Welcome to Issue 74 of The Cybersecurity Pulse! I'm Darwin Salazar, PM at Monad and former Detection Engineer. Each week, I dig through 1,000+ headlines to bring you the latest security product innovation and industry news. Stay ahead of the curve and receive my updates directly to your inbox by subscribing below. Share with a friend if already sub’d! 📩

Share

This past week has been pretty wild. If you blinked, you probably missed some major news. No worries though, that's what I'm here for 🤗

Below is the skinny on major events:

• Earnings from Qualys, Tenable, Cloudflare, Fortinet, Varonis, and Juniper Networks.

• 7AI emerges from stealth w/ $36M in funding.

• Wiz and Checkpoint partner on cloud security meaning Wiz will inherit Checkpoint's CNAPP customers.

• Drata (Vanta competitor) acquires SafeBase for ~$250M

• Tines raises $125M Series C @ $1.1B Valuation

• SolarWinds acquired by PE firm for $4.4B

• Inside the Network crew interviews 3x unicorn founder, Shlomo Kramer

That said, we have a lot more to cover so let’s cyber 🪩🕺🏽

How AI Triages Impossible Travel and Identity-Based Alerts

Identity-related alerts — such as suspicious logins and impossible travel— demand in-depth investigation and context-awareness. This is one of many practical use cases for leveraging smart, AI-driven alert triage to help SOC analysts with the endless backlog of alerts they face every day.

👉 Read the blog from Intezer about how SOC teams are using AI to make fast, smart triage decisions

👋 Interested in sponsoring? Click here!

⚒️ Picks of the Week ⚒️

Ransomware Payments Dropped to $813 Million in 2024

Let's start off on a positive note. Research from Chainanalysis, a crypto/blockchain investigations company, has shown that ransomware payments dropped from $1.25B in 2023 to $813M in 2024. While this may be a bit misleading since there were more ransom payments made in '24, it does indicate that the takedown of big ransom groups like LockBit and BlackCat have had a strong impact.

Why Security Teams Resist Full Tool Replacements—And What Vendors Can Do About It

"Security professionals don’t just want better—they want complementary solutions that make their jobs easier without unnecessary upheaval." - Dani Woolf @ The Cyber Brain

Unless your product has a massive moat and strong word of mouth, rip and replace is often a non-starter for security teams that are already drowning in alerts and responsibilities. Even if their existing tooling is not the sexiest or newest, as long as its getting the job done, it's hard to persuade buyers to entertain the idea of uprooting their existing tooling. Harsh reality.

New DECEIVE Honeypot from Splunk

The Splunk team had launches a honeypot system that uses AI to simulate realistic honeypot environments rather than exposing real systems to real attackers. This system automates the creation of users, data, and applications, which typically requires substantial effort in traditional honeypots.

Cool project for anyone looking to get started w/ honeypots without having to spin up + maintain the infra. Not sure how I feel about using synthetic data vs. real attacker data for production use cases though.

Earnings Season Commences. Recaps below!

• Fortinet

• Varonis

• Cloudflare

• Qualys, Tenable, and Juniper Networks

Coming up this week: CyberArk (Feb 13), Palo Alto Networks (Feb 13) and Rapid7

Securing the Identity Attack Surface Report

Another banger from

Anyways, it feels like every year, there are new identity security vendors and new subcategories being spun up. ISPM in 2021/22, ITDR in '23, NHI in '24 etc. In this report, Francis does a great job at capturing the state of the market and where things may be headed in 2025.

Resilient Cyber w/ Mike Privette - 2024 Cyber Market Analysis Retrospective

Several weeks ago, Mike Privette launched his retrospective on all that transpired in the security market in 2024. The report looked at the market from both a macro and micro perspective including:

• How the economic environment may have impacted M&A and fundraising

• AI's effect

• Products v. Services

• And so much more

You can either get Mike's report here free of charge or listen to him go over it in detail with the formidable Chris Hughes on the Resilient Cyber podcast.

📰 Product News 📰

Product News. My favorite kind of news.

Application Security

Backline emerges from stealth w/ $9M to tackle security backlogs with AI

Backline recently came out of stealth with $9M in funding to use AI agents to streamline remediation efforts for security teams. They aim to do this by ingesting findings from a customer's security stack into a "security findings lake" and then deploying agents to help w/ remediation. Sounds great in theory though I have many questions about the actual application of it.

Dive Deeper: Full press release here.

More AppSec product news ⬇️

1. Semgrep raises $100M Series D

2. Orca adds automation for remediating code vulns

Cloud Security

Wiz x CheckPoint partner on cloud security

"The mutually beneficial partnership includes joint integration and the assisted migration of Check Point’s CNAPP customers to Wiz" - Checkpoint

This feels very similar to Palo Alto Networks entering a partnership w/ IBM that led to the ingestion of QRadar (and its salesforce) for PANW. Not sure the total economic impact, but it speaks to Wiz's continued momentum.

Checkpoint was the first CSPM to market and now they've bowed to Wiz. Draw your own conclusions :)

More cloud security product news ⬇️

1. Resourcely launches Campaigns to speed up cloud resource governance

2. DevAI raises $6M to automate infrastructure management with AI agents

Compliance

Drata Acquires SafeBase for "a quarter of a billion dollars"

SafeBase is a trust center platform aimed to streamline 3rd party security reviews and questionnaires, a very, very painful process. The company is loved by the security community and had 700+ customers including Palantir, Asana, and Crossbeam. This is a fantastic pickup by Drata.

Vanta, their main competitor, already has a similar feature which was probably leading to many lost deals for Drata. Will be fun to continue watching things heat up in the compliance + trust space.

Security Operations

7AI emerges from stealth w/ $36M seed and many agents

Seed round from Greylock Partners, Spark Capital, and CRV. Co-founded by the Cybereason founders and aims to provide security teams with a swarm of AI agents that can automate many security tasks.

Seems like they're using OpenAI for reasoning and Anthropic for code gen. What stood out to me the most is that:

• They're not hyper focusing on one security domain.

  • They're branching out to multiple critical areas which makes sense given the amount of context and reasoning/inference capabilities that AI models have today.

• Deployed in "more than a dozen" companies prior to coming out stealth

• "The platform documents how each agent reached its conclusions and can be reviewed at any time by human analysts." Lior Div, Co-founder and CEO

This will be a fun company to watch 🔥

More SecOps product news ⬇️

1. Tines raises $125M Series C @ $1.1B valuation

2. ThreatMate Raises $3.2 Million for Attack Surface Management Platform

3. Tenable acquires Vulcan

Interested in sponsoring TCP?

Bye For Now!

That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽