Security, Funded by is a weekly intelligence briefing of the public and private economic activity in the cybersecurity market. This week’s issue is brought to you by ORION.
Hope you enjoyed the long weekend if you had Monday off!
It was another rip-roaring time in the cyber industry last week. Between the happenings in the cyber industry and all the AI/SaaSpocalypse/OpenClaw excitement, it’s really hard to be out here monitoring the situation (I probably need to build several agents to do this 🤔 ).
A huge amount of volume from last week, so might as well jump to the website version so you don’t miss anything. 🫡
PARTNER
Your data is flowing into AI. Can you ensure it stays safe?
Adopt AI safely. Prevent data exfiltration.
Sensitive company data is already flowing into AI tools through prompts, MCP servers, and autonomous agents. How do you prevent data loss without blocking AI workflows?
ORION analyzes data in motion with context-aware, proprietary AI agents, preventing data loss without relying on static DLP policies. Adopt AI tools effectively, prevent more data loss incidents than ever, significantly reduce operational overhead, and eliminate false positives.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
RSA Innovation Sandbox now requires $5M seed for all finalists. This is:
Last issue’s vibe check:
What AI security assumption from 2023 aged the worst?
🟩🟩🟩🟩🟩🟩 AI will replace most security analysts
🟨🟨⬜️⬜️⬜️⬜️ LLMs are too unreliable for real security work
🟨⬜️⬜️⬜️⬜️⬜️ Creating compliance frameworks will work
🟨🟨🟨🟨⬜️⬜️ We have time to figure this out
I expected the top option to win and the bottom option to get a lot of traction, but I’m pleasantly surprised to see that the second option of LLMs not being reliable for security work did not get more votes. This shows the industry has come quite a long way since we were first mass-introduced to the LLM and chatbot concepts.
On the AI replacing security analysts front, I think we can clearly see that was never a real future state. The more you uncover in security, with or without AI, but especially with, the more work you realize there is to do. Is the work changing slightly? Yes, it’s getting deeper now, and practitioners need even more scaffolding, support, data, and access to get their AI workflows into the places we have always needed them.
There is still much work to be done, and that’s a positive sign for all of us.
Some of the top comments from last week’s vibe check:
💬 “A close one for me, this. But real-world LLM-based offsec tooling is getting better. Still a lot of noise out there, but the progress is real.“
💬 “Humans are too unreliable for real security work, especially given that our adversaries are AI-enabled. Trying to fight today's malicious hackers without AI is like fighting a battle in 2026 armed only with knives and clubs.”
💰 Market Summary
Private Markets
28 companies from 5 countries raised $289.0M across 22 unique product categories
Average deal size was $11.6M (median: $5.0M)
98% of funding went to product companies
8 companies from 3 countries were acquired across 6 unique product categories
88% of M&A activity went to product companies
1 company announced a layoff
Public Markets
4 public cyber companies [$RPD ( ▼ 1.53% ), $DDOG ( ▼ 2.11% ), $NET ( ▼ 1.11% ), and $CHKP ( ▼ 3.77% ), ] had an earnings report in the first few weeks of 2026, in another blood bath of a week in public markets, thanks to more AI fears
CyberArk $CYBR ( ▼ 0.09% ) has officially left the building! After closing on the acquisition from Palo Alto, the stock exited at $408.85 and has seen a ~1,300% increase in value since its initial listing in 2014. Now that’s quite the return 🫡
As of markets close on February 13, 2026.
📸 YoY Snapshot
Rolling 13-week charts that compare funding and acquisitions week over week, year over year, comparing the end of 2024 vs. 2025 with the start of 2025 vs. 2026.
A high-volume week that pushes the YTD total for 2026 over $2 billion in funding raised for the cybersecurity industry.
M&A continues to run wild, with activity up by more than 12% year to date.
🔭 Zooming Out 🆕
Stories hidden in the numbers
Instant Innovation: Crosspoint Capital Partners, which acquired the RSA Conference back in 2022, deployed $50M across all 10 Innovation Sandbox finalists this week. The competition now guarantees (and requires) $5M in seed funding for all finalists, making RSA one of the most active cyber seed investors in a single week.
Serial Acquirer: Last week, it was Check Point’s turn to be the serial acquirer. In a rare move, Check Point acquired three cyber companies to the tune of $150 million. It’s giving major private equity vibes.
Morphing Time: AppSec pulled in $61 million in funding and an acquisition, as the broader category continues to absorb adjacent capabilities from developer-centric observability and reachability tools.
❌ Layoffs
Palo Alto Networks, a United States-based suite of cloud and network security tools, laid off 400 employees, or 10% of its workforce, after acquiring CyberArk and beginning a restructuring. (more)
🧩 Funding By Product Category
$61.0M for Application Security across 3 deals
$30.9M for Third-Party Risk Management (TPRM) across 3 deals
$30.0M for SaaS Security Posture Management (SSPM) across 1 deal
$25.0M for Privileged Access Management (PAM) across 1 deal
$24.0M for Application Security Testing (AST) across 2 deals
$24.0M for Confidential Computing across 1 deal
$20.0M for Security and Compliance Automation across 1 deal
$20.0M for Threat & Vulnerability Management (TVM) across 1 deal
$10.0M for AI Governance across 2 deals
$7.0M for Professional Services across 1 deal
$5.0M for Fraud and Financial Crime Protection across 1 deal
$5.0M for Security Log Data Management (SLDM) across 1 deal
$5.0M for Identity Verification across 1 deal
$5.0M for Human Risk Management across 1 deal
$5.0M for Non-Human Identity (NHI) Security across 1 deal
$4.8M for Physical Security across 1 deal
$3.2M for Continuous Threat Exposure Management (CTEM) across 1 deal
$3.0M for Digital Forensics and Incident Response (DFIR) across 1 deal
$1.1M for Threat Detection and Response (TDR) across 1 deal
An undisclosed amount for Cyber Risk Quantification across 1 deal
An undisclosed amount for Data Protection across 1 deal
An undisclosed amount for Email Security across 1 deal
🏢 Funding By Company
Product Companies:
GitGuardian, a United States-based automated secrets and non-human identity detection platform, raised a $50.0M Series C from Insight Partners and Quadrille Capital. (more)
Reco, a United States-based SaaS security posture management platform, raised a $30.0M Series B from Zeev Ventures. (more)
Segura, a Brazil-based privileged access management (PAM) platform, raised a $25.0M Venture Round from Riverwood Capital. (more)
Opaque Systems, a United States-based confidential computing platform for data analytics workloads, raised a $24.0M Series B from Walden Catalyst. (more)
Complyance, a United States-based security and compliance automation platform, raised a $20.0M Series A from Google Ventures. (more)
Nucleus Security, a United States-based automated threat and vulnerability remediation platform, raised a $20.0M Series C from Delta-v Capital. (more)
Backslash Security, an Israel-based Application Security Platform, raised a $19.0M Series A from KOMPAS VC. (more)
Clearly AI, a United States-based automated third-party security questionnaire response platform, raised a $8.4M Seed from Basis Set Ventures. (more)
ZAST.AI, a United States-based agentic AI-driven application security platform, raised a $6.0M Seed from Hillhouse Capital. (more)
Charm Security, a United States-based customer fraud prevention platform focused on preventing scams and social engineering attacks, raised a $5.0M Seed from RSA Conference. (more)
Clearly AI, a United States-based automated third-party security questionnaire response platform, raised a $5.0M Seed from RSA Conference. (more)
Crash Override, a United States-based application security platform, raised a $5.0M Seed from RSA Conference. (more)
Fig Security, an Israel-based data engineering management platform for security log data, raised a $5.0M Seed from RSA Conference. (more)
Geordie AI, a United Kingdom-based governance and monitoring platform for AI agents and autonomous workflows, raised a $5.0M Seed from RSA Conference. (more)
Glide Identity, a United States-based authentication and identity verification platform, raised a $5.0M Seed from RSA Conference. (more)
Humanix, a Canada-based human risk management platform, raised a $5.0M Seed from RSA Conference. (more)
Realm Labs, a United States-based AI governance and model safety platform that observes model inference and decision making to prevent harm, raised a $5.0M Seed from RSA Conference. (more)
Token Security, an Israel-based non-human and agentic identity posture management platform, raised a $5.0M Seed from RSA Conference. (more)
ZeroPath, a United States-based code vulnerability scanning platform, raised a $5.0M Seed from RSA Conference. (more)
Allthenticate, a United States-based SaaS-based physical access management software, raised a $4.8M Seed. SEC Filing
Veria Labs, a United States-based continuous threat exposure management platform, raised a $3.2M Seed from Amino Capital, Gokul Rajaram, MA7 Ventures, Matias Woloski, Paul Graham, Rock Yard Ventures, and Seaplane Ventures. (more)
CYDELPHI, a United States-based automated digital forensics and incident response platform, raised a $3.0M Seed from Glasswing Ventures. (more)
Hardshell, a United States-based threat detection and response platform, raised a $1.1M Pre-Seed from Black Prism Capital Partners, Blu Venture Investors, CAV Angels, Front Porch Venture Partners, Mojo Ventures, Not Yet Ventures, and VTC Ventures. (more)
CyberServal, a United States-based data security platform, raised an undisclosed Corporate Round from Chaitin Tech. (more)
CypherShield, a United States-based email security and threat and risk visibility platform, raised an undisclosed Pre-Seed from LvlUp Ventures.
Quantara AI, a United States-based cyber risk quantification platform, raised an undisclosed Seed.
Service Companies:
RemoteThreat, a United States-based professional services firm focused on offensive security, raised a $7.0M Seed. [SEC Filing]
🌎 Funding By Country
$207.5M for the United States across 21 deals
$46.5M for Israel across 4 deals
$25.0M for Brazil across 1 deal
$5.0M for the United Kingdom across 1 deal
$5.0M for Canada across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Acuvity, a United States-based visibility and governance platform for AI application usage in the enterprise, was acquired by Proofpoint for an undisclosed amount. Acuvity had previously raised $9.0M in funding. (more)
Arco Cyber, a United Kingdom-based unified threat and risk prioritization platform, was acquired by Sophos for an undisclosed amount. Arco Cyber has not previously disclosed any funding events. (more)
Autonomous Plane, a United States-based threat and risk prioritization platform, was acquired by Endor Labs for an undisclosed amount. Autonomous Plane has not previously disclosed any funding events. (more)
Cyata, an Israel-based agentic AI governance and security platform, was acquired by Check Point Software Technologies for an undisclosed amount. Cyata had previously raised $8.5M in funding. (more)
Cyclops Security, an Israel-based cybersecurity mesh architecture platform, was acquired by Check Point Software Technologies for an undisclosed amount. Cyclops Security had previously raised $12.8M in funding. (more)
Rotate, a United States-based managed detection and response platform, was acquired by Check Point Software Technologies for an undisclosed amount. Rotate has not previously disclosed any funding events. (more)
Service Companies:
Veros Technologies, a United States-based professional services firm focused on secure systems engineering and operations, was acquired by Quantum Leap Research for an undisclosed amount. Veros Technologies has not previously disclosed any funding events. (more)
📚 Great Reads
Cybersecurity Changes in 2026 - Daniel Miessler shares his predictions on how the cyber industry will change in 2026 and beyond.
2025 State of the Cybersecurity Market - The cybersecurity market recovered in 2025, but not evenly. Inside: who won, who got acquired, and what 2026 holds for founders, buyers, and investors.
The changing buy vs. build calculus for security - AI is making it harder to buy, easier to build, and harder to maintain all at the same time.
*A message from our partners
🧪 Labs
Going to try this on my next SOC 2 audit
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.