TCP #79: Is Vega the next Wiz? And When Vibe Coding Goes Wrong
🌶️ What's hot in security | Mar. 12th - Mar. 19th, 2025
Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, product manager at Monad and former detection engineer in big tech. Each week, I dig through all the major headlines to bring you the latest security product innovation and industry news. Subscribe below for weekly updates! 📧
What’s up y’all!👋🏽
It’s been less than 24 hours since the cybersecurity landscape changed forever and many are still reeling their heads around what the Wiz acquisition means for the rest of us.
Aside from that, we’re about 4.5 weeks away from RSAC so things are picking up steam across all vectors. That said, lots to cover! 🔥
Few highlights below:
🧙🏽♂️Deep dive on Google’s $32B acquisition of Wiz + what it could mean for the industry
🤫Israeli startup in stealth has raised $65M at a valuation btwn $200-400M 🤯. Could they be the next Wiz? Gili Ranaan may think so.
🎧The state of ‘vibe coding’
📰New research reports from Red Canary and GitGuardian
🍯 Tons of product news from Prompt, Cloudflare, Bedrock, Tumeryk, et. al.
💰 Funding + M&A news from Varonis, VulnCheck, Pentera, and TurinTech.
Scanner.dev makes you fall in love with your security logs again. Detect & respond like a boss
Traditional SIEM and logging tools are buckling under massive log volumes, with costs soaring to six or seven figures yearly. Teams need better options—without the data engineering hassle.
Enter Scanner.dev: Load raw logs into S3, and our schemaless indexing engine does the heavy lifting. Query fast with free text search at up to 10TB/sec 🤯. Use our detection rules or sync custom ones from GitHub. Simple, powerful, done.
Before we jump into all the happenings, let’s check in on the state of “vibe coding”:
Turns out yeeting “vibe’d code” into production is a bad idea. LLMs are not great at QA + security. This creates opportunity for AppSec co’s and unprecedented security risks for consumers that engage with “vibe coded” apps. Welcome to 2025.
Anyways… let’s cyber 🕺🏽
Interested in sponsoring an issue of The Cybersecurity Pulse?
This includes reaching an audience of ~6,000, ranging from CISOs, Security Engineers, and world-class investors across 100+ countries!
⚒️ Picks of the Week ⚒️
By now, I'm sure you've come across the acquisition heard around the world. Google acquiring Wiz for $32B in an all cash deal at 45-65x revenue multiple. This comes nearly a year after Wiz turned down a $23B offer.
Below are some of my thoughts (and questions) on what the acquisition means for the industry:
Google has a SIEM (Chronicle), best-in-class cloud service (GCP), VirusTotal, and world-class consulting/services biz (Mandiant). Adding Wiz to the mix creates an insane amount of possibilities. This positions them to compete with CRWD 0.00%↑ and PANW 0.00%↑ in a 'platformitized' world.
Google has agreed to keep Wiz as an 'independent platform' that will work across all cloud providers. AWS and Azure have competing biz, hopefully this doesn't cause Wiz customers to churn.
Wiz had become the behemoth in cloud security. With many question marks surrounding the acquisition, this opens up room for new players to emerge. Upwind and Sweet security are two that come to mind.
Google is losing the AI race (i.e., Gemini + NotebookLLM decline) and ad revenue landscape is changing due to GPTs. This acquisition helps them double down on a growing, synergistic industry.
Google brought in ~$350B in revenue in FY24. This acquisition is less than 10% of that.
Each of the 3 Wiz co-founders will be walking away with over $3B from the sale. M00lah in the c00lah 💰
Interested in hearing more about the deal? My friends Mike, Ashish, Francis, James, and Chris Hughes will be dissecting the acquisition live on LinkedIn later today!
🤫 The secretive Israeli cyber startup worth hundreds of millions—Vega Security raises $65M in stealth
Vega Security. $65M through 2 rounds of funding, yet still in stealth. Valued somewhere between $200M - $500M with "very low" revenue.
"The company’s first investor, as is common in cybersecurity funding, was Gili Raanan of Cyberstarts, with Lior Simon leading the investment for the VC and serving as a board member on the startup." - Meir Orbach, Calcalistech
Other VC firms include Redpoint, CRV, and the European Accel Fund.
What are your thoughts on this one? Any bets on what their building? 👀
GitHub Action ‘TJ-Actions’, used in 23k repos, compromised
On March 14, 2025, the GitHub Action tj-actions/changed-files (used in 23K+ repos) was compromised via a supply chain attack (CVE-2025-30066), leaking CI/CD secrets like AWS keys and GitHub tokens to public workflow logs due to a debug flag flip. Fixed in v46.0.1, users must update, rotate secrets, and audit logs from March 14-15. No external exfiltration was confirmed, but exposed logs made secrets widely accessible. Kudos to Step Security research team for discovering this.
GitGuardian's 2025 State of Secrets Sprawl
Speaking about secrets leaks.. GitGuardian dropped their annual State of Secrets Sprawl report which is a personal favorite of mine every year. GitGuardian's been doing Non-Human Identity (NHI) security since before it became cool. I'll be dropping a deep dive on their report next week. Most compelling stat is that they detected 23.8M secrets on GitHub (+25%YoY). I imagine this number will be much higher in 2025 given all the "vibe-coding".
Dig into the ungated report here.
RedCanary's 2025 Threat Detection Report
Another personal favorite every year. Haven't dug in yet but from the looks of it, their research team saw 4x increase in identity-based attacks 🫣
Dig into the ungated report here.
Resilient Cyber's Collection of AI Security Resources
Our friends over at are at the bleeding edge of all things AI x Security. They recently rounded up a ton of critical research and assets that serve as a great starting point for anyone looking to get a really firm grasp on the AI x Security space.
Access the collection, for free:
🔮 The Future of Security
AI Security
Prompt Security launches authorization features to enterprise AI
The authorization (authZ) features helps mitigate the risk of sensitive data leak via enterprise AI use. If not thoughtfully deployed, AI agents and chatbots can have access to sensitive corporate info (i.e., salary bands, m&a info etc). If there's no segmentation or authZ contols in place, all it takes is for employees to ask the chatbot about the sensitive data and it'll likely retrieve it.
While this is an emerging challenge that requires a cultural organizational shift, having solutions like Prompt can help prevent any 'oopsies'.
"Key features include contextual runtime authorization that evaluates both user identity and request context, as well as granular, department-specific policies that align access permissions with job functions and data privacy requirements. The system also integrates with leading identity providers such as Okta Inc. and Microsoft Entra, enabling seamless enforcement of security protocols." - Duncan Riley, SiliconANGLE
Side note: This authZ feature is pretty similar to what Knostic initially came to market with.
More AI Security news ⬇️
Application Security
DryRun wins in Ruby on Rails bake-off
The team at DryRun recently did a bake-off against Snyk, GitHub (CodeQL), Semgrep, and SonarQube using the RailsGoat project. DryRun beat the competition by a wide margin and it's mostly due to their contextual analysis approach which beats out traditional SAST tools.
DryRun is one of the first to market in leveraging AI for AppSec. They're an Austin-based (🤠) crew founded by former Signal Sciences and GitHub leadership. Check them out here if you're ready for a change in SAST.
More AppSec news ⬇️
TurinTech reveals $20M in backing to fix problems in ‘vibe coding’
F5 Integrates API Security and Networking to Address AI Onslaught
Data Security
Varonis has acquired Cyral, a leader in the Database Activity Monitoring (DAM) space for an undisclosed amount. Traditional DAM relies heavily on agent-based approaches that often hamper DB performance + it just doesn't scale with the AI data explosion. This acquisition gives Varonis yet another leg up in the data security space.
More Data Security news ⬇️
Bedrock Security’s metadata lake technology strengthens data security
Forcepoint Boosting AI-based Data Security with Getvisibility Buy
Cloudflare Unveils its First Cloud-Native Quantum-Safe Zero Trust Solution
Offensive Security
Pentera nabs $60M at a $1B+ valuation
Continuous security validation (aka automated pen tests) play.
“The round is coming on the heels of Pentera growing customers by 200% to 1,100 organizations and ARR by 300% in the last four years, underscoring the demand in the market for its tools.” - Ingrid Lunden, TechCrunch
Vulnerability Management
VulnCheck raises $12M to boost global expansion of exploit intelligence platform
Not much to say here other than VulnCheck's brand presence and community support is pretty strong. Great to see great products (and companies) continue winning!
Interested in sponsoring TCP?
Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~6,000 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye For Now!
That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽
Disclaimer
The insights, opinions, and analyses shared in The Cybersecurity Pulse are my own and do not represent the views or positions of my employer or any affiliated organizations. This newsletter is for informational purposes only and should not be construed as financial, legal, or investment advice.