Skip to content

Posts tagged ‘venture capital’

Apr 8

Top 10 security categories where VC funding trails Gartner’s 2026 growth forecast, Crunchbase data

Top 10 security categories where VC funding trails Gartner’s 2026 growth forecast, Crunchbase data

Two of Gartner’s 10 fastest-growing security categories have zero venture-backed startups. Firewall equipment, a $26.7 billion market by 2030, and pure-play cloud access security brokers, projected at $7.1 billion, are controlled entirely by incumbent vendors. No startup has raised a dollar in either category since January 2025.

I cross-referenced Gartner’s 1Q26 Information Security forecast against CB Insights, Crunchbase, and PitchBook funding data for every one of the 10 fastest-growing security categories. The question: where is venture capital following Gartner’s growth signal, and where is it missing?

The answer is stark. $93.2 billion in projected 2030 spending across these 10 categories. $11.2 billion in total VC raised by 59 funded startups. That is an 8.3:1 gap between where enterprise demand is heading and where startup capital is flowing. In 5 of 10 categories, the gap exceeds 12:1. As I detailed in last week’s analysis of the 10 fastest-growing categories, growth is concentrating in cloud infrastructure, proactive intelligence, and privacy compliance. The VC data tells you whether anyone is building what CISOs need to buy.

“Cybersecurity leaders are navigating uncharted territory this year as these forces converge, testing the limits of their teams in an environment defined by constant change,” said Alex Michaels, Director at Gartner. The spending data confirms it. The startup funding data shows the supply side has not caught up.

Two of Gartner’s 10 fastest-growing security categories have zero venture-backed startups. Firewall equipment, a $26.7 billion market by 2030, and pure-play cloud access security brokers, projected at $7.1 billion, are controlled entirely by incumbent vendors. No startup has raised a dollar in either category since January 2025. I cross-referenced Gartner’s 1Q26 Information Security forecast against CB Insights, Crunchbase, and PitchBook funding data for every one of the 10 fastest-growing security categories. The question: where is venture capital following Gartner’s growth signal, and where is it missing? The answer is stark. $93.2 billion in projected 2030 spending across these 10 categories. $11.2 billion in total VC raised by 59 funded startups. That is an 8.3:1 gap between where enterprise demand is heading and where startup capital is flowing. In 5 of 10 categories, the gap exceeds 12:1. As I detailed in last week’s analysis of the 10 fastest-growing categories, growth is concentrating in cloud infrastructure, proactive intelligence, and privacy compliance. The VC data tells you whether anyone is building what CISOs need to buy. “Cybersecurity leaders are navigating uncharted territory this year as these forces converge, testing the limits of their teams in an environment defined by constant change,” said Alex Michaels, Director at Gartner. The spending data confirms it. The startup funding data shows the supply side has not caught up. ▼ GRAPHIC: GRAPHIC 2 — Paired bar chart: Gartner 2030 projection vs. VC raised (insert before master table) ▼ Figure 2: Gartner 2030 projections (dark) vs. total VC raised (light) for each of the 10 categories. The master table: Gartner forecast vs. startup funding by category I mapped each Gartner category against every cybersecurity startup that raised equity or debt since January 2025. Each company is assigned to one primary category to avoid double-counting. Gap Ratio is the Gartner 2030 market projection divided by total VC raised. Higher means wider gap. # Gartner Security Category 2025-26 GR 5yr CAGR 2030 Proj Startups Total VC Gap Ratio Verdict 1 Cloud Access Security Brokers (CASB) 27.2% 24.3% $7.1B 4 $182M 39:1 Critical Gap 2 Firewall Equipment (NGFW/FWaaS) 15.9% 9.1% $26.7B 0 $0 ∞ Incumbent Lock 3 Cloud Security Posture Mgmt (CSPM) 33.4% 27.6% $16.2B 6 $752M 21.5:1 Underfunded 4 Vulnerability Assessment 15.7% 12.0% $6.4B 6 $306M 20.9:1 Underfunded 5 Cloud Workload Protection (CWPP) 25.9% 21.0% $16.1B 8 $1.28B 12.6:1 Underfunded 6 Subject Rights Request Automation 16.2% 12.3% $2.3B 2 $240M 9.6:1 M&A Absorbed 7 Network Detection & Response (NDR) 15.6% 12.4% $4.1B 4 $701M 5.9:1 Moderate Gap 8 Zero Trust Network Access (ZTNA) 23.0% 20.9% $6.4B 10 $1.94B 3.3:1 VC Ahead 9 Threat Intelligence 27.3% 21.1% $6.9B 12 $3.16B 2.2:1 Oversupplied 10 Consent & Preference Mgmt 22.1% 18.6% $2.0B 7 $2.61B 0.8:1 Oversupplied Source: Gartner 1Q26 Information Security Market Current Outlook (G00846158, March 2026). Growth rates in constant currency. Funding data from CB Insights, Crunchbase, PitchBook. Analysis by Software Strategies Blog, April 2026. The table splits cleanly into three tiers. Five categories are underfunded or locked out (Gap Ratio above 9:1). Two sit in the middle. Three are oversupplied or ahead of the Gartner signal. I update this comparison every quarter as Gartner releases new forecast data. Get the next one in your inbox. The 3 widest gaps Gap #1: CASB — 39:1, and the category is disappearing Gartner projects cloud access security brokers reaching $7.1 billion by 2030 at a 24.3% CAGR. Total startup funding since January 2025: $182 million across just 4 companies. Company Total Funding Last Round Lead Investor HQ Founded Reco $85M $30M Series B Zeev Ventures New York 2020 Seraphic Security $44M $29M Series A GreatPoint Ventures Palo Alto / Israel 2020 Nudge Security $35M $22.5M Series A Cerberus Ventures Austin, TX 2021 Spin.AI $18M+ Undisclosed (K1) K1 Investment Mgmt Palo Alto 2017 The gap is structural, not cyclical. Pure-play CASB startups no longer exist as a standalone category. The buying motion has shifted to SASE platforms. Cato Networks raised $409 million in a Series G in June 2025, but that money funds a unified SASE platform spanning CASB, ZTNA, and SD-WAN. For CISOs, the implication is direct. If your CASB requirement is standalone, your vendor options are Netskope, Skyhigh, Forcepoint, and a handful of sub-$50 million startups. Expect fewer competitive bids and less pricing leverage than in categories where VC is abundant. Gap #2: CSPM — 21.5:1, the fastest-growing category is still starved Cloud security posture management is the single fastest-growing category in Gartner’s entire information security forecast. 33.4% growth in 2026. $16.2 billion by 2030 at a 27.6% five-year CAGR. Total startup funding: $752 million across 6 companies. Company Total Funding Last Round Lead Investor HQ Founded Upwind Security $430M $250M Series B Bessemer Venture Partners San Francisco 2022 Noma Security $132M $100M Series B Evolution Equity Partners New York / Tel Aviv 2023 Sentra $100M+ $50M Series B Key1 Capital New York / Tel Aviv 2021 Native Security $42M $31M Series A Ballistic Ventures Tel Aviv / Seattle 2024 Mondoo $32.5M $17.5M Series A Ext HV Capital San Francisco 2020 AccuKnox $15M $4M Venture DreamIt Ventures Menlo Park 2020 Upwind alone accounts for 57% of all CSPM startup capital. It hit unicorn status at a $1.5 billion valuation in January 2026. But one company cannot fill a $16.2 billion market. Alphabet’s $32 billion acquisition of Wiz in March 2026 removed the largest independent cloud security company from the startup market entirely. In my analysis of $3.6 billion in agentic AI security funding, I tracked how M&A is filling gaps that VC has not. CSPM is a category where that pattern is accelerating. Gap #3: Vulnerability Assessment — 20.9:1, the most active seed-stage category Gartner projects vulnerability assessment at $6.4 billion by 2030. Total VC: $306 million across 6 companies. Company Total Funding Last Round Lead Investor HQ Founded Zafran Security $130M $60M Series C Menlo Ventures New York 2022 Seemplicity $82M+ $50M Series B Sienna Venture Capital Tel Aviv 2020 Cogent Security $53M $42M Series A Bain Capital Ventures San Francisco 2024 Nucleus Security $20M+ $20M Series C Undisclosed Tampa, FL 2018 Onit Security $11M $11M Seed Hetz Ventures Tel Aviv 2025 ZAST.AI ~$10M $6M Pre-A Hillhouse Capital Seattle 2024 ▼ GRAPHIC: GRAPHIC 3 — Top funded startups in underfunded categories (insert after Vuln Assess table) ▼ Figure 3: Total funding by startup across the three underfunded categories (CSPM, CWPP, Vulnerability Assessment). This is the category with the most active early-stage investment. Cogent Security and Onit Security both use AI agents for autonomous vulnerability remediation. Zafran tripled ARR since its prior round. The agentic AI thesis is landing hardest in vulnerability management, and the funding trail shows it. Balbix, which had raised $98.6 million, was acquired in November 2025. For CISOs evaluating this category, the vendor field is young and fragmented. Half of the funded companies were founded in 2024 or later. Where VC is ahead of Gartner Three categories show the opposite pattern. In Consent & Preference Management, OneTrust alone has raised $2.1 billion against a $2.0 billion Gartner projection. In Threat Intelligence, $3.16 billion in VC against a $6.9 billion projection, but Dataminr ($1.24B) and ReliaQuest ($1.13B) account for 75% of the total. In ZTNA, Cato Networks’ $1.1 billion alone represents 57% of all category funding. ▼ GRAPHIC: GRAPHIC 4 — Concentration risk donut charts (insert after VC-ahead section) ▼ Figure 4: Single-company concentration in CWPP, ZTNA, and Threat Intelligence funding. The concentration risk matters. Strip out the single largest company in each oversupplied category and the gap ratios invert. Consent without OneTrust: $510 million, Gap Ratio 3.9:1. Threat Intelligence without Dataminr and ReliaQuest: $790 million, Gap Ratio 8.7:1. ZTNA without Cato: $835 million, Gap Ratio 7.7:1. M&A is filling the gaps VC won’t When startups cannot fill the gap, platform vendors acquire. The $3.6 billion in agentic AI security funding and $96 billion in M&A I tracked in March tells this story at scale. Palo Alto Networks assembled $29 billion in acquisitions. ServiceNow spent $11.6 billion. Alphabet closed $32 billion for Wiz. Veeam acquired Securiti.ai for $1.725 billion, removing the leading subject rights automation vendor from the independent market. Forrester’s 2026 cybersecurity budget data confirms the same pattern from the buyer side. Security budgets are growing, but the spend is concentrating in fewer, larger platform purchases. What this means for CISOs In underfunded categories, build internally or accept platform vendor lock-in. CSPM, vulnerability assessment, and CWPP all have Gap Ratios above 12:1. Fewer funded startups means fewer competitive alternatives. If your preferred vendor gets acquired, as Wiz, Securiti.ai, and Balbix all were, your roadmap depends on the acquirer’s priorities, not yours. In oversupplied categories, use the competition for better pricing. ZTNA, threat intelligence, and consent management have abundant VC-backed alternatives. Negotiate harder. Run competitive evaluations with three or more vendors. The funding data tells you which categories give you leverage. Watch for single-company concentration. Chainguard holds 70% of all CWPP startup funding. Cato holds 57% of ZTNA. OneTrust holds 80% of consent management. If any of these companies pivots, gets acquired, or fails, the category funding picture changes overnight. Bottom line Gartner projects $93.2 billion in 2030 spending across the 10 fastest-growing security categories. Venture capital has funded $11.2 billion in startups since January 2025. The 8.3:1 blended gap tells you the overall story. The category-level ratios tell you where to act. Cloud security posture management, vulnerability assessment, and cloud workload protection are growing at 2x to 3x the market average but remain underfunded relative to Gartner’s projections. Two categories, firewall equipment and pure-play CASB, have no startup investment at all. Platform vendors are filling gaps through acquisition at a pace that is reshaping every competitive evaluation. This is the third quarter I have tracked Gartner’s security forecast against independent funding data. The gap between enterprise demand and startup supply keeps widening. Gartner’s 2Q26 forecast lands in July. I will break down the updated Gap Ratios the week it drops. I wrote a shorter editorial take on what these gaps mean for CISO budgets on my Substack. Source: Gartner, Information Security Market Current Outlook, Worldwide, 1Q26 (G00846158), March 2026. Growth rates in constant currency. Dollar figures in current U.S. dollars. Funding data from CB Insights, Crunchbase, PitchBook, Statista. Cross-referenced against company press releases. Analysis by Software Strategies Blog.

The master table: Gartner forecast vs. startup funding by category

I mapped each Gartner category against every cybersecurity startup that raised equity or debt since January 2025. Each company is assigned to one primary category to avoid double-counting. Gap Ratio is the Gartner 2030 market projection divided by total VC raised. Higher means wider gap.

# Gartner Security Category 2025-26 GR 5yr CAGR 2030 Proj Startups Total VC Gap Ratio Verdict
1 Cloud Access Security Brokers (CASB) 27.2% 24.3% $7.1B 4 $182M 39:1 Critical Gap
2 Firewall Equipment (NGFW/FWaaS) 15.9% 9.1% $26.7B 0 $0 Incumbent Lock
3 Cloud Security Posture Mgmt (CSPM) 33.4% 27.6% $16.2B 6 $752M 21.5:1 Underfunded
4 Vulnerability Assessment 15.7% 12.0% $6.4B 6 $306M 20.9:1 Underfunded
5 Cloud Workload Protection (CWPP) 25.9% 21.0% $16.1B 8 $1.28B 12.6:1 Underfunded
6 Subject Rights Request Automation 16.2% 12.3% $2.3B 2 $240M 9.6:1 M&A Absorbed
7 Network Detection & Response (NDR) 15.6% 12.4% $4.1B 4 $701M 5.9:1 Moderate Gap
8 Zero Trust Network Access (ZTNA) 23.0% 20.9% $6.4B 10 $1.94B 3.3:1 VC Ahead
9 Threat Intelligence 27.3% 21.1% $6.9B 12 $3.16B 2.2:1 Oversupplied
10 Consent & Preference Mgmt 22.1% 18.6% $2.0B 7 $2.61B 0.8:1 Oversupplied

Source: Gartner 1Q26 Information Security Market Current Outlook (G00846158, March 2026). Growth rates in constant currency. Funding data from CB Insights, Crunchbase, PitchBook. Analysis by Software Strategies Blog, April 2026.

The table splits cleanly into three tiers. Five categories are underfunded or locked out (Gap Ratio above 9:1). Two sit in the middle. Three are oversupplied or ahead of the Gartner signal.

I update this comparison every quarter as Gartner releases new forecast data. Get the next one in your inbox.

The 3 widest gaps

Gap #1: CASB — 39:1, and the category is disappearing

Gartner projects cloud access security brokers reaching $7.1 billion by 2030 at a 24.3% CAGR. Total startup funding since January 2025: $182 million across just 4 companies.

Company Total Funding Last Round Lead Investor HQ Founded
Reco $85M $30M Series B Zeev Ventures New York 2020
Seraphic Security $44M $29M Series A GreatPoint Ventures Palo Alto / Israel 2020
Nudge Security $35M $22.5M Series A Cerberus Ventures Austin, TX 2021
Spin.AI $18M+ Undisclosed (K1) K1 Investment Mgmt Palo Alto 2017

The gap is structural, not cyclical. Pure-play CASB startups no longer exist as a standalone category. The buying motion has shifted to SASE platforms. Cato Networks raised $409 million in a Series G in June 2025, but that money funds a unified SASE platform spanning CASB, ZTNA, and SD-WAN.

For CISOs, the implication is direct. If your CASB requirement is standalone, your vendor options are Netskope, Skyhigh, Forcepoint, and a handful of sub-$50 million startups. Expect fewer competitive bids and less pricing leverage than in categories where VC is abundant.

Gap #2: CSPM — 21.5:1, the fastest-growing category is still starved

Cloud security posture management is the single fastest-growing category in Gartner’s entire information security forecast. 33.4% growth in 2026. $16.2 billion by 2030 at a 27.6% five-year CAGR. Total startup funding: $752 million across 6 companies.

Company Total Funding Last Round Lead Investor HQ Founded
Upwind Security $430M $250M Series B Bessemer Venture Partners San Francisco 2022
Noma Security $132M $100M Series B Evolution Equity Partners New York / Tel Aviv 2023
Sentra $100M+ $50M Series B Key1 Capital New York / Tel Aviv 2021
Native Security $42M $31M Series A Ballistic Ventures Tel Aviv / Seattle 2024
Mondoo $32.5M $17.5M Series A Ext HV Capital San Francisco 2020
AccuKnox $15M $4M Venture DreamIt Ventures Menlo Park 2020

Upwind alone accounts for 57% of all CSPM startup capital. It hit unicorn status at a $1.5 billion valuation in January 2026. But one company cannot fill a $16.2 billion market.

Alphabet’s $32 billion acquisition of Wiz in March 2026 removed the largest independent cloud security company from the startup market entirely. In my analysis of $3.6 billion in agentic AI security funding, I tracked how M&A is filling gaps that VC has not. CSPM is a category where that pattern is accelerating.

Gap #3: Vulnerability Assessment — 20.9:1, the most active seed-stage category

Gartner projects vulnerability assessment at $6.4 billion by 2030. Total VC: $306 million across 6 companies.

Company Total Funding Last Round Lead Investor HQ Founded
Zafran Security $130M $60M Series C Menlo Ventures New York 2022
Seemplicity $82M+ $50M Series B Sienna Venture Capital Tel Aviv 2020
Cogent Security $53M $42M Series A Bain Capital Ventures San Francisco 2024
Nucleus Security $20M+ $20M Series C Undisclosed Tampa, FL 2018
Onit Security $11M $11M Seed Hetz Ventures Tel Aviv 2025
ZAST.AI ~$10M $6M Pre-A Hillhouse Capital Seattle 2024

 

This is the category with the most active early-stage investment. Cogent Security and Onit Security both use AI agents for autonomous vulnerability remediation. Zafran tripled ARR since its prior round. The agentic AI thesis is landing hardest in vulnerability management, and the funding trail shows it.

Balbix, which had raised $98.6 million, was acquired in November 2025. For CISOs evaluating this category, the vendor field is young and fragmented. Half of the funded companies were founded in 2024 or later.

Where VC is ahead of Gartner

Three categories show the opposite pattern. In Consent & Preference Management, OneTrust alone has raised $2.1 billion against a $2.0 billion Gartner projection. In Threat Intelligence, $3.16 billion in VC against a $6.9 billion projection, but Dataminr ($1.24B) and ReliaQuest ($1.13B) account for 75% of the total. In ZTNA, Cato Networks’ $1.1 billion alone represents 57% of all category funding.

The concentration risk matters. Strip out the single largest company in each oversupplied category and the gap ratios invert. Consent without OneTrust: $510 million, Gap Ratio 3.9:1. Threat Intelligence without Dataminr and ReliaQuest: $790 million, Gap Ratio 8.7:1. ZTNA without Cato: $835 million, Gap Ratio 7.7:1.

M&A is filling the gaps VC won’t

When startups cannot fill the gap, platform vendors acquire. The $3.6 billion in agentic AI security funding and $96 billion in M&A I tracked in March tells this story at scale. Palo Alto Networks assembled $29 billion in acquisitions. ServiceNow spent $11.6 billion. Alphabet closed $32 billion for Wiz. Veeam acquired Securiti.ai for $1.725 billion, removing the leading subject rights automation vendor from the independent market.

Forrester’s 2026 cybersecurity budget data confirms the same pattern from the buyer side. Security budgets are growing, but the spend is concentrating in fewer, larger platform purchases.

What this means for CISOs

In underfunded categories, build internally or accept platform vendor lock-in. CSPM, vulnerability assessment, and CWPP all have Gap Ratios above 12:1. Fewer funded startups means fewer competitive alternatives. If your preferred vendor gets acquired, as Wiz, Securiti.ai, and Balbix all were, your roadmap depends on the acquirer’s priorities, not yours.

In oversupplied categories, use the competition for better pricing. ZTNA, threat intelligence, and consent management have abundant VC-backed alternatives. Negotiate harder. Run competitive evaluations with three or more vendors. The funding data tells you which categories give you leverage.

Watch for single-company concentration. Chainguard holds 70% of all CWPP startup funding. Cato holds 57% of ZTNA. OneTrust holds 80% of consent management. If any of these companies pivots, gets acquired, or fails, the category funding picture changes overnight.

Bottom line

Gartner projects $93.2 billion in 2030 spending across the 10 fastest-growing security categories. Venture capital has funded $11.2 billion in startups since January 2025. The 8.3:1 blended gap tells you the overall story. The category-level ratios tell you where to act.

Cloud security posture management, vulnerability assessment, and cloud workload protection are growing at 2x to 3x the market average but remain underfunded relative to Gartner’s projections. Two categories, firewall equipment and pure-play CASB, have no startup investment at all. Platform vendors are filling gaps through acquisition at a pace that is reshaping every competitive evaluation.

This is the third quarter I have tracked Gartner’s security forecast against independent funding data. The gap between enterprise demand and startup supply keeps widening. Gartner’s 2Q26 forecast lands in July. I will break down the updated Gap Ratios the week it drops. I wrote a shorter editorial take on what these gaps mean for CISO budgets on my Substack.

Source: Gartner, Information Security Market Current Outlook, Worldwide, 1Q26 (G00846158), March 2026. Growth rates in constant currency. Dollar figures in current U.S. dollars. Funding data from CB Insights, Crunchbase, PitchBook, Statista. Cross-referenced against company press releases. Analysis by Software Strategies Blog.

 

Dec 30

1 Comment

AI Security market 2025 funding data, top startups, and the ServiceNow factor

ServiceNow dropped $11.6 billion on security acquisitions in 2025 alone. Armis for $7.75 billion. Moveworks for $2.85 billion. Veza for roughly $1 billion. In 2025, just one company, ServiceNow, spent more on acquiring security startups than 175 startups raised in two years. Meanwhile, the entire AI security startup ecosystem raised $8.5 billion across 175 companies over 24 months. That single data point should reshape how security leaders think about vendor consolidation and how AI builders think about their exit paths.

I analyzed Crunchbase data covering every AI security startup that raised Series A, B, or C funding between January 2024 and December 2025. The patterns are striking.

The acceleration is real

Q1 2024: $274 million across 8 deals. Q4 2025: $2.17 billion across 28 deals. That’s 8x growth in quarterly funding over two years.

The full-year numbers tell the story more clearly. 2024 saw $2.16 billion in total funding. 2025 hit $6.34 billion, nearly tripling. Average deal sizes jumped from $34 million to $54 million. This isn’t a gentle upward trend. The market is restructuring in real time.

Where the money flows

Network and Zero Trust infrastructure captured $1.9 billion across 44 companies. Tailscale‘s $161 million Series C reflects what enterprises already know. VPN architectures are dying. Identity-based access is replacing them.

Threat Detection and SOC automation drew $1.2 billion across 28 companies. 7AI‘s $130 million Series A stands out as one of the largest A funding rounds in this category. The bet: AI agents can handle the full security operations lifecycle at a scale human analysts cannot match.

Identity and Access Management pulled $990 million. But here’s what matters: that money went to just 6 companies. Saviynt‘s $700 million Series B dominates the category. When one company captures 71% of a category’s funding at Series B, investors see platform consolidation ahead. ServiceNow’s Veza acquisition, three weeks later, validated that thesis.

Insights into deal sizes

Median tells a different story from average deal sizes. Series A median: $20 million. Series A average: $28 million. The gap widens at later stages. Series C median: $85 million. Series C average: $119 million.

Translation: mega-deals skew the data significantly. Eighteen companies raised $100 million or more. Those 18 deals represent 10% of companies but 40% of total funding. For every Saviynt raising $700 million, dozens of startups are raising $15-25 million Series A rounds.

The AI/LLM security gap

Only 13 companies focus specifically on securing AI systems, LLMs, and agentic applications. Total funding: $414 million. That’s less than 5% of the $8.5 billion total. For context: ServiceNow paid more for Veza alone than the entire AI/LLM security category raised in two years.

The players building in this space:

Noma Security ($100M, Series B). Unified AI and agent security platform.

Credo AI ($21M, Series B). AI governance and compliance automation.

Lakera ($20M, Series A). Real-time GenAI security against LLM vulnerabilities.

Prompt Security ($18M, Series A). Enterprise generative AI adoption platform.

GetReal Security ($17.5M, Series A). Deepfake and AI-generated impersonation defense.

Jericho Security ($15M, Series A). Training against generative AI-powered attacks.

Enterprises are deploying AI systems at unprecedented rates. Shadow AI breaches cost $4.63 million per incident. That’s $670,000 more than standard breaches, according to IBM’s 2025 Cost of a Data Breach Report. Model Context Protocol vulnerabilities. Prompt injection attacks. Data exfiltration through AI assistants. The attack surface expands while protection lags.

Either these 13 companies scale rapidly, established players acquire their way into the space, or CISOs face a protection gap without commercial solutions.

How spending breaks out geographically

The U.S. captured $6.1 billion across 119 companies. That’s 71% of total funding. Israel remains the second hub: 15 companies, $738 million. Germany, the UK, and Canada trail with single-digit percentages.

Within the U.S., California dominates: $2.7 billion across 62 companies. That’s more than all non-U.S. markets combined ($2.4 billion). Texas ($865M), New York ($667M), and Colorado ($295M) round out the top states.

The concentration creates vendor risk. Regulatory fragmentation between the U.S. and EU markets. Geopolitical tensions affecting Israeli companies. Single-region dependency in security infrastructure. These are fundamental considerations for enterprise security architects.

ServiceNow’s acquisitions signal large-scale consolidation

ServiceNow’s 2025 acquisition spree warrants its own analysis. Armis brings cyber-physical security and OT/IoT visibility. Moveworks adds agentic AI capabilities. Veza delivers identity security for the AI era. The company calls it an “AI control tower.” A unified security stack that sees, decides, and acts across the entire technology footprint.

The driver: ServiceNow’s Security and Risk business crossed $1 billion in annual contract value in Q3 2025. They expect Armis alone to triple their market opportunity. When a platform vendor invests $11.6 billion in its own security workflows, point solutions become acquisition targets or competitors.

What this means for 2026

For security leaders: Map your vendor portfolio against both funding momentum and M&A activity. Startups with strong backing will survive consolidation. Others won’t. Audit your AI deployment pipeline against available protections. The gap between AI adoption and AI security is widening. Accelerate zero-trust adoption while solutions mature.

For AI builders: Security isn’t a feature to add later. The $414 million flowing into AI/LLM security represents smart money recognizing that unprotected AI systems are enterprise liabilities. Build with guardrails or build vulnerabilities.

Analysis based on Crunchbase data covering 175 AI security startups that raised Series A, B, or C funding between January 2024 and December 2025. ServiceNow acquisition data from the company’s press releases dated December 2025.

Oct 28

Top ten cybersecurity startups to watch in 2025 according to $3.21B in investor bets

Top Ten Cybersecurity Startups to Watch in 2025 According to $3.21B in Investor Bets

While the industry still debates whether AI will transform cybersecurity, investors have already made up their minds.

Based on an analysis of the latest Crunchbase data compiled recently that spans January 2024 to October 2025, ten standout startups captured $1.41 billion in new funding, signaling that machine-speed defense against AI-driven threats is no longer optional; it’s an operational reality. Together, these ten startups have raised $3.21 billion, which represents one of the heaviest capital concentrations in cybersecurity startups to date.

Investors are gravitating to cybersecurity startups that solve complex problems

CrowdStrike’s Falcon 2025 event, held earlier this year in Las Vegas, showcased a series of new agentic AI developments that, taken together, reflect how cross-platform and cross-competitor collaboration aimed at shutting down increasingly complex weaponized AI threats leads to faster innovation. VentureBeat’s analysis of the many announcements there explains how the cybersecurity company is betting on agentic AI to defeat adversaries.

Interested in quantifying how AI is impacting investors’ decisions, I completed an analysis using Crunchbase data covering 342 verified cybersecurity startups with active funding. Selection was weighted toward recent momentum, total funding scale, stage maturity, AI integration, and proof through multiple rounds.

The key takeaway: Institutional capital is consolidating around companies that make autonomous security practical, and agentic AI is at the core of that direction. But AI is not enough; investors are looking for the ability to scale in enterprises once they have AI integrated into their core platforms.

AI in cybersecurity: Tablestakes, not a ticket to premium valuation

Sixty percent of startups integrate AI into their core technology. Yet contrary to hype, that hasn’t bought them higher valuations.

  • AI-integrated startups average $283M in funding.
  • Non-AI specialists average $378M.

Crunchbase data shows investors reward defensible specialization as much as AI capability. Quantinuum’s $925M for post-quantum cryptography and Zama’s $139M for homomorphic encryption prove that solving foundational security problems often supersedes AI as a differentiator.

Still, AI holds weight in investment decisions. Six AI-driven startups pulled $1.70B (52.8%), while four non-AI companies captured $1.51B (47.2%). Both models earn trust by underscoring AI for operational speed and deep tech for architectural resilience. And with seven of ten now at Series B maturity, investors are backing platforms that have already demonstrated enterprise traction, not experiments.

1. Quantinuum ($925M, Series B) Post-Quantum Defense. Closed a $600M Series B in August 2025. The company is building the only mathematical safeguard against the inevitable collapse of RSA and ECC encryption under quantum computing.

2. Saronic ($845M, Series B) Autonomous Maritime Security, Raised $175M in July 2024 for AI-powered unmanned surface vessels. With 90% of trade moving across exposed waterways, Saronic brings AI defense to the physical infrastructure that most enterprises overlook.

3. Auradine ($314M, Series B) AI Silicon for Security. Raised $80M to expand custom silicon that accelerates cryptographic workloads 10x faster than general-purpose hardware, eliminating bottlenecks in AI-driven security deployments.

4. Tines ($271M, Series B) No-Code Automation. Secured $50M Series B. Turns analysts into automation builders, saving 40+ hours weekly with drag-and-drop workflows that are proving critical for overextended SOC teams.

5. Dream Security ($198M, Series B) Critical Infrastructure Defense. Closed $100M in 2025. Their sovereign AI platform equips critical infrastructure with defenses calibrated to nation-state-level threats, providing a layer that traditional enterprise tools cannot reach.

6. Upwind Security ($180M, Series A)  Runtime Cloud Visibility. Raised $100M in December 2024. Focused on runtime intelligence, detecting abnormal behavior live rather than flagging static misconfigurations. Reduces false positives, elevates real threats.

7. Zama ($139M, Series B)  Homomorphic Encryption. Raised $57M in June 2025 after a $73M Series A in March 2024. Provides production-ready fully homomorphic encryption, enabling AI models to compute securely on encrypted data.

8. Noma Security ($132M, Series B)  Securing AI Agents. Closed $100M in 2025. Built to harden AI systems against prompt injection and model poisoning as enterprises push decision-making into autonomous agents.

9. ZeroEyes ($107M, Series B)  Firearm Detection AI. Raised $53M in 2025. Eleven rounds in, their AI models detect firearms on video feeds in seconds—cutting active shooter response time dramatically.

10. Upscale AI ($100M, Seed)  AI Networking Infrastructure. Raised a $100M Seed round in 2025. Building AI-native networking with hardware-accelerated encryption, aimed at high-performance compute environments.

The Bottom Line

Series B dominance (70%) shows that capital is flowing into platforms with market traction, not speculative bets. Forty-six rounds across these ten companies demonstrate durability and enterprise validation. The signal to security leaders is becoming clear based on the escalating nature of weaponized AI attacks: manual security processes are now liabilities. Defending at human speed against AI-enabled attackers is untenable. Investors understand this. $1.41B in recent capital confirms it.

May 4

2 Comments

Software Firms Now 42% Of Venture Capital Invested In 2014

Cloud Computing SaaS Forecasts Just over $4B was invested in software deals by venture capitalists (VCs) during Q1, 2014, four times as much as biotechnology.

Software deals netted out 42% of all dollars invested in the first quarter of 2014, with biotechnology receiving 11%.  VCs invested $816M in IT Services or 9% of all dollars, making this the third largest investment category.  Interest in IT Services continues to accelerate, with dollars invested in this category increasing 33% compared to the prior quarter.

These findings are from the latest edition of The MoneyTree Report, a quarterly study of venture capital investment in the United States produced by PricewaterhouseCoopers and the National Venture Capital Association (NVCA) using Thomson Reuters data.  You can find the full data sets of the study here in Microsoft Excel format.  The MoneyTree Report Q4 2013/ Full-year 2013 is also available in PDF form here and there is no opt-in to download it.

Take-Aways From The Study

  • A total of $9.5B in 951 deals was invested in the first quarter of this year, up 12% in dollars and down 14% in the number of deals compared to the 4th quarter of 2013.  In the previous quarter, a total of $8.4B was invested in 1,112 deals.
  • In 2013, $11B (37%) of all venture investments were in software, $4.6B (16%) in biotechnology and $2.96B (10%) were in Media and Entertainment.  The following graphic shows the distribution of amounts invested by industry in 2013.  Please click on the graphic to expand for easier reading.

Distribution of amount invested by industry 2013

  • In the first quarter of 2014, software companies also received three times the number of deals of the next closest industry category, Media & Entertainment.  46% or 126 software deals were completed in Q1, compared to 40 in Media & Entertainment. Biotechnology companies were third with 8% or 22 deals.  The following graphic provides a comparison of deals by industry for Q1, 2014.  Please click on the graphic to expand it for easier reading.

distribution of venture capital deals Q1 2014

  • Kleiner Perkins Caufield & Byers, First Round Capital, New Enterprise Associates, Inc. and Andreessen Horowitz LLC completed the most venture capital deals in 2013, as the graphic below shows.  Please click on the graphic to expand for easier reading.

distribution of deals by vc firm in 2013

  • Software’s dominance in Q1, 2014 relative to other industries is evident in the following graphic, showing 42% of dollars invested followed by biotechnology (11%) and IT Services (9%).  The study data shows nine of the 17 industries are shrinking it terms of venture investments.  Telecommunications is down 68%, Networking and Equipment down 47% and semiconductors, down 17%.  Please click on the graphic to expand it for easier reading.

distribution of amounts invested by industry Q1 2014

  • Overall first-time financing decreased 25% to $1.2B in Q1, with a corresponding 24% drop in the number of companies to 271.
  • 48% of dollars invested during Q1 into companies receiving venture capital for the first time are in the software industry.  46% of the deals to 126 companies who captured $571M in Q1 lead to this industry dominating first sequencing investments.
  • Top regions where startups received funding in Q1 include Silicon Valley (50% of all VC funding), New England (11%) and the New York Metro Area (10%).  The Los Angeles/Orange County area was fourth with 5% of all venture funding in Q1, 2014.