Security, Funded by is a weekly intelligence briefing of the public and private economic activity in the cybersecurity market. This week’s issue is brought to you by Prowler.
We made it, folks, we finally defeated January!
And just in time, too, because it’s time to brace yourselves. 2026 RSA Conference party invites are on the way. Speaking of, I’m cohosting another one this year and would love to hang out with you there. Sign up here!
Also, the Q4 2025 Cyber Earnings Season starts this week, so be on the lookout for this week to see just how the major players closed out their years.
PARTNER
Prowler: The World’s Most Widely Adopted Open Cloud Security Platform
Trusted by modern cloud security teams, Prowler detects vulnerabilities and misconfigurations, prioritizes risk, accelerates remediation, and automates audit-ready compliance. Built on open source, Prowler Cloud delivers cloud security that’s 10x more cost-effective than alternatives
Ask Lighthouse AI security questions like a trusted colleague and cut remediation time by over 80%.
With 40M+ downloads, 12K+ GitHub stars, and 300+ contributors, Prowler is the open standard for cloud security.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
How are we feeling about OpenClaw and Moltbook, fam?
Last issue’s vibe check:
How much do you actually care if a security product is using AI vs. not?
⬜️⬜️⬜️⬜️⬜️⬜️ It's a key factor
🟩🟩🟩🟩🟩🟩 Only if it's actually better
🟨🟨🟨🟨⬜️⬜️ I don't care, just show me it works
🟨🟨🟨⬜️⬜️⬜️ AI claims make me more suspicious
Last week’s poll showed that most people really only care about AI if it’s actually better than the current way they’re doing things, or so long that it works. There was also a healthy bit of skepticism about AI claims in general, which is no surprise given how fast things are moving in this space (see today’s vibe check).
What matters now is integrating into the AI-driven ways of working, not the other way around. If it fits without breaking the way practitioners want to work now, and without causing them to open more browser tabs, the better off things will be accepted.
Some of the top comments from last week’s vibe check:
💬 “Too many vendors are just slapping 'This product has so much AI in it ‘ and not enough actual value proposition.”
💬 “Software vendors - just prove the capabilities, I don’t care about the underlying tech as long as it fits in my environment.”
💬 “It’s much more of a data issue - are you creating/collecting/using proprietary data or are you enriching/processing differently to power your AI?”
💰 Market Summary
Private Markets
11 companies from 5 countries raised $403.8M across 10 unique product categories
Average deal size was $44.9M (median: $10.0M)
100% of funding went to product companies
3 companies from 3 countries were acquired for $37.5M across 3 unique product categories
100% of M&A activity went to product companies
Public Markets
No public cyber companies had an earnings report in the first few weeks of 2026
Much of the tech-heavy US markets shed much of their gains as the U.S. Dollar weakened, and as a new successor to the U.S. Fed Chair was named by President Trump
As of markets close on January 26, 2026.
📸 YoY Snapshot
Rolling 13-week charts that compare funding and acquisitions week over week, year over year, comparing the end of 2024 vs. 2025 with the start of 2025 vs. 2026.
And with last week, 2026 has already racked up over $1 billion in cybersecurity funding. Just a cool five weeks to get there. 😳
M&A had a slightly quieter week, but is still moving with strong momentum for the year.
🔭 Zooming Out 🆕
Stories hidden in the numbers
Agent Defense: We’re now starting to see specific security measures for AI Agents emerge. Given all the hype and chaos around Openclaw over the last two weeks, solutions for this can’t come soon enough.
European Compliance Play: Germany's heyData ($16.5M) shows EU-based compliance automation is finding funding. GDPR may be old news, but the compliance software market is still being built.
Serial Acquirer: LevelBlue is on a cyber buying spree to consolidate one of the biggest services firms out there. This week's acquisition is their 4th in the past 12 months.
🧩 Funding By Product Category
$250.0M for Cloud Native Application Protection Platform (CNAPP) across 1 deal
$79.9M for Application Security across 2 deals
$40.0M for Identity Threat Detection and Response (ITDR) across 1 deal
$37.0M for Brand Protection across 1 deal
$16.5M for Security and Compliance Automation across 1 deal
$12.0M for Attack Surface Management (ASM) across 1 deal
$5.0M for Internet Security across 1 deal
$2.3M for Threat and Risk Prioritization across 1 deal
$1.6M for AI Security across 1 deal
$400.0K for Threat Intelligence across 1 deal
An undisclosed amount for Security Log Data Management (SLDM) across 1 deal
🏢 Funding By Company
Product Companies:
Upwind Security, an Israel-based cloud native application protection platform, raised a $250.0M Series B from Bessemer Venture Partners. (more)
Chaitin Tech, a China-based web application security platform, raised a $71.9M Venture Round from Beijing Artificial Intelligence Industry Investment Fund, Guofang Innovation, and National Artificial Intelligence Industry Investment Fund. (more)
Outtake, a United States-based agentic AI security platform focused on defending against identity-based attacks and phishing, raised a $40.0M Series B from ICONIQ Capital. (more)
Memcyco, an Israel-based brand impersonation monitoring and account takeover prevention platform, raised a $37.0M Series A from NAventures. (more)
heyData, a Germany-based security and compliance automation platform focused on vendor risk management and data privacy, raised a $16.5M Series A from Riverside Acceleration Capital. (more)
Mesh Security, an Israel-based cybersecurity platform that provides advanced protection and threat detection capabilities, raised a $12.0M Series A from Lobby Capital. (more)
Rein Security, an Israel-based runtime application security monitoring platform, raised a $8.0M Seed from Glilot Capital Partners. (more)
Monarx, a United States-based threat detection and prevention platform for web hosting providers, raised a $5.0M Venture Round. SEC Filing
Aisy.ai, a United Kingdom-based offensive security-focused threat and risk prioritization platform, raised a $2.3M Seed from Flying Fish Partners, Osney Capital, and 6 Degrees Capital. (more)
Pallma AI, a United Kingdom-based vulnerability discovery and AI agent runtime guardrails, raised a $1.6M Pre-Seed from Marathon Venture Capital. (more)
The Security Bulldog, a United States-based cyber threat intelligence platform, raised a $400.0K Pre-Seed from Right Side Capital Management. (more)
Enterprise Srl, an Italy-based security log data management platform, raised an undisclosed Series A.
Service Companies:
None
🌎 Funding By Country
$307.0M for Israel across 4 deals
$71.9M for China across 1 deal
$45.4M for the United States across 3 deals
$16.5M for Germany across 1 deal
$3.9M for the United Kingdom across 2 deals
An undisclosed amount for Italy across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Service Companies:
Alert Logic, a United States-based managed security operations center (MSOC) platform, was acquired by LevelBlue for an undisclosed amount. Alert Logic had previously raised $399.9M in funding. (more)
REAL security, a Slovenia-based professional services firm focused on data protection and risk management, was acquired by Westcon-Comstor for an undisclosed amount. REAL security has not previously disclosed any funding events. (more)
Threatscape, an Ireland-based managed security services provider, was acquired by Horizon Capital for an undisclosed amount. Threatscape has not previously disclosed any funding events. (more)
☎️ Earnings Reports
This analysis is personal research and opinions only. This is not financial or investing advice. Do your own due diligence before making investment decisions.
Earnings reports from last week: None
Earning reports to watch this coming week: $VRNS ( ▼ 9.3% ), $TENB ( ▼ 8.95% ), $QLYS ( ▼ 5.54% ), $FTNT ( ▼ 2.45% )
📚 Great Reads
The Macro Implications of the AI Capex Boom - What the impact of massive spending on AI may mean for the US economy and the second-order effects it may bring.
Cybersecurity Predictions for 2026 - Frank Wang shares his take on where he thinks the cybersecurity industry will go in 2026 from a practitioner and vendor standpoint.
*A message from our partners
🧪 Labs
"Never send a human to do A machine's job."
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.