- Return on Security
- Posts
- 💰 Security, Funded #211 - Two AI Models Walk Into a Bar
💰 Security, Funded #211 - Two AI Models Walk Into a Bar
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of September 8, 2025.
Mike Privette
September 15, 2025 • Reading Time: 13 minutes
Hey -
I hope you had a great weekend!
Cybersec Netherlands was a great event last week, and I’m really glad I got the chance to give a keynote talk on the cybersecurity economy of Europe!
Stop me if you’ve heard this one before, “Two AI Models walk into a bar…”
I’ll try to pull together a post over the next few days to share the slides and recap the talk for anyone interested. Thanks to everyone who came up after the talk and to everyone who said hello!
PARTNER
Discover Every Identity. Protect Against Exposures. Defend With Speed.
Clarity and speed for identity and security teams
Permiso's platform unifies all identities (human, NHI, and AI) across all environments. Powered by a universal identity graph, we track activity, risk, and threats in real time, cutting investigations from hours to minutes by correlating logs and building timelines automatically.
This way, your team can focus on stopping threats instead of chasing data.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
How do you really feel about SOC 2 audits? |
Last issue’s vibe check:
Do you think 1-person security teams will become the norm as AI capabilities grow?
🟨🟨🟨🟨⬜️⬜️ ✅ Yes - AI will handle most tier-1/2 work
🟨🟨🟨⬜️⬜️⬜️ 🤔 For small companies only (<500 employees)
🟩🟩🟩🟩🟩🟩 ❌ No - security complexity keeps growing faster than AI
🟨🟨🟨🟨⬜️⬜️ ⚖️ Mixed - depends on the industry/risk profile
Looks like most people don’t see a 1-person, AI-driven security team happening, but the remaining votes are pretty split. This isn't really surprising, because we're living through a Genuine Inflection Point™️ where AI capabilities are advancing faster than most people and organizations can adapt.
Everyone is asking the question: "Will AI make me obsolete or supercharged?"
Some of the top comments from last week’s vibe check:
💬 “Sounds like an opportunity for a single point of failure to have a 1-person team.”
💬 “It’s going to start off at small companies and tech businesses, but I think leaner and leaner teams will become the norm with different types of leadership.”
💰 Market Summary
Private Markets
13 companies from 6 countries raised $170.5M across 12 unique product categories
Average deal size was $13.1M (median: $11.0M)
100% of funding went to product companies
5 companies from 2 countries were acquired for $1.2B
60% of M&A activity went to product companies
Public Markets
2 public cyber companies had an earnings report
As of market close on September 12, 2025.
📸 YoY Snapshot
Rolling 12-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.
Funding activity over the past 12 weeks totaled $5.7B across 145 deals (mean: $45.6M, median: $8.5M), representing a 75% increase compared to the same period last year when $3.2B was invested across 118 deals.
M&A activity remained strong with 72 acquisitions completed over the trailing 12 weeks (averaging 6.0 per week), an increase from the 59 acquisitions during the same period in the previous year.
PARTNER
Shadow IT May Hide – But Intruder Seeks
Intruder’s security team ran an experiment: how much Shadow IT could we uncover using only public data? The answer: way too much — from backups with live credentials to admin panels with no authentication.
If those assets never make it into your vulnerability management program, they stay invisible to you, but not to attackers. Intruder helps you discover them first and keep them secure. Read the full research to make sure your Shadow IT doesn’t make headlines.
☎️ Earnings Reports
This analysis is personal research and opinions only. This is not financial or investing advice. Do your own due diligence before making investment decisions.
Earnings reports from last week: $RBRK ( ▲ 1.48% ) and $SAIL ( ▲ 0.37% )
$RBRK ( ▲ 1.48% ) - BULL
Rubrik delivered a very strong Q2 with revenue growing 51% to $309.9M and subscription ARR reaching $1.25B (up 36% YoY!). The company's focus on combining data volume, data resiliency, and AI capabilities is clearly resonating, with its over 2,500 customers now spending >$100K annually. I think it’s safe to say the transition from a “pure backup play” into data security and adjacent areas has been a success.
While federal spending uncertainty was cited as a remaining headwind, Rubrik raised its forward-looking guidance, showing confidence in its expansion strategy. Rubrik’s CEO also mentioned the importance of “combining data and identity together,” as a potential bit of foreshadowing. 👀
The key question for investors is whether Rubrik can maintain this growth trajectory while scaling its AI initiatives, but Q2's results suggest they're executing well on both fronts.
$SAIL ( ▲ 0.37% ) - BULL
SailPoint had a strong quarter with ARR growing 30% to $925M, as momentum in enterprise identity governance (IGA) and machine identity security continues to grow. The big standout metric for me was the 62% growth in customers spending over $1M annually (!!). The platform is securing large customers and even larger deals, and hitting a 115% net revenue retention rate to boot (in world-class territory).
The company raised full-year ARR and revenue guidance, also feeling confident in its competitive position and ability to execute. It should also come as no surprise that Identity Security is still top of mind of CISOs and security leaders across the board.
Earning reports to watch this coming week:
🧩 Funding By Product Category
$48.6M for Endpoint Protection across 3 deals
$27.0M for Managed Detection and Response (MDR) across 1 deal
$20.0M for Secure Networking across 1 deal
$17.0M for Remote Browser Isolation across 1 deal
$13.0M for Email Security across 1 deal
$12.0M for Security Awareness across 1 deal
$11.0M for Non-Human Identity (NHI) Security across 1 deal
$7.0M for Security and Compliance Automation across 2 deals
$6.5M for AI Governance across 1 deal
$3.5M for Endpoint Detection and Response (EDR) across 1 deal
$2.7M for Threat Intelligence across 1 deal
$2.2M for Data Access Governance across 1 deal
🏢 Funding By Company
Product Companies:
Koi raised a $38.0M Series A from Battery Ventures and Team8 and a $10.0M Seed from NFX and Picture Capital. (more)
TENEX.AI, a United States-based managed threat detection and response (MDR) platform, raised a $27.0M Series A from Crosspoint Capital Partners. (more)
SSH Communication Security, a Finland-based secure networking and communications platform, raised a $20.0M Post-IPO Equity from Leonardo. (more)
Red Access, an Israel-based secure remote browsing platform, raised a $17.0M Series A from Norwest Venture Partners. (more)
AegisAI, a United States-based email security and incident response platform, raised a $13.0M Seed from Accel and Foundation Capital. (more)
Adaptive Security, a United States-based security awareness training platform for AI-enabled social engineering and deepfake attacks, raised a $12.0M Series A from OpenAI Startup Fund. (more)
Hush Security, an Israel-based non-human identity security platform that detects ephemeral and shadow identities, raised a $11.0M Seed from Battery Ventures and YL Ventures. (more)
Naq, a Netherlands-based security and compliance automation platform for healthcare operations, raised a $7.0M Series A from Automate Health and an undisclosed Secondary Market round. (more)
Geordie AI, a United Kingdom-based governance and monitoring platform for AI agents and autonomous workflows, raised a $6.5M Seed from General Catalyst and Ten Eleven Ventures. (more)
Nucleon Security, a France-based endpoint detection and response (EDR) platform, raised a $3.5M Seed from NewFund. (more)
Miru Labs, a United States-based agentic threat intelligence investigation platform, raised a $2.7M Pre-Seed from Dreamcraft, Cadenza Ventures, and Seedcamp. more
Aurva, a United States-based data security visibility and access control platform, raised a $2.2M Seed from Nexus Venture Partners. more
Passguard, a Netherlands-based platform that monitors dark web data for active infostealers on compromised endpoints, raised a $585.8K Pre-Seed from Dimitri van Zantvliet, Pieter Jansen, and Rogier Fischer. more
Service Companies:
None
🌎 Funding By Country
$76.0M for Israel across 4 deals
$56.9M for the United States across 5 deals
$20.0M for Finland across 1 deal
$7.6M for the Netherlands across 3 deals
$6.5M for the United Kingdom across 1 deal
$3.5M for France across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Nozomi Networks, a United States-based operational technology (OT) security platform for industrial control systems (ICS), was acquired by Mitsubishi Electric for $1.0B. Nozomi Networks had previously raised $266.0M in funding. (more)
CalypsoAI, a United States-based platform for protecting against adversarial machine learning (ML) attacks, was acquired by F5 for $180.0M. CalypsoAI had previously raised $46.5M in funding. (more)
Observo AI, a United States-based security data observability platform, was acquired by SentinelOne for an undisclosed amount. Observo AI had previously raised $15.0M in funding. (more)
Service Companies:
IAMConcepts, a Canada-based professional services firm focused on identity and access management, was acquired by Accenture for an undisclosed amount. IAMConcepts has not previously disclosed any funding events. (more)
Tech 2020 Solutions, a United States-based managed security services provider (MSSP), was acquired by Fairdinkum Consulting for an undisclosed amount. Tech 2020 Solutions has not previously disclosed any funding events. (more)
📚 Great Reads
The New Commandments of Security Teams - The most successful security teams have quietly rewritten the rules of how they operate.
Effective Cyber Marketing and Sales & Leadership - Chris Hughes and Andy Ellis discuss how security vendors can build effective marketing and sales teams.
*A message from our partner
🧪 Labs
This is the only kind of AI I’m interested in
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.
Reply