• Return on Security
  • Posts
  • 💰 Security, Funded #218 - Earnings [Season] Has Entered the Chat

💰 Security, Funded #218 - Earnings [Season] Has Entered the Chat

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of October 27, 2025.

Author

Mike Privette
November 03, 2025 • Reading Time: 14 minutes

Security, Funded by Return on Security, is a weekly analysis of the public and private economic activity in the cybersecurity market. This week’s issue is brought to you by Red Sift and Island.

Hey -

I hope you had a great weekend.

Last week, the U.S. Federal Reserve cut interest rates by a quarter of a percent, signaling a pause to the quantitative tightening efforts, and the Q3 Earnings Season for publicly traded cyber companies started up.

Talk about a great week for nerds like me everyone!

PARTNER

Protect Your Org from Multi-Channel Impersonation

Red Sift

From inbox to Instagram, bad actors are impersonating organizations across email, web, and social media to deceive customers and partners.

Join Red Sift on November 13 to learn how to protect your org from impersonation attacks stemming from email, lookalike domains, forgotten DNS records, and fake social profiles.

😎 Vibe Check

Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!

How often do you feel like you're winging it in security?

Login or Subscribe to participate in polls.

Last issue’s vibe check:
After this week's AWS outage, how's your cloud trust level?
🟩🟩🟩🟩🟩🟩 Still all-in on cloud
🟨⬜️⬜️⬜️⬜️⬜️ Suddenly interested in on-prem again
🟨🟨🟨⬜️⬜️⬜️ Already multi-cloud for this reason
🟨🟨🟨⬜️⬜️⬜️ What outage? (Built different 😤)

The cloud goes down, but almost half of the people who responded didn’t even blink an eye. 😳

Even if the cloud goes down for half the world, for some, it’s still far better than the overhead, cost, and expertise needed to manage your own private infrastructure. I can envision a whole slew of security startups being formed in garages right now that can help fight off some of these future problems. 🥹

Some of the top comments from last week’s vibe check:

💬 “Still felt a little pain in the 3rd (and subsequent 4th) party ecosystem, but could've been worse!”

💬 “Can't get away from it at this point...”

💰 Market Summary

Private Markets

  • 21 companies from 6 countries raised $391.4M across 17 unique product categories

  • Average deal size was $30.1M (median: $11.3M)

  • 90% of funding went to product companies

  • 5 companies from 5 countries were acquired for $2.2B

  • 60% of M&A activity went to product companies

  • 1 company announced layoffs

  • 1 company shut down

Public Markets

  • 3 public cyber companies had an earnings report

📸 YoY Snapshot

Rolling 13-week charts that compare funding and acquisitions weekly in a year-over-year (YoY) view between 2024 and 2025.

Funding activity over the past 13 weeks totaled $2.7B across 156 deals (mean: $21.3M, median: $10.0M), an 11% decrease compared to the same period last year.

M&A activity remained moderately strong with 81 acquisitions completed over the trailing 13 weeks (averaging 6.8 per week), a 21% increase from the 67 acquisitions during the same period in the previous year.

PARTNER

Turn shadow AI into managed AI

Sometimes changing one thing, changes everything.

Is your private corporate data training public LLMs?

Most likely. Island found that 1/4 of AI chatbot users send work files to personal accounts.

The reason: the place we work with AI wasn't designed to work with AI.

But what if it was?

Island’s Enterprise Browser protects data at the prompt level, before data and files enter AI engines. Users safely work with any AI app – corporate or personal – ending AI anarchy.

☎️ Earnings Reports

This analysis is personal research and opinions only. This is not financial or investing advice. Do your own due diligence before making investment decisions.

Earnings reports from last week: $CHKP ( ▼ 0.7% ), $TENB ( ▼ 0.62% ), $VRNS ( ▲ 1.5% )

Check Point had a very strong quarter and posted its strongest billings growth in over a decade. While revenue only grew about 7%, there was an acceleration in all the main products across all major geographies, signaling that Nadav Zafrir’s plans are gaining traction.

Check Point closed the Lakera acquisition to complete its "full-stack AI security platform," achieved FedRAMP authorization for federal expansion, and is focusing on growing the portfolio through partnerships.

In my view, this is all good groundwork to ramp up revenue growth and capture more market share, and I think they’re just getting started,

Tenable delivered a pretty solid quarter with revenue growing 11% to $252.4M and operating margins growing considerably. Tenable also noted that the Tenable One platfor now represents 40% of its new business, and it added 437 new enterprise customers, a 13% YoY increase.

A point I’ll continue watching going forward is the strength of Tenable’s net dollar retention. Companies that report a 115-120%+ range are growing quickly, and anything under this means there’s a struggle to expand the existing customer base (the “land and expand” motion).

Tenable has historically relied heavily on the U.S. Federal sector to drive a large portion of its revenue. When asked directly about the U.S. Government shutdown and the large number of layoffs in federal agencies, Tenable noted it had no concerns about revenue or future business in the government.

Tenable also appointed a new CFO this past quarter, so I expect these numbers to start moving around by Q1 2026 as they attempt to make the growth acceleration story a reality.

Varonis didn’t have the best of times with its Q3 2205 earnings call. It narrowly met its earnings guidance for the quarter, lowered the guidance for the full fiscal year (two things investors don’t like), and said that renewals had contracted for its on-prem business and not yet picked up in its SaaS business. As a result, the stock dropped a whopping 45% after the earnings call.

To make matters even more tricky, Varonis also announced a 5% workforce reduction a few days later, and the stock dropped even further. Things I’ll be watching for are rebounds in federal spending (assuming the U.S. Government opens back up), renewal rates, and net revenue retention.

This was quite the reset quarter, but I don’t think it was the death knell. A down quarter is nothing over the long term, however, and Varonis just has to show any traction in the Q4 report to see things rebound back up.

Earning reports to watch this coming week: $FTNT ( ▼ 0.63% ), $RPD ( ▼ 0.22% ), $QLYS ( ▲ 0.38% ) 

🪦 Stop, Drop, Shut’em Down…

  • Cortanix, an Israel-based observability and security analytics platform, shut down operations. Cortanix had previously raised $21M in funding. (more)

Layoffs

  • Varonis, a United States-based data protection platform, laid off 120 employees, or 5% of its workforce, due to market conditions. (more)

🧩 Funding By Product Category

  • $150.0M for Email Security across 1 deal

  • $79.0M for Identity and Access Management (IAM) across 1 deal

  • $39.0M for Cybersecurity Education & Training across 2 deals

  • $35.2M for Security and Compliance Automation across 2 deals

  • $28.4M for Network Security across 3 deals

  • $22.0M for Continuous Threat Exposure Management (CTEM) across 1 deal

  • $11.3M for Identity Threat Detection and Response (ITDR) across 2 deals

  • $10.0M for Continuous Controls Monitoring (CCM) across 1 deal

  • $9.5M for AI Privacy Assurance across 1 deal

  • $3.5M for Payment Security across 1 deal

  • $3.5M for Security Operations across 2 deals

  • An undisclosed amount for Fraud and Financial Crime Protection across 1 deal

  • An undisclosed amount for Threat and Risk Prioritization across 1 deal

  • An undisclosed amount for Secure Communications across 1 deal

  • An undisclosed amount for Governance Risk and Compliance (GRC) across 1 deal

  • An undisclosed amount for AI Adversary Simulation across 1 deal

  • An undisclosed amount for Data Access Governance across 1 deal

🏢 Funding By Company

Product Companies:

  • Sublime Security, a United States-based email security and incident response platform, raised a $150.0M Series C from Georgian. (more)

  • ConductorOne, a United States-based identity and access posture management platform, raised a $79.0M Series B from Greycroft. (more)

  • SimSpace, a United States-based hands-on cybersecurity training platform for government and military operations, raised $39.0M Venture Round from Communitas Capital Partners. (more)

  • Formalize, a Denmark-based security, privacy, and compliance automation platform, raised a $35.0M Series B from Acton Capital, BlackFin Capital Partners. (more)

  • Reflectiz, an Israel-based continuous threat exposure management platform, raised a $22.0M Series B from Fulcrum Equity Partners. (more)

  • CyberRidge, an Israel-based hardware security and encryption platform for optical networks, raised $16.0M Series A from Arkin Capital and $10.0M Seed from Awz Ventures. (more)

  • WideField Security, a United States-based identity threat detection and response platform, raised a $11.3M Series A from Crosspoint Capital Partners. (more)

  • Spektrum, a United States-based continuous controls monitoring platform, raised a $10.0M Seed. (more)

  • Polygraf, a United States-based platform allowing AI workloads to work with privacy-protected data in a secure manner, raised a $9.5M Seed from Allegis Capital. (more)

  • SecurePII, an Australia-based payment security platform for redacting PII from voice calls, raised a $3.5M Seed from Tidal Ventures. (more)

  • RedCarbon, an Italy-based AI-augmented security operations platform, raised a $3.5M Series A from Azimut Group. (more)

  • VeriQuantix, an Australia-based optical communication network security platform, raised a $2.4M Seed from Uniseed. (more)

  • ComplyJet, a United States-based security and compliance automation platform, raised a $250.0K Pre-Seed from Abhiraj Singh Bhal and Varun Khaitan.

  • Conifers.Ai, a United States-based AI-agent-enabled security operations platform, raised an undisclosed Private Equity Round from Washington Harbour Partners. (more)

  • Hoop.dev, a United States-based data access governance and compliance platform, raised an undisclosed Seed from Venture Guides. (more)

  • nSure.ai, an Israel-based anti-fraud and financial crime platform., raised an undisclosed Non-Equity Assistance from Deloitte Launchpad. (more)

  • Onyxia, a United States-based threat and risk prioritization platform, raised an undisclosed Non-Equity Assistance from Deloitte Launchpad.

  • Orchid Security, a United States-based identity threat detection and response (ITDR) platform, raised an undisclosed Non-Equity Assistance from Deloitte Launchpad.

  • RiPSIM Technologies, a United States-based secure software-defined cellular network platform, raised an undisclosed Seed from Swisscom Ventures.

  • Satark AI, an India-based AI agent-driven governance, risk, and compliance management platform, raised an undisclosed Pre-Seed from Infynno Solutions. (more)

  • Terra Security, a United States-based adversarial AI simulation and red teaming platform, raised an undisclosed Non-Equity Assistance from Deloitte Launchpad.

Service Companies:

  • None

🌎 Funding By Country

  • $299.1M for the United States across 14 deals

  • $48.0M for Israel across 4 deals

  • $35.0M for Denmark across 1 deal

  • $5.9M for Australia across 2 deals

  • $3.5M for Italy across 1 deal

  • An undisclosed amount for India across 1 deal

🤝 Mergers & Acquisitions

Product Companies:

  • Jamf, a United States-based mobile device management (MDM) platform, was acquired by Francisco Partners for $2.2B. Jamf had previously raised $332.2M in funding. (more)

  • Intangic, a Luxembourg-based third-party cyber risk management platform, was acquired by Searchlight Cyber for an undisclosed amount. Intangic has not previously disclosed any funding events. (more)

  • Keyless, a United Kingdom-based passwordless authentication platform, was acquired by Ping Identity for an undisclosed amount. Keyless had previously raised $43.0M in funding. (more)

Service Companies:

  • Intellisync, an Italy-based managed security services provider, was acquired by Yokogawa Electric Corp. for an undisclosed amount. Intellisync has not previously disclosed any funding events. (more)

  • Netbr, a Brazil-based professional services company focused on security compliance and automation, was acquired by SEK Security Ecosystem Knowledge for an undisclosed amount. Netbr has not previously disclosed any funding events. (more)

📚 Great Reads

*A message from our partner

🧪 Labs

Man, I hope you’re all aware now!

Security ROI > Coffee ROI

Get value every week? Back the mission.

Or send your smart friends a referral.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using the Return on Security system.

  • Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.

  • Let us know if you spot any errors, and we’ll fix them.

Reply

or to participate.