⚡ TCP #73: DARPA Red-C; SailPoint IPO; Palantir Security; and Product News
What's hot in security | Jan. 28th - Feb. 5th, 2025
Welcome to Issue 73 of The Cybersecurity Pulse! I'm Darwin Salazar, PM at Monad and former Detection Engineer. Each week, I explore the latest security product innovation and industry news. Stay ahead of security trends and themes by subscribing below to receive weekly digests directly to your inbox. Share with a friend if already sub’d! 📩
Feels like things are finally heating up again in security. Lots of CKOs and SKOs means product and services companies are busy launching new stuff including features, partnerships and everything in between.
That said, we have a lot to cover so let’s cyber 🪩🕺🏽
AI SOC Analyst: Reduce Alert Overload, Focus on Real Threats
SecOps teams are inundated with alerts, many of which are false positives, draining time and resources. Manual investigations—often taking 20-60 minutes per alert—slow response times and increase burnout.
Prophet Security transforms this process, leveraging AI agents to triage and investigate alerts in seconds. By automatically handling false positives and surfacing real threats, Prophet AI frees analysts to focus on high-impact security work, reducing fatigue and improving efficiency. See the difference firsthand.
⚒️ Picks of the Week ⚒️
DARPA wants to create ‘self-healing’ firmware that can respond and recover from cyberattacks 🩸
DARPA, the agency which funded ARPANET which eventually led to what we call the internet today, wants to reinvent how firmware is secured. They've kicked off a new project called "Red-C" which aims to build "self-healing" defenses into bus-based systems.
While I don't believe we have the tech to achieve this today, I'd say we're at least 3-5 years away. I love the fact that DARPA is the one spearheading the initiative as opposed to a VCs putting money behind startups. DARPA has the gravitas to pull in PhDs from top institutions and private sector leaders to work on this initiative collaboratively which makes such a lofty goal much more achievable.
Also, to me "self-healing" goes hand in hand with "autonomous". We need both, especially for critical infrastructure security which heavily relies on operational resilience.
Private equity owned SailPoint aims to go public soon at a valuation of $11.5B while hoping to sell $1B (47.5M shares) of stock in its IPO.
The company was taken private in 2022 upon being acquired by Thoma Bravo in 2022 at a valuation of $6.9B.
Dive deeper: SEC S-1 filing
How Palantir Secures Source Control (Software Supply Chain Security Series, #3)
Ever wondered how one of the hottest companies (PLTR 0.00%↑) in the world does AppSec? This series I stumbled upon dives into their code review process, tooling, vulnerability management, and their release process.
Sounds like all of the security layers and steps across their SDLC are intricately woven together. Lots to learn for eng teams of all flavors.
DeepSeek privacy + security concerns
If you're like me, you've probably tuned out all the DeepSeek noise since last week. Too much FUD, drama, and lies surrounding the whole ordeal. However, it has set some pretty significant precedence across AI ethics, privacy, and national security.
Here's a quick run down of some of the things that have happened since we covered it last week:
This video from our friends over @ Reco covers the security and privacy concerns very well.
ExxonMobil Lobbyist Caught Hacking Climate Activists
Title says it all. Pretty wild story.
A Commencement into Real Kubernetes Security - SHMOOCON 25 Presentation
It's been a while since I've dug into K8s security so this presentation was fun to dig into. K8s security is highly nuanced and always evolving. Lots hinges on proper config + environmental variables. The presenters, Jay Beale and Mark Manning, do a great job of providing tactical tips that go beyond hardening, like creating custom seccomp profiles.
📰 Product News 📰
Product News. My favorite kind of news.
Application Security
Legit Security launches root cause remediation capabilities 🔥
Legit Security launched new root cause remediation features that help teams fix multiple software vulns simultaneously through single targeted fixes. They leverage code + CI/CD pipeline contextual analysis to deliver "one-to-many" remediation. The update also includes impact analysis tools, fix location identification, bulk remediation playbooks, and automated SLA management capabilities.
More application security product news ⬇️
Browser Security
Seraphic raises $29M to secure browsers in the enterprise
Seraphic injects an abstraction layer between executing code and a browser’s JavaScript engine that protects against zero-day or unpatched n-day browser exploits to can guard against such common exploits as preventing phishing attacks, overly permissive and malicious extensions, and data exfiltration. - Paul Gillin, SiliconANGLE
The startup raised $29M in an "early-stage" funding round led by GreatPoint Ventures, with participation from Crowdstrike's Falcon Fund, Planven Investments, Cota, and Storm Ventures.
Cloud Security
Synergistic and opportunistic move to better support their existing customers. CSPMs have been heavily commoditized for the past 4-5 years now so this isn’t much of a breakthrough.
More cloud security product news ⬇️
Identity and Access Management (IAM) Security
Oasis Scout + Oasis NHI Threat Intel DB
Oasis Security launched Scout, a threat detection offering for NHIs that uses their proprietary AuthPrint™ tech to match malicious activities to known threat campaigns.
Oasis also released the "NHI Threat Center" which is a public threat intel DB focusing on attacks targeting NHIs. Gotta admit, this is super cool and similar to Wiz's Cloud Vuln DB.
More IAM security product news ⬇️
Security Operations
Conifers.ai Scores $25M Investment for Agentic AI SOC Technology
A new player in the AI for SOC space has emerged from stealth with $25M in funding led by SYN Ventures and joined by Picus Capital and several angels.
Vulnerability Management
The acquisition will enable AttackIQ to expand their Cyber Threat Exposure Management (CTEM) capabilities which will pair well with their breach and attack simulation offering.
Acquisition amount undisclosed 🤷🏾♂️
Interested in sponsoring TCP?
Let's Grow Together!🫱🏽🫲🏻
Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of over 5,100 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye For Now!
That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽