Skip to content

Posts tagged ‘cybersecurity funding’

Dec 30

1 Comment

AI Security market 2025 funding data, top startups, and the ServiceNow factor

ServiceNow dropped $11.6 billion on security acquisitions in 2025 alone. Armis for $7.75 billion. Moveworks for $2.85 billion. Veza for roughly $1 billion. In 2025, just one company, ServiceNow, spent more on acquiring security startups than 175 startups raised in two years. Meanwhile, the entire AI security startup ecosystem raised $8.5 billion across 175 companies over 24 months. That single data point should reshape how security leaders think about vendor consolidation and how AI builders think about their exit paths.

I analyzed Crunchbase data covering every AI security startup that raised Series A, B, or C funding between January 2024 and December 2025. The patterns are striking.

The acceleration is real

Q1 2024: $274 million across 8 deals. Q4 2025: $2.17 billion across 28 deals. That’s 8x growth in quarterly funding over two years.

The full-year numbers tell the story more clearly. 2024 saw $2.16 billion in total funding. 2025 hit $6.34 billion, nearly tripling. Average deal sizes jumped from $34 million to $54 million. This isn’t a gentle upward trend. The market is restructuring in real time.

Where the money flows

Network and Zero Trust infrastructure captured $1.9 billion across 44 companies. Tailscale‘s $161 million Series C reflects what enterprises already know. VPN architectures are dying. Identity-based access is replacing them.

Threat Detection and SOC automation drew $1.2 billion across 28 companies. 7AI‘s $130 million Series A stands out as one of the largest A funding rounds in this category. The bet: AI agents can handle the full security operations lifecycle at a scale human analysts cannot match.

Identity and Access Management pulled $990 million. But here’s what matters: that money went to just 6 companies. Saviynt‘s $700 million Series B dominates the category. When one company captures 71% of a category’s funding at Series B, investors see platform consolidation ahead. ServiceNow’s Veza acquisition, three weeks later, validated that thesis.

Insights into deal sizes

Median tells a different story from average deal sizes. Series A median: $20 million. Series A average: $28 million. The gap widens at later stages. Series C median: $85 million. Series C average: $119 million.

Translation: mega-deals skew the data significantly. Eighteen companies raised $100 million or more. Those 18 deals represent 10% of companies but 40% of total funding. For every Saviynt raising $700 million, dozens of startups are raising $15-25 million Series A rounds.

The AI/LLM security gap

Only 13 companies focus specifically on securing AI systems, LLMs, and agentic applications. Total funding: $414 million. That’s less than 5% of the $8.5 billion total. For context: ServiceNow paid more for Veza alone than the entire AI/LLM security category raised in two years.

The players building in this space:

Noma Security ($100M, Series B). Unified AI and agent security platform.

Credo AI ($21M, Series B). AI governance and compliance automation.

Lakera ($20M, Series A). Real-time GenAI security against LLM vulnerabilities.

Prompt Security ($18M, Series A). Enterprise generative AI adoption platform.

GetReal Security ($17.5M, Series A). Deepfake and AI-generated impersonation defense.

Jericho Security ($15M, Series A). Training against generative AI-powered attacks.

Enterprises are deploying AI systems at unprecedented rates. Shadow AI breaches cost $4.63 million per incident. That’s $670,000 more than standard breaches, according to IBM’s 2025 Cost of a Data Breach Report. Model Context Protocol vulnerabilities. Prompt injection attacks. Data exfiltration through AI assistants. The attack surface expands while protection lags.

Either these 13 companies scale rapidly, established players acquire their way into the space, or CISOs face a protection gap without commercial solutions.

How spending breaks out geographically

The U.S. captured $6.1 billion across 119 companies. That’s 71% of total funding. Israel remains the second hub: 15 companies, $738 million. Germany, the UK, and Canada trail with single-digit percentages.

Within the U.S., California dominates: $2.7 billion across 62 companies. That’s more than all non-U.S. markets combined ($2.4 billion). Texas ($865M), New York ($667M), and Colorado ($295M) round out the top states.

The concentration creates vendor risk. Regulatory fragmentation between the U.S. and EU markets. Geopolitical tensions affecting Israeli companies. Single-region dependency in security infrastructure. These are fundamental considerations for enterprise security architects.

ServiceNow’s acquisitions signal large-scale consolidation

ServiceNow’s 2025 acquisition spree warrants its own analysis. Armis brings cyber-physical security and OT/IoT visibility. Moveworks adds agentic AI capabilities. Veza delivers identity security for the AI era. The company calls it an “AI control tower.” A unified security stack that sees, decides, and acts across the entire technology footprint.

The driver: ServiceNow’s Security and Risk business crossed $1 billion in annual contract value in Q3 2025. They expect Armis alone to triple their market opportunity. When a platform vendor invests $11.6 billion in its own security workflows, point solutions become acquisition targets or competitors.

What this means for 2026

For security leaders: Map your vendor portfolio against both funding momentum and M&A activity. Startups with strong backing will survive consolidation. Others won’t. Audit your AI deployment pipeline against available protections. The gap between AI adoption and AI security is widening. Accelerate zero-trust adoption while solutions mature.

For AI builders: Security isn’t a feature to add later. The $414 million flowing into AI/LLM security represents smart money recognizing that unprotected AI systems are enterprise liabilities. Build with guardrails or build vulnerabilities.

Analysis based on Crunchbase data covering 175 AI security startups that raised Series A, B, or C funding between January 2024 and December 2025. ServiceNow acquisition data from the company’s press releases dated December 2025.

Oct 28

Top ten cybersecurity startups to watch in 2025 according to $3.21B in investor bets

Top Ten Cybersecurity Startups to Watch in 2025 According to $3.21B in Investor Bets

While the industry still debates whether AI will transform cybersecurity, investors have already made up their minds.

Based on an analysis of the latest Crunchbase data compiled recently that spans January 2024 to October 2025, ten standout startups captured $1.41 billion in new funding, signaling that machine-speed defense against AI-driven threats is no longer optional; it’s an operational reality. Together, these ten startups have raised $3.21 billion, which represents one of the heaviest capital concentrations in cybersecurity startups to date.

Investors are gravitating to cybersecurity startups that solve complex problems

CrowdStrike’s Falcon 2025 event, held earlier this year in Las Vegas, showcased a series of new agentic AI developments that, taken together, reflect how cross-platform and cross-competitor collaboration aimed at shutting down increasingly complex weaponized AI threats leads to faster innovation. VentureBeat’s analysis of the many announcements there explains how the cybersecurity company is betting on agentic AI to defeat adversaries.

Interested in quantifying how AI is impacting investors’ decisions, I completed an analysis using Crunchbase data covering 342 verified cybersecurity startups with active funding. Selection was weighted toward recent momentum, total funding scale, stage maturity, AI integration, and proof through multiple rounds.

The key takeaway: Institutional capital is consolidating around companies that make autonomous security practical, and agentic AI is at the core of that direction. But AI is not enough; investors are looking for the ability to scale in enterprises once they have AI integrated into their core platforms.

AI in cybersecurity: Tablestakes, not a ticket to premium valuation

Sixty percent of startups integrate AI into their core technology. Yet contrary to hype, that hasn’t bought them higher valuations.

  • AI-integrated startups average $283M in funding.
  • Non-AI specialists average $378M.

Crunchbase data shows investors reward defensible specialization as much as AI capability. Quantinuum’s $925M for post-quantum cryptography and Zama’s $139M for homomorphic encryption prove that solving foundational security problems often supersedes AI as a differentiator.

Still, AI holds weight in investment decisions. Six AI-driven startups pulled $1.70B (52.8%), while four non-AI companies captured $1.51B (47.2%). Both models earn trust by underscoring AI for operational speed and deep tech for architectural resilience. And with seven of ten now at Series B maturity, investors are backing platforms that have already demonstrated enterprise traction, not experiments.

1. Quantinuum ($925M, Series B) Post-Quantum Defense. Closed a $600M Series B in August 2025. The company is building the only mathematical safeguard against the inevitable collapse of RSA and ECC encryption under quantum computing.

2. Saronic ($845M, Series B) Autonomous Maritime Security, Raised $175M in July 2024 for AI-powered unmanned surface vessels. With 90% of trade moving across exposed waterways, Saronic brings AI defense to the physical infrastructure that most enterprises overlook.

3. Auradine ($314M, Series B) AI Silicon for Security. Raised $80M to expand custom silicon that accelerates cryptographic workloads 10x faster than general-purpose hardware, eliminating bottlenecks in AI-driven security deployments.

4. Tines ($271M, Series B) No-Code Automation. Secured $50M Series B. Turns analysts into automation builders, saving 40+ hours weekly with drag-and-drop workflows that are proving critical for overextended SOC teams.

5. Dream Security ($198M, Series B) Critical Infrastructure Defense. Closed $100M in 2025. Their sovereign AI platform equips critical infrastructure with defenses calibrated to nation-state-level threats, providing a layer that traditional enterprise tools cannot reach.

6. Upwind Security ($180M, Series A)  Runtime Cloud Visibility. Raised $100M in December 2024. Focused on runtime intelligence, detecting abnormal behavior live rather than flagging static misconfigurations. Reduces false positives, elevates real threats.

7. Zama ($139M, Series B)  Homomorphic Encryption. Raised $57M in June 2025 after a $73M Series A in March 2024. Provides production-ready fully homomorphic encryption, enabling AI models to compute securely on encrypted data.

8. Noma Security ($132M, Series B)  Securing AI Agents. Closed $100M in 2025. Built to harden AI systems against prompt injection and model poisoning as enterprises push decision-making into autonomous agents.

9. ZeroEyes ($107M, Series B)  Firearm Detection AI. Raised $53M in 2025. Eleven rounds in, their AI models detect firearms on video feeds in seconds—cutting active shooter response time dramatically.

10. Upscale AI ($100M, Seed)  AI Networking Infrastructure. Raised a $100M Seed round in 2025. Building AI-native networking with hardware-accelerated encryption, aimed at high-performance compute environments.

The Bottom Line

Series B dominance (70%) shows that capital is flowing into platforms with market traction, not speculative bets. Forty-six rounds across these ten companies demonstrate durability and enterprise validation. The signal to security leaders is becoming clear based on the escalating nature of weaponized AI attacks: manual security processes are now liabilities. Defending at human speed against AI-enabled attackers is untenable. Investors understand this. $1.41B in recent capital confirms it.