery, was acquired by Capgemini for an undisclosed amount. Cloud4C has not previously disclosed any funding events. (more)

  • The DPO Centre, a United Kingdom-based professional services firm focused on data privacy consulting and Data Protection Officers (DPOs) as a service, was acquired by Axiom GRC for an undisclosed amount. The DPO Centre has not previously disclosed any funding events. (more)

📚 Great Reads

  • How to Change Your Life using Punctuated Equilibrium - Something a bit from left-field this week - I found this to be a really interesting piece about how making progress on things in life and in your career rarely goes the way you expect, but how you're in good company with evolution.

  • *AppSec’s New Horizon - AI-driven development is accelerating insecure code into production, and shift-left efforts are stalling at detection. Join “AppSec’s New Horizon” for a prevention-first blueprint, powered by Unit 42® research + insights from Palo Alto Networks.

  • Betting on yourself and building a $40B+ Zero Trust giant in Zscaler - Inside the Network sat down with Jay Chaudhry, founder and CEO of Zscaler, to talk about his origin story and how he founded and scaled Zscaler to the company it is today

*A message from our partner

🧪 Labs

Maybe they used MCPs instead??

Security ROI > Coffee ROI

Get value every week? Back the mission.

Or send your smart friends a referral.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using the Return on Security system.

  • Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.

  • Let us know if you spot any errors, and we’ll fix them.

Reply

or to participate.