Welcome to Issue 77 of The Cybersecurity Pulse! I'm Darwin Salazar, Head of Product Strategy and Marketing at Monad and former detection engineer in big tech. Each week, I dig through all the major headlines to bring you the latest security product innovation and industry news. Subscribe below to receive my weekly updates!

What’s up y’all!👋🏽 Hope you’re doing well wherever you’re reading this from. It’s March. Which means Spring is upon us in the US and so is RSA. SXSW here in Austin and March Madness college hoops if you’re into that. Feels like this is the month most people come out of hibernation and things start speeding back up including the security industry.

Lots to cover, few highlights below:

• Okta (OKTA 0.00%↑ ) and CrowdStrike (CRWD 0.00%↑) both performed strongly in Q4 FY25. Okta hit record profitability while CrowdStrike becomes the first security vendor to hit $1B in sales on AWS Marketplace. Deep dives and a pretty Sankey diagram in our “Picks of the Week” section.

• 2 pieces on the state of the CISO, directly from CISOs.

• 18 announcements across product, M&A, and startup land in our new “For Builders” section 🔨

Few updates to cover before we dive in:

• Welcoming our two newest sponsors, Varonis and Scanner.dev 🙌🏼

  • This newsletter is a labor of love and provided to the community for free. This wouldn’t be possible without the support of our sponsors. Go check them out!

• Updated “About” page including TCP’s origin story.

• Feedback. Feedback. Feedback. Let me know if there’s anything I can do to make TCP better for you. DM me, leave a comment, send a handwritten note, doesn’t matter the vehicle or format. Feedback is always appreciated!

Leave a comment

All that said, let’s cyber 🕺🏽

Security Teams Need Outcomes, Not More Alerts

While other solutions drown you in findings, Varonis delivers actionable and automated outcomes that practitioners can trust.

Varonis’ data-centric platform continuously discovers critical risks, applies intelligent prevention, and provides proactive detection across your entire environment—multi-cloud, on-premise, SaaS, and third-party applications.

See for yourself with our free data risk assessment. In less than 24 hours, we'll provide you with a clear, risk-based view of your data and a clear path to automated remediation.

Request a free assessment

⚒️ Picks of the Week ⚒️

Okta reports a record quarter in Q4 FY25🔥

Okta had a record quarter in Q4 FY25. Massive indicator of the growing TAM in identity security. Details below:

• $682M in revenue, up 13% YoY, beating the $669.8M estimates.

• Subscription cash (up 13% to $670M) carried the load while services dipped 15%.

• Free cash flow soared 71% to $284M—42% of revenue.

• Identity Governance product drove 20% of the quarter’s growth.

• 40% growth in $1M+ deals on the quarter.

• 19,850+ customers (!!)

Safe to say that Okta is back. After suffering a couple of breaches in recent years, it seems like their Secure Identity Commitment is doing some good. Their acquisition of Spera (ISPM) is probably also contributing heavily to the bottom line. They hit record profitability + free cash flow this past quarter.

Long story short, OKTA 0.00%↑ is putting on a masterclass in execution.

Dig deeper with the earnings transcript + presentation here.

Scanner.dev makes you fall in love with your security logs again. Detect & respond like a boss

Here's the hard truth: traditional SIEM and logging tools are struggling under today's massive log volumes, with costs quickly escalating to six or seven figures per year. That's why teams are searching for better alternatives. But there's a catch: these alternatives often require significant data engineering work to maintain.

That's where Scanner.dev comes in - Our platform transforms how you SIEM. Just load your raw log data into S3 buckets, and let our schemaless indexing engine take care of the rest. With Scanner.dev, querying is a breeze thanks to our free text search, which processes data at blazing speeds up to 10TB/sec 🤯. Plus, you have the flexibility to use our default detection rules or customize your own and sync them from GitHub.

👉 Take Scanner for a spin

CrowdStrike’s Q4: Strong growth; weak forward guidance

CrowdStrike’s Q4 FY25 was a beat-and-dive—$1.06B in revenue, up 25% YoY, topped the $1.03B forecast, with annual recurring revenue (ARR) hitting $4.24B (+23%) and net new ARR at $224M. They smashed EPS at $1.03 (vs. $0.86 expected), operating income rose 27% to $837.7M, and free cash flow hit $1.07B—27% of revenue.

However, the stock tanked 8.5% after-hours (😔) to $357, likely because FY26 guidance ($4.74B-$4.81B) didn’t wow the Street ($4.81B expected). They also highlighted wins on the SIEM side like a major airline ditching QRadar for CrowdStrike.

More numbers below:

• SIEM Investments Paying Off: They highlighted a major airline ditching QRadar for CrowdStrike.

• Segments: Total contract value soared 40% to $6B; cloud, identity, and SIEM ARR topped $1.3B (+50%).

• Flex Power: FalconFlex deals added $1B+ in Q4, with 67% of customers now on 5+ modules.

• AWS King: First cyber firm to break $1B in AWS Marketplace sales in a year.

FalconFlex = A subscription model that enables customers to adopt the modules they want across their subscription term.

Dig deeper on CRWD 0.00%↑ earnings here.

5 Key Questions CISOs Should Ask Before Board Meeting - Emily Heath

Emily Heath, General Partner at Cyberstarts and former Fortune 500 CISO, recently shared 5 questions CISOs should address while preparing for board meetings. Prepping on these questions can help bridge the gap with non-technical stakeholders. Love it cause it takes first principles approach to security.

Questions and thoughts below:

• What matters most to your organization?

  • Think crown jewels and key revenue generators. Is it healthcare patient data or unreleased, raw 8/9-figure movies? Center the convo on that.

• Where are these critical assets located?

• How are you protecting these assets?

• How vulnerable and at risk are these assets?

• How prepared are you when something goes wrong?

Dig deeper: Wiz Blog

SolarWinds’ Tim Brown: CISOs are nervous about liability

It’s no secret that the nature of the CISO role is continuously evolving. Broader scopes, securing emerging tech, new regulations, and lots more personal liability concerns.

Most of it due to Uber and SolarWinds breaches which led to their respective security leaders being sued, charged and ending up in court. Unprecedented yet it shows that CISOs can be the “fall guy” for breaches.

Read SolarWind’s CISO most recent thoughts from his talk at CyberLawCon.

For Builders 🔨

As this newsletter evolves, this section has also evolved into an amalgamation of product news, M&A, funding, new startups, and partnerships. This has led me to rebrand this section from “Product News” to “For Builders” as it’s more encompassing. Most of TCP’s audience is building something and this section will aim to arm you with the latest so you could build better things.

Whether it’s building a security program, a product, a startup, or GTM function, this section is for you. We’re all builders at heart ❤️‍🔥

AI Security

JFrog advances AI security with Hugging Face partnership, Nvidia NIM and new MLOps platform

3 major announcements from JFrog:

• Partnership with Hugging Face where they'll provide security scanning across all models hosted on HF Hub with a "JFrog Certified" badge. Great GTM move + big win for AI security.

• Partnership with NVIDIA to provide a solution for securely deploying GPU-optimized ML models and LLMs into production.

• Launch of JFrog MLOps solutions to bring DevSecOps features/approach to the entire ML supply chain.

More AI security news ⬇️

• CalypsoAI launches cybersecurity leaderboard for AI models

• Securiti, Databricks Team Up to Protect Proprietary AI Training

• Knostic raises $11M Series A

Application Security

Opus Security Deploys AI Agents to Help w/ Vuln Managment

"Agentic/agents" is pretty buzzwordy but I do think AI will continue being deployed to tackle our most pressing problems as an industry. Vulnerability Management (VM) is one of those problems and Opus is one of the first I've come across with dedicated agents for VM. 7AI was probably first to market. I still have many question marks about agentic security in production but am bullish long-term.

More AppSec news ⬇️

• Cloudsmith Raises $23 Million to Bolster Software Supply Chain Security

• Apiiro open-sources PRevent and malicious code ruleset for Semgrep

Cloud Security

Aryon Security emerges from stealth to tackle cloud misconfigs

The Israeli-based startup has emerged from stealth with $9M in funding. Their focus is cloud misconfig prevention via resource governance policies.

More cloud security news ⬇️

• CrowdStrike Falcon Cloud Security Expands Support to Oracle Cloud Infrastructure

Data Security

Mimic raises $50M to advance enterprise ransomware defense

$50M Series A from Google Ventures, Menlo, Ballistic, Team8 et. al. is pretty telling. Ransomware is one of the costliest problems facing security due reputational and system downtime. Mimic seems to be tackling the problem in a novel way including a capability to 'safely' simulate ransomware impact. This takes IR tabletop exercises to a whole other level.

More data security news ⬇️

Rubrik strengthens protection for cloud, SaaS, and on-premises environments

Identity Security

ConductorOne unifies NHI and human identity security

Non-human identities (NHI) have been all the hype and rightly so, we're in an API-driven economy and agentic AI is looking to eat SaaS. The problem is that NHIs need to be part of the broader identity security strategy and having multiple tools to handle that can get clunky. ConductorOne is one of the only, if not the only, vendors I'm seeing take this approach to NHI security.

More identity security news ⬇️

• CrowdStrike Extends Real-Time Protection for Microsoft Entra ID to Take on Identity-Based Attacks

• Jamf to Acquire Identity Automation for $215 Million

SaaS Security

Obsidian Security Partners with SentinelOne

This brings SaaS security to SentinelOne customers. Could be an acquisition brewing given that CrowdStrike acquired a SaaS security solution, Adaptive Shield, last year.

Security Operations

Red Canary launches Security Data Lake

Security Data Lakes were all the hype in '22 and '23, then they weren't and now they're picking up steam again. They make a lot of sense in theory but hit challenges in replacing SIEMs. Mostly cost-related. Snowflake and Databricks are not as cheap as you think. S3 is though 🤷🏽‍♂️.

Red Canary's approach is not positioning it as a SIEM replacement but rather a place where you can send raw copy of your high volume, low value log sources. This is the way.

More SecOps news ⬇️

• BreachRx launches Rex AI to streamline enterprise incident response workflows

• Hunters Announces New AI Capabilities with Pathfinder AI for Smarter SOC Automation

• Monad Product Release Notes - February 2025 🔥

Interested in sponsoring TCP?

Bye For Now!

That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽