Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth at Monad and former detection engineer in big tech. Each week, I bring you the latest security product innovation and industry news. Subscribe to receive weekly updates!

Subscribe now

Share

I Can’t Believe It’s Not SIEM^TM

Never worry about normalization or learning another query language again. Now you can unify search, detection, and triage across all your data and tools with Vega’s Security Analytics Mesh (SAM), the AI-native layer for SecOps teams.

Analyze data where it already lives, cut ingestion costs, and unlock real-time visibility with zero disruption. Vega uncovers blind spots, creates precise detections, and auto-fixes rules to give you self-improving SecOps coverage that is truly vendor-agnostic. No SIEM required.

Learn more at Vega.io

Want to sponsor the TCP newsletter? Learn more here.

Howdy!

I’m back from two weeks in Peru. Extremely enriching experience. Hiking a 75° incline mountain at 14,000ft+ altitudes. Machu Pichu. Spending a few nights with local tribes. Disconnecting from tech and spending time with family. It’s a great reminder of what life is all about.

This is your reminder to take your PTO. If the system can’t operate without you, a better system is needed. Also, it’s hard to do epic shit when your cup is half empty.

In other news, lots happened over these past two weeks. I reached far back to cover the most impactful stuff. Lots of fundraising, FUD around AI-powered attacks, product launches.. you know, the usual.

Before we dive in, who’s attending the Cyber Marketing Conference Dec. 7th - 10th in Austin? I’ll be presenting on the power of technical writing for generating high-intent pipeline. Come hang! 🤗

All that said, let’s dive in!

TL;DR 📰

• ⚡ Cloudflare outage takes down half the internet – Routine database change crashed proxy infrastructure, affecting Claude, Spotify, X.

• 📈 ~90% of CISOs expect budget increases in 2026 – Wiz survey shows 90% expect 2026 increases, yet 56% say current budgets insufficient

• 🎭 Anthropic disrupts Chinese AI cyberattack – Threat actors used Claude Code for 80-90% automated attacks after social engineering

• 🎯 Neon Cyber extends security to the browser – Real-time detection and blocking of phishing, credential theft, and post-click threats.

• 🚀 Tenzai exits stealth with $75M seed – Guardicore founders’ AI pentesting startup gets one of largest cybersecurity seeds

• ⚙️ Impart.ai launches AI-native runtime protection – Conversational security policy creation with NVIDIA Inception backing

• 🪪 Aembit tackling AI agent identity crisis – New IAM gives agents distinct identities + human context binding

• 🦄 Armis raises $435M at $6.1B valuation – Goldman Sachs leads pre-IPO round, targeting 2026-2027 IPO

• 🍎 Jamf going private for $2.2B – Francisco Partners acquiring at 50% premium to 90-day average

• 🌅 Daylight Security raises $33M Series A – Unit 8200 veterans’ AI-powered MDR claims 90% false positive reduction

• 🌊 Coalition acquires Wirespeed – Cyber insurer adds MDR startup forprevention capabilities

• 🛒 Zscaler Buys AI Security Outfit SPLX

• 🖥️ Push Security and GuidePoint Partner to Deliver Browser-Based D&R

• 🌩️ Apono Raises $34 Million for Cloud Identity Management Platform

• 🔑 Truffle Security secures $25M

• 💫 Nudge Security Raises $22.5 Million in Series A Funding

• 💡Flare Raises $30 Million for Threat Exposure Management Platform

⚒️ Picks of the Week ⚒️

A look at Cloudflare’s recent global outage

Yesterday, it felt like half the internet went down again taking Claude, Spotify, X, and more with it. This time, Cloudflare was responsible. Feels like just last week, AWS did the same.

In any case, shit happens especially when you run at Cloudflare or AWS scale. Doesn’t matter how elastic and horizontally scalable your Kubernetes cluster is, redundancy on databases etc. Given enough time and change, systems fail, humans make errors or something out of your reach goes wrong.

What matters most is recovery times and transparency. Cloudflare is typically very good at both.

In this case, it was a ‘routine’ change in a Cloudflare-managed Clickhouse database instance which caused their Bot Management feature file to balloon beyond size limits, crashing their entire proxy infrastructure and taking down major portions of the internet from 11:28-17:06 UTC on November 18, 2025.

This post mortem from Cloudflare dives into everything that went wrong, their response process and is ultimately, a great read for security folks and SREs alike. Also, a great template for technical leaders on how to publicly do incident comms.

Real-time visibility and defense for every browser session with Neon Cyber

Modern threats don’t wait. They unfold in the browser. Neon Cyber extends your security beyond the perimeter directly to where your workforce interacts with web apps, email, and AI tools. Its browser-native protection detects and blocks phishing attempts, credential re-entry, and suspicious post-click behavior instantly.

No network reconfigurations. No endpoint lag. Just continuous, AI-driven visibility into browser activity, empowering security teams to respond faster, enforce policy automatically, and reduce alert noise.

[Sponsored] Protect your workforce at the source, where work actually happens.

See Neon Cyber in Action

Wiz’s 2026 CISO Budget Benchmark Study

Wiz recently surveyed 300+ CISOs and security leaders for their 2026 CISO Budget Benchmark Report and here are the findings that stood out to me most:

• 85% of orgs increased budgets this year with ~90% expecting increases in 2026. 56% of orgs say current budgets are not enough.

• 13% of orgs are running 100+ tools…… Not fun.

• 54% are investing in AI-powered security to counter AI threats

• 23% of respondents marked talent as the top budget priority with 40% of respondents relying of managed services of sorts

Imo, budgets will continue to grow as long as the attack surface continues to expand and attackers become more sophisticated. Security is a tax that businesses can’t afford to avoid.

Anthropic disrupts AI-orchestrated threat campaign

I know you’re probably sick to your stomach from all the vendor ambulance chasing and ‘expert’ takes on the recent Anthropic discovery so I’ll spare you from more any more pontification.

TL;DR - Anthropic (maker of Claude AI), discovered that Chinese threat actors socially engineered Claude Code into believing the actors were security researchers and then used Claude + a chain of open-source tools to conduct recon, discovery, exploitation, exfiltration from real companies. 80-90% of the attack chain was carried out by AI… This is not new, Wiz researcher Scott Piper wrote about seeing similar in the wild months ago.

Below is an example of what that looks like:

I’d say this is a bit of a wake up call but not the end of the world. It puts more pressure on blue teams to secure the fortress + detect and eradicate faster. Things they should already be optimizing for.

Overtime, we’ll see more AI-driven campaigns, but foundational model security will become better at prevention + detection. Which leaves open-source and shady models to be relied on by attackers.. None of which are anywhere near as good as Claude Code, imo.

Your Guide to CyberMarketingCon 2025: Workshops, Wrestling, and What’s New in Austin

The annual Cyber Marketing Con is taking place in Austin, Dec. 7 - 10 and I cannot speak highly enough on the ROI of the con if you’re in GTM. The team recently recorded a podcast episode on what to expect which you can find below.

More details on the conference here. I’ll be speaking and I hope to see you there!

🔮 The Future of Security 🔮

AI Security

MCP security startup Runlayer launches with $11M from Khosla and Felicis

RunLayer, founded by former Zapier AI director Andrew Berman recently emerged from stealth with $11M from Khosla and Felicis. The company already has customers like Gusto, Instacart, and Opendoor to secure their MCP implementations. Runlayer combines gateway controls with threat detection, observability across all MCP servers, and granular permissions that integrate with existing identity providers like Okta.

MCP vulns have been in the spotlight given the open standard’s spike in adoption. Recent major vulns include GitHub prompt injection, Asana customer data leaks, and more.

Impressive startup focusing on a growing problem space, strong investors + founding team. Definitely a startup to keep your eyes on.

More AI Security news ⬇️

• Zscaler Buys AI Security Outfit SPLX

• Claude AI APIs Can Be Abused for Data Exfiltration

• ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure

• JFrog debuts Shadow AI Detection to expose hidden AI models and API usage

• Ollama, Nvidia Flaws Put AI Infrastructure at Risk

Application Security

Impart AI Launches Runtime Protection at AI Speed

Impart Security rebrands to Impart.ai and launches AI-native runtime protection that lets defenders move as fast as AI-powered attackers. The company joins NVIDIA’s Inception program and introduces Impart AI (Beta) - a conversational workspace where security teams can design, test, and deploy runtime protections using natural language instead of complex rule writing.

More AppSec news ⬇️

• Reflectiz Raises $22 Million for Website Security Solution

Cloud Security

Wizdom 2025 Product Announcements: Extending the Cloud Operating Model

Wiz recently hosted their first user conference in NYC and below are their major announcements:

• SecOps Agent: Automated threat investigation with transparent verdicts and audit trails

• Issues Agent: Root cause analysis and remediation paths for critical findings

• M365 integration: Cloud-to-SaaS unified visibility for misconfigs, data exposure, risky permissions

• Defend Agentless: Threat detection for vendor systems and performance-sensitive workloads

• AI-SPM expansion: Discovery and risk assessment for AI agents and MCP implementations

• ASM preview: External exposure validation combining attacker perspective with cloud context

More Cloud Security news ⬇️

• Upwind Introduces Dynamic Exposure Validation Engine to Redefine Cloud Security Posture Management

• Sweet Security Raises $75 Million for Cloud and AI Security

Data Security

Cyera Introduces Access Trail to Uncover Details Behind Every Data Touchpoint Across Humans and AI

Cyera unveiled Access Trail for monitoring all human and AI data interactions, Cy AI assistant for natural language security queries, and expanded AI-SPM capabilities at DataSecAI 2025 to address the expanding attack surface created by autonomous AI agents.

More Data Security news ⬇️

• Post-quantum (ML-DSA) code signing with AWS Private CA and AWS KMS

Endpoint Security

Jamf to Go Private Following $2.2 Billion Acquisition by Francisco Partners

Francisco Partners acquiring Jamf (Apple device management ) for $2.2B ($13.05/share cash). Deal represents 50% premium over 90-day average share price prior to Sept 11, 2025. Expected to close Q1 2026.

More Endpoint Security news ⬇️

• Tanium rolls out agentic AI upgrades, expanded endpoint management and new security tools

  ---

Identity and Access Management

Aembit Launches IAM for AI Agents - Solving the “Who Is This Agent?” Problem

Aembit introduces IAM for Agentic AI, creating distinct identities for AI agents while binding human context when needed through two breakthrough capabilities:

• Blended Identity - Gives each agent its own first-class identity, then optionally binds user context when an agent acts on someone’s behalf (enabling clear attribution between “agent acting alone” vs “agent acting for Alice” with policy enforcement based on both agent AND user attributes)

• MCP Identity Gateway - A secure control point that never exposes credentials to the agent itself, exchanges tokens across different auth protocols (OIDC, OAuth2, API keys, etc.), and works across clouds, SaaS, and on-prem systems

IAM security for AI agents has been a top emerging concern for security teams in 2025 and will continue to be in 2026. Kudos to the Aembit team on this launch.

More IAM news ⬇️

• Apono Raises $34 Million for Cloud Identity Management Platform

• Truffle Security secures $25M to protect codebases from leaked secrets and nonhuman identities

• Veza Access AuthZ automates identity governance

• CyberArk launches Secure AI Agents to safeguard privileged AI identities

Insurance

Coalition expands security capabilities with acquisition of Wirespeed

Coalition (cyber insurance company) bought Wirespeed (MDR startup founded July 2024). Wirespeed uses conditional logic + probabilistic AI for automated threat detection. Claims 99.99% alert noise reduction.

IoT Security

Cybersecurity Firm Armis Raises $435 Million in Pre-IPO Funding Round

Armis raised $435M led by Goldman Sachs Growth Equity at a $6.1B valuation, targeting $1B ARR and a 2026-2027 IPO after rejecting multiple acquisition offers including a $5B bid from Thoma Bravo.

Governance, Risk, and Compliance (GRC)

Vanta launches Agentic Trust Platform to unify compliance, risk and trust

Vanta unveiled its Agentic Trust Platform featuring AI Agent 2.0 that acts as a 24/7 GRC engineer, automating audit prep and questionnaires while its Risk Graph maps threat relationships across organizations.

SaaS Security

Nudge Security Raises $22.5 Million in Series A Funding

Austin-based Nudge Security raised $22.5M Series A led by Cerberus Ventures to secure the “Workforce Edge” where employees make technology decisions, delivering real-time browser-based guardrails for AI and SaaS adoption.

The new investment round was led by Cerberus Ventures, with additional support from previous investors Ballistic Ventures, Forgepoint Capital, and Squadra Ventures.

Offensive Security

Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform

Tenzai raised $75M seed funding for autonomous AI penetration testing. Led by Greylock, Battery, and Lux Capital. Founded May 2025 by the Guardicore team (sold to Akamai for $600M in 2021).

Security Operations

Daylight Raises $33 Million for AI-Powered MDR Platform

Daylight Security raised $33M Series A led by Craft Ventures (David Sacks’ firm). Total funding now $40M - one of fastest follow-on rounds in cybersecurity this year. Founded earlier this year by Unit 8200 veterans.

More SecOps news ⬇️

• Push Security and GuidePoint Partner to Deliver Browser-Based Detection and Response

• Arctic Wolf Builds AI-Based Ransomware Protection with UpSight Deal

• CrowdStrike Leads New Evolution of Security Automation with Charlotte Agentic SOAR

Vulnerability Management

Flare Raises $30 Million for Threat Exposure Management Platform

Montreal-based Flare raised $30M ($15M Series B extension + $15M debt). Total funding now $60M over past year. Led by Inovia Capital’s Growth Fund. Platform monitors clear/dark web, cybercrime communities for compromised credentials and exposures.

More Vulnerability Management news ⬇️

• Malanta debuts with $10M to help enterprises neutralize threats before they strike

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of 20,000+ CISOs, practitioners, founders, and investors across 125+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!