You’ve got to love the smell of the RSA Conference in the morning. 😤
Shoutout to everyone who stopped to say hello at BSidesSF this past weekend! If you want to catch up this week out in SF, I made a post listing some of the places I’ll be, and hope to see you around!
Lettuce all romaine calm and collectively acquire this bread, family. 😤 👊 🍞
PARTNER
51% of Security Teams Are Losing Critical Context
Turn security visibility into decisive action at scale
Most cybersecurity programs are rich in visibility, and struggling to act on it. Axonius partnered with the Ponemon Institute to find out what separates teams that actually move the needle.
Only 45% consolidate exposure data into a single source of truth. 37% are still stuck in manual workflows. The best teams have solved these problems. This report shows how.
Table of Contents
😎 Vibe Check
Click the options below to vote on whether you are a practitioner, founder, or investor. Feel free to leave a comment, and I'll feature the best takes in next week’s write-up!
What's the best advice for security leaders right now?
Last issue’s vibe check:
What's the worst advice being given to security leaders right now?
🟨🟨🟨🟨⬜️⬜️ AI will solve your talent gap
🟨🟨🟨🟨⬜️⬜️ It's better to build than buy now
🟨🟨🟨🟨⬜️⬜️ Governance can wait until AI matures
🟩🟩🟩🟩🟩🟩 Security teams should shrink as AI scales
⬜️⬜️⬜️⬜️⬜️⬜️ Other (leave a comment)
It seems the “most worst” advice from last week’s vibe check, out of several bad options, was how security teams should be getting smaller as AI scales. It sounds counterintuitive on the surface. Teams should be able to get more done with AI than ever before, so it’s OK to have fewer people, right?
That’s where we’d be wrong, bucko. (*finger guns*)
The thing is, security teams have been at a deficit for as long as I can remember. We’ve always been behind, and there’s never enough time, money, or people to do what needs to be done. I think AI is actually a bull case for increasing security team headcount, so long as those people get to run off and automate, optimize, stitch together, and (smartly) build things to push programs forward.
It might be a hard sale, but just tell your board that Claude Code recommended it, and you’ll be golden. 💡 🤖
Some of the top comments from last week’s vibe check:
💬 “They are all bad advice!”
🔭 Zooming Out
Stories hidden in the numbers
Round 2 of AI-Enhanced SecOps: The AI-meets-security-operations narrative has been the defining theme of 2026 so far in terms of money being raised. The first wave in 2024–2025 promised the "AI SOC analyst" with autonomous triage, automated responses, and the whole package. It didn't fully land or shake out as we thought, and what's different now is the scope. Instead of trying to replace the analyst, this batch is building the connective tissue in and around SecOps functions. Think less "AI replaces your SOC" and more "AI becomes the co-worker your SOC never had." Whether this iteration sticks remains to be seen, but the capital is clearly betting the plumbing matters more than the dashboard.
💰 Market Summary
Private Markets
21 companies from 5 countries raised $920.2M across 19 unique product categories
Average deal size was $48.4M (median: $20.0M)
100% of funding went to product companies
5 companies from 4 countries were acquired for $5.0M across 4 unique product categories
60% of M&A activity went to service companies
Public Markets
1 public cyber company [$SAIL ( ▲ 2.29% )] had an earnings report last week
More down-bad news in the stock markets around the world with the continuing crisis with Iran
📸 YoY Snapshot
Rolling 13-week charts that compare funding and acquisitions week over week, year over year, comparing the end of 2024 vs. 2025 with the start of 2025 vs. 2026.
“One of these [weeks] is not like the other!” You can tell it’s a pre-conference week because every company is coming out of stealth and announcing huge rounds.
M&A activity didn’t quite go as hard as funding activity did last week, but I suspect that will pick up this week during the RSA Conference.
PARTNER
Panther’s Complete AI SOC Platform
Built for Modern Security Operations
Panther’s Complete AI SOC Platform brings AI into the core of security operations, handling triage, investigation, and detection tuning in one system. Each investigation feeds its outcome back into detection logic, so the same alerts don’t keep repeating, and the system improves over time.
Teams stay in control with approval-gated actions and a full audit trail. Most AI closes the alert. Panther closes the loop.
🧩 Funding By Product Category
$375.0M for Digital Footprint Management across 1 deal
$145.9M for Application Security Testing (AST) across 2 deals
$120.0M for Identity and Access Management (IAM) across 1 deal
$65.0M for Threat Detection and Response (TDR) across 2 deals
$40.0M for Continuous Automated Red Teaming (CART) across 1 deal
$31.0M for Cloud Security across 1 deal
$25.0M for Firmware Security across 1 deal
$20.0M for Deception Technology across 1 deal
$20.0M for Application Security across 1 deal
$20.0M for Endpoint Detection and Response (EDR) across 1 deal
$17.0M for Brand Protection across 1 deal
$15.0M for Internet of Things (IoT) Security across 1 deal
$10.7M for Security Log Data Management (SLDM) across 1 deal
$5.9M for Software Supply Chain Security across 1 deal
$4.8M for AI Model Security across 1 deal
$4.2M for AI Governance across 1 deal
$641.2K for Security and Compliance Automation across 1 deal
An undisclosed amount for Data Security Posture Management (DSPM) across 1 deal
An undisclosed amount for Identity Threat Detection and Response (ITDR) across 1 deal
🏢 Funding By Company
Product Companies:
Cloaked, a United States-based consumer digital footprint management and privacy platform, raised a $375.0M Series B from General Catalyst and Liberty City Ventures. (more)
XBOW, a United States-based autonomous application security testing platform, raised a $120.9M Series C from DFJ Growth and Northzone. (more) Unicorn Alert 🦄
Oasis Security, a United States-based platform for managing the lifecycle of machine and human identities, raised a $120.0M Series B from Craft Ventures. (more)
RunSybil, a United States-based penetration testing and vulnerability evaluation platform, raised a $40.0M Seed from Khosla Ventures. (more)
Native, an Israel-based multi-cloud control plane and security platform, raised a $31.0M Series A from Ballistic Ventures. (more)
1stProtect, a United States-based endpoint detection and response platform, raised a $20.0M Seed from Andra Capital and All Blue Capital. (more)
Raven.io, a United States-based runtime application security platform, raised a $20.0M Seed from Elron Ventures and Norwest. (more)
Allure Security Technology, a United States-based brand protection and impersonation takedown platform, raised a $17.0M Series B from Riverside Acceleration Capital. (more)
Xage Security, a United States-based industrial Internet of Things (IIoT) security platform, raised a $15.0M Venture Round from Piva Capital. (more)
ziggiz, a United Kingdom-based data engineering and management platform for security data sources, raised a $10.7M Venture Round. (SEC Filing - Subject to Change)
Manifold, a United States-based AI agent endpoint runtime detection and response platform, raised a $8.0M Seed from Costanoa Ventures. (more)
Lupin & Holmes, a France-based attacker-focused software supply chain security platform, raised a $5.9M Pre-Seed from Seedcamp and The Twenty Minute VC. (more)
CodeIntegrity, a United States-based prompt injection security platform for AI and agentic applications, raised a $4.8M Seed. (SEC Filing - Subject to Change)
Certiv, a United States-based governance platform that discovers and protects agentic work across endpoints, raised a $4.2M Pre-Seed from Aviso Ventures. (more)
Noru, a Sweden-based agentic security and compliance automation platform, raised a $641.2K Pre-Seed from Ampli Ventures. (more)
Bedrock Data, a United States-based data security platform using AI for data risk assessments and data posture management, raised an undisclosed Venture Round from Snowflake Ventures. (more)
WideField Security, a United States-based identity threat detection and response platform, raised an undisclosed Series A from Cisco Investments. (more)
Service Companies:
None
🌎 Funding By Country
$851.9M for the United States across 16 deals
$31.0M for Israel across 1 deal
$30.7M for the United Kingdom across 2 deals
$5.9M for France across 1 deal
$641.2K for Sweden across 1 deal
🤝 Mergers & Acquisitions
Product Companies:
Cloudquery, an Israel-based open-source cloud asset inventory management platform, was acquired by env0 for an undisclosed amount. Cloudquery had previously raised $34.5M in funding. (more)
Service Companies:
Catalyst Cyber, an Australia-based professional services firm focused on incident response of Australian public and private sector companies, was acquired by InfoTrust for $5.0M. Catalyst Cyber has not previously disclosed any funding events. (more)
Arcane Security, a United States-based professional services firm focused on security advisory and response, was acquired by SafeHill for an undisclosed amount. Arcane Security has not previously disclosed any funding events. (more)
Cyber Advisors, a United States-based managed security services provider (MSSP), was acquired by Sterling Investment Partners for an undisclosed amount. Cyber Advisors has not previously disclosed any funding events. (more)
📚 Great Reads
The Cybersecurity Market Is Back — But Not for Everyone - I sat down with Laurent Hausermann from Cyber Builders to talk through the Return on Security 2025 State of the Cybersecurity Market report, and what it means for Europe and the UK.
Can AI help critical infrastructure, the state of the cyber market, and weekly news – Mike Privette, Kara Sprague – ESW #451 - I sat down with Adrian Sanabria and Ayman Elsawah on the Enterprise Security Weekly podcast to talk about the changing role of AI in the cyber industry, and what happened in the cyber industry in 2025.
*A message from our partners
🧪 Labs
Meanwhile, me at RSA this week …
Security ROI > Coffee ROI
Get value every week? Back the mission.
Or send your smart friends a referral.
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. Dollars (USD) at the current spot rate at the time of collection.
Company country locations are pulled from publicly available sources.
Companies are categorized using the Return on Security system.
Sometimes the deal details, such as who led the round, how much was raised, or the deal stage, may be updated after publication.
Let us know if you spot any errors, and we’ll fix them.