Skip to content

Posts tagged ‘$NOW’

Dec 30

1 Comment

AI Security market 2025 funding data, top startups, and the ServiceNow factor

ServiceNow dropped $11.6 billion on security acquisitions in 2025 alone. Armis for $7.75 billion. Moveworks for $2.85 billion. Veza for roughly $1 billion. In 2025, just one company, ServiceNow, spent more on acquiring security startups than 175 startups raised in two years. Meanwhile, the entire AI security startup ecosystem raised $8.5 billion across 175 companies over 24 months. That single data point should reshape how security leaders think about vendor consolidation and how AI builders think about their exit paths.

I analyzed Crunchbase data covering every AI security startup that raised Series A, B, or C funding between January 2024 and December 2025. The patterns are striking.

The acceleration is real

Q1 2024: $274 million across 8 deals. Q4 2025: $2.17 billion across 28 deals. That’s 8x growth in quarterly funding over two years.

The full-year numbers tell the story more clearly. 2024 saw $2.16 billion in total funding. 2025 hit $6.34 billion, nearly tripling. Average deal sizes jumped from $34 million to $54 million. This isn’t a gentle upward trend. The market is restructuring in real time.

Where the money flows

Network and Zero Trust infrastructure captured $1.9 billion across 44 companies. Tailscale‘s $161 million Series C reflects what enterprises already know. VPN architectures are dying. Identity-based access is replacing them.

Threat Detection and SOC automation drew $1.2 billion across 28 companies. 7AI‘s $130 million Series A stands out as one of the largest A funding rounds in this category. The bet: AI agents can handle the full security operations lifecycle at a scale human analysts cannot match.

Identity and Access Management pulled $990 million. But here’s what matters: that money went to just 6 companies. Saviynt‘s $700 million Series B dominates the category. When one company captures 71% of a category’s funding at Series B, investors see platform consolidation ahead. ServiceNow’s Veza acquisition, three weeks later, validated that thesis.

Insights into deal sizes

Median tells a different story from average deal sizes. Series A median: $20 million. Series A average: $28 million. The gap widens at later stages. Series C median: $85 million. Series C average: $119 million.

Translation: mega-deals skew the data significantly. Eighteen companies raised $100 million or more. Those 18 deals represent 10% of companies but 40% of total funding. For every Saviynt raising $700 million, dozens of startups are raising $15-25 million Series A rounds.

The AI/LLM security gap

Only 13 companies focus specifically on securing AI systems, LLMs, and agentic applications. Total funding: $414 million. That’s less than 5% of the $8.5 billion total. For context: ServiceNow paid more for Veza alone than the entire AI/LLM security category raised in two years.

The players building in this space:

Noma Security ($100M, Series B). Unified AI and agent security platform.

Credo AI ($21M, Series B). AI governance and compliance automation.

Lakera ($20M, Series A). Real-time GenAI security against LLM vulnerabilities.

Prompt Security ($18M, Series A). Enterprise generative AI adoption platform.

GetReal Security ($17.5M, Series A). Deepfake and AI-generated impersonation defense.

Jericho Security ($15M, Series A). Training against generative AI-powered attacks.

Enterprises are deploying AI systems at unprecedented rates. Shadow AI breaches cost $4.63 million per incident. That’s $670,000 more than standard breaches, according to IBM’s 2025 Cost of a Data Breach Report. Model Context Protocol vulnerabilities. Prompt injection attacks. Data exfiltration through AI assistants. The attack surface expands while protection lags.

Either these 13 companies scale rapidly, established players acquire their way into the space, or CISOs face a protection gap without commercial solutions.

How spending breaks out geographically

The U.S. captured $6.1 billion across 119 companies. That’s 71% of total funding. Israel remains the second hub: 15 companies, $738 million. Germany, the UK, and Canada trail with single-digit percentages.

Within the U.S., California dominates: $2.7 billion across 62 companies. That’s more than all non-U.S. markets combined ($2.4 billion). Texas ($865M), New York ($667M), and Colorado ($295M) round out the top states.

The concentration creates vendor risk. Regulatory fragmentation between the U.S. and EU markets. Geopolitical tensions affecting Israeli companies. Single-region dependency in security infrastructure. These are fundamental considerations for enterprise security architects.

ServiceNow’s acquisitions signal large-scale consolidation

ServiceNow’s 2025 acquisition spree warrants its own analysis. Armis brings cyber-physical security and OT/IoT visibility. Moveworks adds agentic AI capabilities. Veza delivers identity security for the AI era. The company calls it an “AI control tower.” A unified security stack that sees, decides, and acts across the entire technology footprint.

The driver: ServiceNow’s Security and Risk business crossed $1 billion in annual contract value in Q3 2025. They expect Armis alone to triple their market opportunity. When a platform vendor invests $11.6 billion in its own security workflows, point solutions become acquisition targets or competitors.

What this means for 2026

For security leaders: Map your vendor portfolio against both funding momentum and M&A activity. Startups with strong backing will survive consolidation. Others won’t. Audit your AI deployment pipeline against available protections. The gap between AI adoption and AI security is widening. Accelerate zero-trust adoption while solutions mature.

For AI builders: Security isn’t a feature to add later. The $414 million flowing into AI/LLM security represents smart money recognizing that unprotected AI systems are enterprise liabilities. Build with guardrails or build vulnerabilities.

Analysis based on Crunchbase data covering 175 AI security startups that raised Series A, B, or C funding between January 2024 and December 2025. ServiceNow acquisition data from the company’s press releases dated December 2025.

May 27

Five Ways CIOs Can Prepare For The Cloud: Lessons Learned From ServiceNow

ServiceNow2ServiceNow (NYSE:NOW) is a global leader in providing cloud-based services used by enterprises to streamline and automate their IT operations.  They’re known for their expertise in IT Service Management (ITSM), speed of development cycles, and commitment to open source including MongoDB and NoSQL.  ServiceNow also has one of the most enthusiastic, rapidly growing and loyal customer bases in enterprise software.  Matt Schvimmer, VP Product Management at ServiceNow, credits the goal of attaining 100% customer referenceability combined with intensive focus on user experience design as contributing factors to their rapid growth, in addition to continuous feedback cycles they use for capturing and acting on customer feedback.

Update from ServiceNow’s Financial Analyst Day and Knowledge13 

On May 13th they held their Financial Analyst Day at the Aria Resort & Casino in Las Vegas, the same location they hosted Knowledge13, their annual user conference held May 12th through the 16th.  You can download a set of the slides presented at the Financial Analyst Day here, and view videos and presentations from Knowledge 13 here.   ServiceNow executives are calling the next phase of their growth ERP for IT. Both in the Financial Analyst Day presentation and the presentation given by President and CEO Frank Slootman at the Pacific Crest Emerging Technology Summit on February, 13th, this concept is shown.  Below is a slide from the February 13th presentation given at the Summit.  You can download the slide deck from the Pacific Crest Emerging Technology Summit here.

ERP for IT

Five Ways CIOs Can Prepare For The Cloud

HS_Arne_Josefsberg (1)I had the opportunity to catch up with Arne Josefsberg, CTO of ServiceNow during Knowledge13.  He shared insights into how ServiceNow’s core customer base, predominantly CIOs and their IT Departments, are driving greater business value into their organizations using the Service Automation Platform.  Arne mentioned that ServiceNow sees IT Operations Management (ITOM) and Platform-as-a-Service (PaaS) as critical to their growth, in addition to enabling those without programming expertise (ServiceNow calls them Citizen Developers) with intuitive, easily used application development tools.

He also shared lessons learned and five ways CIOs can prepare for the cloud, which are listed below:

  • Adopt Cloud Architectures With An Open Mind And See Them As Business Value Accelerators.  Arne advises CIOs who are considering cloud-based initiatives to concentrate on capturing and communicating business value first, including time-to-market, cost and time savings advantages.  Getting beyond a purely cost-cutting mindset is critical for IT to become a strategic partner with business units.  He says that he’s seeing CIOs gain a greater voice in strategic planning initiatives by clearly defining the business value of cloud-based development while pursuing rapid application development.
  • Taking a leadership position in application development leads to gaining greater influence and involvement in strategic plans and initiatives.  This point galvanizes the entire ServiceNow executive team, they all speak of enabling the Citizen Developer to create new applications on their platform without writing a single line of code.  ServiceNow and their customer base have bonded on this issue of rapid application development.  And watching Fred Luddy, Chief Product Officer of ServiceNow move quickly through application development and deployment scenarios during his keynote showed how deeply engrained this value is in the company’s DNA.
  • CIOs need to realize that their resource and human resource management needs in five years will shift to business transformation away from IT alone.  There is a shortage of IT analysts and professionals who are adept at being business strategists, capable of leading transformational application development.  IT analysts and experts need to be trusted partners with business units, continually moving IT-related barriers out of the way while streamlining new application development.  Arne cited how General Electric is excelling on this dimension, consolidating 17 incident management systems into a single ServiceNow application.  All that was possible because the IT teams at GE are an essential part of business unit operations.
  • CIOs need to move beyond managing IT using cost and efficiency alone and think in terms of opportunity-to-cost instead. Arne’s point is that the most respected and counted-upon CIOs he knows today are either making or have made this transition.  They have moved beyond an IT legacy mentality of managing just to cost or efficiency.  Instead, the CIOs emerging as strategists and core members of the executive team are aligning IT as a core part of their company’s ability to compete.
  • Use cloud architectures and rapid application development to make IT more strategic in scope now.  The companies winning awards at Knowledge13 for their applications showed a common thread of anticipating and acting on the strategic needs of their business quickly, often delivering completed applications ahead of schedule and under budget.

Bottom line: Making IT strategic begins by moving away from the constraints of managing to cost and efficiency metrics alone.  Cloud-based platforms and rapid application development technologies are assisting CIOs and their staffs to be more strategic, less tactical, more responsive and focused on line-of-business needs and requirements first.

Disclosure: ServiceNow paid for travel to Knowledge13.  I’ve never held equity positions in ServiceNow, and they are not a client.