💰 Security, Funded #213 - Firefighting vs Fire Prevention

Hey -

I hope you had a great weekend!

Look, ma, new charts! 📊 

I’ve been working on creating higher-quality visuals for the newsletter, so while I’m in Build Mode, please let me know if there is any new data or charts you’d like to see. Making these charts has reminded me of one of my favorite quotes:

“What’s in a chart? That which we call unstructured data by any other name would be transformed into actionable insights to align stakeholders.”

_{^{Gotta love the classics}}

Also, an open call - if you’re at a VC or PE firm and you’ve raised a new fund this year to invest (mostly) in cyber, I want to hear about it and will start tracking these as I capture more of what runs the cybersecurity economy.

💡 _{Share the newsletter in one click}

😎 Vibe Check

Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!

Last issue’s vibe check:
How would you honestly describe your AI governance right now?
🟩🟩🟩🟩🟩🟩 📋 Basic guidelines that hopefully someone follows
🟨🟨🟨⬜️⬜️⬜️ 🤞 "Use your best judgment" approach
🟨🟨🟨⬜️⬜️⬜️ 📊 Comprehensive policies with regular reviews
🟨🟨🟨🟨⬜️⬜️ 🆘 What governance? We're just trying to keep up!

Well, it seems that the future is here, it’s just not evenly distributed. Not when it comes to the matter of AI Governance, at least. I think a “basic guidelines” approach is a great place to start, so long as you work to find and understand what people are actually using. Otherwise, you’re just wishing things would go the right way.

I know this is a fast-moving space, and over the next few weeks, we’re going to explore it further and collectively gain a better understanding of AI Governance. Let’s get this bread together, family. 🥐 😤 👊 

Some of the top comments from last week’s vibe check:

💬 "Too busy firefighting to do fire prevention.”

💰 Market Summary

📸 YoY Snapshot

Funding activity over the past 12 weeks totaled $3.9B across 153 deals (mean: $29.2M, median: $7.0M), representing a 19% increase compared to the same period last year, when $3.3B was invested across 121 deals.

M&A activity remained strong with 75 acquisitions completed over the trailing 12 weeks (averaging 6.2 per week), a 32% increase from the 57 acquisitions during the same period in the previous year.

_{Partner With Us}

☎️ Earnings Reports

🧩 Funding By Product Category

• $35.0M for AI Security across 1 deal

• $16.0M for Penetration Testing across 1 deal

• $10.0M for Data Loss Prevention (DLP) across 1 deal

• $8.2M for Cybersecurity Education & Training across 1 deal

• $7.0M for Fraud and Financial Crime Protection across 1 deal

• $6.0M for Confidential Computing across 1 deal

• $5.0M for Managed Security Services Provider (MSSP) across 1 deal

• $3.5M for Security and Compliance Automation across 1 deal

• $2.6M for Continuous Threat Exposure Management (CTEM) across 1 deal

• $1.3M for Digital Footprint Management across 1 deal

🏢 Funding By Company

Product Companies:

• Obot AI, a United States-based open-source control plane to manage and secure MCP servers, raised a $35.0M Seed from Mayfield Fund and Nexus Venture Partners. (more)

• Prelude, a United States-based automated security testing platform, raised a $16.0M Venture Round from Brightmind Partners. (more)

• InCountry, a United States-based data loss prevention platform for agentic AI workflows, raised a $10.0M Venture Round from Arbor Ventures. (more)

• revel8, a Germany-based real-time cybersecurity training and attack simulation platform, raised a $8.2M Seed from Peak. (more)

• Cloudburst Technologies, a United States-based cyber threat intelligence and fraud detection for cryptocurrency transactions, raised a $7.0M Series A from Borderless Capital. (more)

• Belfort, a United States-based encrypted confidential computing platform, raised a $6.0M Seed from Vsquared Ventures. (more)

• Mycroft, a Canada-based agentic AI platform supporting security and compliance automation, raised a $3.5M Seed from Luge Capital. (more)

• SafeHill, a United States-based continuous threat exposure management platform, raised a $2.6M Pre-Seed from Mucker Capital. (more)

• Lifeguard, a United States-based digital footprint management and anti-fraud platform, raised a $1.3M Seed from ScOp Venture Capital. (more)

Service Companies:

• Unit 221b, a United States-based managed security services and penetration testing firm, raised a $5.0M Seed from J2 Ventures. (more)

🌎 Funding By Country

• $82.9M for the United States across 8 deals

• $8.2M for Germany across 1 deal

• $3.5M for Canada across 1 deal

🤝 Mergers & Acquisitions

Product Companies:

• MarkMonitor, a United States-based brand fraud and abuse monitoring platform, was acquired by Com Laude for $450.0M. MarkMonitor had previously raised $45.4M in funding. (more)

• Seckiot, a France-based operational technology security platform, was acquired by Seclab for an undisclosed amount. Seckiot has not previously disclosed any funding events. (more)

• Allseek, a Belgium-based continuous penetration testing platform, was acquired by Aikido Security for an undisclosed amount. Allseek has not previously disclosed any funding events. (more)

• Haicker, a Switzerland-based continuous AI penetration testing platform, was acquired by Aikido Security for an undisclosed amount. Haicker had previously raised $260159 in funding. (more)

Service Companies:

• RangeForce, a United States-based cyber defensive education and training platform, was acquired by Cyberbit for an undisclosed amount. RangeForce had previously raised $38.1M in funding. (more)

• Security Compliance Associates, a United States-based professional services firm focused on security and compliance assessments, was acquired by 360 Advanced for an undisclosed amount. Security Compliance Associates has not previously disclosed any funding events. (more)

📚 Great Reads

🧪 Labs