Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth at Monad and former detection engineer in big tech. Each week, I bring you the latest security product innovation and industry news. Subscribe to receive weekly updates!

Subscribe now

Share

See What Really Matters: Maze’s AI Agents Triage Vulnerabilities for You

Security teams spend countless hours chasing vulnerabilities - most of which will never be exploited. A recent Maze case study on CVE‑2025‑27363 shows how our AI Agents investigate vulnerabilities like an expert human would to confirm if an issue is exploitable in your environment. If it’s irrelevant, it stays low priority. If it's actionable risk, it gets flagged fast.

That means less false positives, efficient remediation, and smarter security posture - without the usual guesswork.

Explore Maze Today

👉 Want to sponsor the TCP newsletter? Learn more here.

Howdy! Hope you're doing well wherever you're tuning in from 🤗. I'm currently writing this from Boston as Splunk .conf '25 comes to an end. While I cover some key highlights today, I'll have a full write-up out with my takeaways soon.

Aside from that, I attended a media retreat this past weekend at Lake Junalaska in Asheville, NC with 50+ creators. It was a fantastic growth experience with some great people. There's something special about people who will things into this world on a consistent basis. More travel coming up today and next week for the Monad company offsite!

Before we get started, I wanted to take a moment to commemorate all the lives lost and families impacted in the Sept. 11, 2001 attacks. Also, RIP to Charlie Kirk. Be kinder to one another. The world needs it!

That said, let’s do cyber things 🕺🏽

TL;DR 📰

• 🦾 Splunk doubles down on Agentic AI, data fabric, and federated search at their 2025 user conference.

• 🎏 Koi emerges from stealth with $48M - endpoint security for non-binary stuff

• 🔑 Hush Security raises $11M seed - secretless IAM, policy-driven access

• 🤝 SentinelOne to acquire Observo AI for $225M, similar acquisition to CrowdStrike’s $290M Onum purchase. Agentic SOC race.

• 💰 SailPoint Q2FY26 revenue hits $264M (33% YoY, beat expectations), SaaS +36% YoY

• 🔨 AegisAI raises $13M seed. AI-native email security. Co-led by Accel and Foundation Capital.

• 📱 Venezuela’s Maduro claims Huawei Mate X6 gifted by Xi Jinping is “unhackable”…

• 🏭 Mitsubishi Electric acquires Nozomi Networks (IoT/OT security) for $883M

• ✂️ A Detection Engineer’s Guide to SIEM Cost Reduction - Monad

• 🧑‍💻 DryRun launches Code Insights MCP - AI-powered code review + natural language querying)

• 🐧 Wiz launches WizOS - container base images, near-zero CVEs, provenance

• 📊 Sola Security raises $35M - AI-driven no-code security apps

• 🛡️ TENEX raises $27M Series A - AI-native MDR

• 🗡️ FireCompass raises $20M - AI-driven offensive security platform

⚒️ Picks of the Week ⚒️

The Future of SecOps x Splunk .conf 25

There's no doubt that security operations will look differently 2-3 years from now. For one, most SOC teams simply can't keep up w/ all the alerts, data wrangling, investigations etc. AI will change this, but to what extent? There's alot funding being poured into AI SOCs, PANW and CRWD entered the SIEM race, and the recent acquisitions in the security data pipeline space hint at bigger players doubling down on the space. I have a lot of thoughts on this and I will save them for a bit later.

In the meantime, here are the key highlights from the past week, including major announcements at this year's Splunk user conference:

• Doubling down on Agentic AI with new capabilities including:

  • Triage agent, malware reversing agent, AI playbook authoring, AI-powered detection library

• Doubling down on the "data fabric" to power Cisco security solutions + enabling their customers to build proprietary AI/ML on their own data. This includes a Time Series Foundation Model built specifically for anomaly detection, automated root cause analysis, etc. It'll be listed on Hugging Face in November.

• Two new versions of Splunk Enterprise Security (ES)

  • Premier - ES 8.2 + SOAR + UEBA + Splunk AI Assistant (tier 1 + tier 2 automation)

  • Essentials - ES 8.2 + Splunk AI Assistant (tier 1 + tier 2 automation)

There were many announcements, but these are my top 3. I also tested some of their latest stuff via workshops. Great to see Splunk continuing to innovate and doubling down on AI. They're still the de facto SIEM for large enterprises regardless of what you may read on LinkedIn.

Will that remain true forever? 🤷🏽‍♂️ I'll have a full write-up on Splunk .conf coming out soon, keep an eye for that!

SentinelOne Announces Plans to Acquire Observo AI

Two weeks ago, CrowdStrike announced their plans to acquire Onum for $290M and this week, SentinelOne enters agreement to purchase Observo AI for ~$225M. Both are on the hunt in the agentic SOC play. Congrats to the Observo team and their investors!

🧘🏽‍♂️Extend Your SOC Team with AI-Powered Security Operations 🧘🏽‍♂️

Tired of an endless alert backlog and too many false positives?

Intezer's Autonomous SOC solution automates investigations and triage decisions, freeing up your team to focus on what matters most. Discover how enterprise teams and top MSSPs are using AI-powered alert triage to cut through the noise, enhancing their SOC analysts' efficiency and accuracy.

See Intezer in action

A Detection Engineer’s Guide to SIEM Cost Reduction

I recently teamed up w/ Asante Babers, Fmr. Detection engineer at Okta and U.S. DoW, to write a technical guide on how log optimization can lead to tens of thousands in saving on SIEM bills. Based on the LinkedIn reaction, seems like people really enjoyed the post *shrug*

Go check it out and let me know what you think!

The NPM Supply Chain Attack that Wasn't

I haven't had the chance to dig into this much, but I did see the hoopla and FUD (Fear, Uncertainty, and Doubt) on the internets. Often times, a big scary critical vuln or attack is discovered that would in theory wreak havoc, if widely exploited. The media and vendors amplify the story without validating severity or real-world impact which then leads to security teams scrambling to assess exposure + potential impact. This causes whiplash and burnout given how much shit is discovered on a weekly basis. Not fun.

If you're media or a vendor reading this, take a step back and analyze the situation before blasting posts on socials in ALL CAPS that this is THE LARGEST XYZ VULN/ATTACK EVER DISCOVERED.

Here’s Wiz’s research on it if you’re looking to get brought up to speed.

Strong Q2 Performance for SailPoint

• Revenue: $264M (33% YoY growth) vs. $240.58M expected by Wall St.

• SaaS business grew 36% YoY

• Shares were down 7% in after hours trading.

Key theme is Agentic AI identity security as you would imagine.

Full presentation can be found here.

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

Apparently the Chinese President, Xi Jinping, gifted the Venezuelan President, Nicolas Maduro, a Huawei Mate x6 phone that Maduro believes to be un-hackable… doubt it. Everything can be hacked given enough time + access, even if its running a never before seen OS.

Mitsubishi Electric acquires cybersecurity provider Nozomi Networks for $883M

Mitsubishi which is an industrial equipment manufacturer, from HVAC to automotive, to aviation and everything in between, has acquired Nozomi Networks (IoT/OT security) for $883M. Mitsubishi did $37.4B in revenue in their most recent year. Nozomi will continue to operate as a standalone entity. This gives Mitsubishi a competitive advantage against other industrial IoT manufacturers as they can market themselves as being more secure.

I’d imagine some of their competitors use Nozomi so it’ll be interesting to see how that plays out. I can foresee some churn there.

🔮 The Future of Security 🔮

Application Security

DryRun Launches Code Insights MCP

DryRun Security launched Code Insights MCP, a Model Context Protocol server that gives security teams AI-powered visibility into critical code changes that typically slip through reviews - like authentication redesigns, payment gateway swaps, or new admin endpoints. The tool lets teams query their codebase naturally (i.e., "What risky features shipped this month?") and generate audit reports in seconds.

Cloud Security

Wiz launched WizOS in public preview

Container base images built from source with near-zero CVEs to replace open source images. The platform identifies which existing containers can be swapped for WizOS images, shows vulnerability reduction impact, suggests swaps in PRs, and includes a package repository for customization. Images are glibc-based, use apk package manager, and come with SBOMs and provenance data.

Sola Security Raises $35M Led by S32 with Microsoft M12

Sola Security raised $35M (S32 led, with Microsoft M12, Michael Moritz, New Era Capital, S Capital, Glilot Capital) for its AI platform that lets security teams build apps using prompts. The Tel Aviv-based company's platform connects to systems (AWS, databases, etc.), generates SQL queries to search for vulnerabilities, and creates dashboards with alerts - essentially no-code security app creation. Since launching in March, they've gained 2,000+ users who've built over 1,000 security apps to detect issues like unencrypted S3 buckets and excessive account permissions.

Email Security

AegisAI Raises $13M Seed for AI-Native Email Security

AegisAI raised $13M seed (Accel and Foundation Capital co-led) for AI-native email security founded by ex-Google Safe Browsing leaders Cy Khormaee and Ryan Luo. The platform uses orchestrated AI agents (10+ custom LLMs) that analyze every email component in real-time - links, attachments, QR codes, metadata - without relying on static rules.

Endpoint Security

Koi emerges from stealth with $48M in funding through Series A

Koi Security raised $48M (Battery Ventures, Team8, Picture Capital, NFX) to address endpoint security for non-binary software - code packages, AI models, containers, and extensions that traditional EDRs and MDMs can't monitor. Their platform provides visibility into all endpoint software, assesses risk, and blocks threats.

Identity and Access Management Security

Hush Security emerges from stealth with $11M seed

Hush Security emerged from stealth with a platform that eliminates password vaults and secret managers entirely, replacing stored credentials with dynamic, policy-based access that adapts in real-time. With backing from Battery Ventures and YL Ventures, Hush aims to end credential-based attacks by removing credentials from the equation altogether, with Gartner predicting 40% of organizations will adopt this secretless approach by 2027.

Offensive Security

FireCompass Raises $20 Million for Offensive Security Platform

FireCompass raised $20M from EC-Council (creator of the CEH certification), bringing total funding to ~$30M. The Bengaluru-based company's platform combines six offensive security capabilities (attack surface management, pen testing, red teaming, etc.) using AI to automatically chain vulnerabilities and simulate real attacks.

Security Operations

TENEX Raises $27M Series A for AI-Native MDR

TENEX raised $27M Series A (Crosspoint Capital led, with a16z and Shield Capital) for its AI-native MDR service that uses agentic AI for detection, triage, and response with human oversight.

Founded by security veterans from Google Chronicle, Cyderes, and major enterprises, the company hit $10M+ revenue in six months with Fortune 500/Global 2000 customers. The platform deploys AI agents to handle alerts and correlate signals, escalating to humans when needed, and integrates with Google Cloud and Microsoft security ecosystems.

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~7,300 CISOs, practitioners, founders, and investors across 125+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!