Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth + Marketing at Monad and former detection engineer in big tech. Each week, I dig through all the major headlines to bring you the latest security product innovation and industry news. Subscribe below for weekly updates! 📧
Good morning, good afternoon, and good evening! 👋🏽
We recently hit #37 out of over 20K (top 0.1%) Technology Substacks which puts us in some pretty good company with the likes of
, , and . I thought that was pretty cool and wanted to share. Massive thanks to you all who read and share TCP with friends and colleagues on a weekly basis! We’re just warming up ❤️🔥3 weeks til RSA. I’ll be there. Will you? Shoot me a DM if you’d like to grab a coffee ☕
Before jumping into this week’s highlights, check out what the team at Monad has been up to in March 🚀
Now, lots to cover this week. Key highlights below:
💰Cybersecurity spending set to jump 12.2% in 2025 - IDC
🤖Model Context Protocol (MCP) use cases for security
🌎Potential breach at Oracle. Huge, if true.
🔮Adaptive Security raises $43M from a16z + OpenAI to address AI-enabled social engineering challenges.
🎯Straiker emerges from stealth with $21M to tackle AI security. Lightspeed + Bain Capital Ventures.
🤺Wiz GA’s it’s Defend module
Let’s cyber 🕺🏽
Fall in love with your security logs again. Detect & respond like a boss.
Traditional SIEM and logging tools are buckling under massive log volumes, with costs soaring to six or seven figures yearly. Teams need better options—without the data engineering hassle.
Enter Scanner.dev: Load raw logs into S3, and our schemaless indexing engine does the heavy lifting. Query fast with free text search at up to 10TB/sec 🤯. Use our detection rules or sync custom ones from GitHub. Simple, powerful, done.
⚒️ Picks of the Week ⚒️
Cybersecurity spending set to jump 12.2% in 2025
Global cybersecurity spending is forecasted to grow by 12.2% this year, according to a study conducted by IDC. Financial industry is expected to grow 19.4% YoY, Media + Entertainment 17.1%, and 'Life Sciences' 16.9%. US and Western Europe are expected to still make up over 70% of all spending.
Potential Breach at Oracle Cloud👀
"After Oracle denied that any such breach had occurred, the threat actor rose87168 shared a sample of 10,000 records allegedly taken from the breach, with CloudSEK, SOCRadar, and a few others. The records, according to the researchers who analyzed them, strongly pointed to a breach of Oracle's cloud environment. Others, including threat intelligence firm Hudson Rock, reported hearing directly from Oracle Cloud customers who recognized the leaked data as their own, adding further credibility to claims of a breach." - Jai Vijayan, DarkReading
Model Context Protocols (MCPs) for Security Use Cases
MCPs have been all the hype in recent weeks and rightly so. While I haven't had the chance to dive in on the technicals, it seems to be a very powerful protocol that allows for LLMs and AI agents to connect with different data sources and tools. Linking a few resources that I'll be digging into over the coming week:
ghidraMCP: Now AI Can Reverse Malware - Laurie Kirk
Security Operations with RunReveal's MCP Server - RunReveal
Integrating Agentic RAG with MCP Servers: Technical Implementation Guide - Omar Santos
MCP: An Introduction to Agentic Op Support - TrustedSec
As with most emerging AI tech, the ‘MVP-grade’ security use cases are endless. It'll be great to see what actually makes it into production and produces results for security teams.
Bridging the Gap Between the CISO & the Board of Directors
A CISOs relationship with the board dictates much of a security program's resources and effectiveness. This post, written by Michael Fanning (CISO at Splunk), provides some guidance on how to build closer alignment with the board and other CXOs.
🔮 The Future of Security 🔮
Application Security
Straiker Launches with $21 Million to Safeguard AI
Straiker, an AI security startup, has emerged from stealth with $21M in funding. They have two modules, Ascend and Defend, the former performs attack simulations against AI Apps and Agents while the latter provides protection across many layers of the stack.
The team is lead by CEO Ankur Shah who was formerly SVP & GM of Prisma Cloud at PANW 0.00%↑ and by Sreenath Kurupati who was VP of AI, Data, and security research at Akamai. Deep(ish) roster with a 20 person team coming out stealth to tackle one of the world's most pressing and emerging challenges. Backed by Lightspeed + Bain Capital Ventures.
They are coming into a space where there are incumbents like Protect AI, HiddenLayer, Dreadnode, and even Palo Alto Networks and CrowdStrike. They've got a strong founding team and $21M of fresh cash. Will be great to see what they achieve and how they approach the market.
This post does an amazing job at providing mental models to use in understanding AI security and peels back the curtains on how they plan to attack the problem.
Adaptive Security raises $43M for its AI cyberattack simulation platform
AI Social Engineering detection. Raised $43M from a16z and OpenAI. I always find posts authored by the investors explaining why they chose to invest in a company is pretty revealing of the market opportunity and conviction in the company. Here's a16z's letter.
More AI Security news ⬇️
Cloud Security
“Wiz Defend unifies runtime signals from the Wiz Sensor, real-time analysis of cloud and SaaS telemetry, our proprietary threat intelligence, and the deep code-to-cloud context of the Wiz Security Graph to provide Security Analysts, Detection Engineers, Incident Responders, and Threat Hunters with precise detection and complete analysis of threats.” - Yinon Costica, Arie Zilberstein
This is the integration of their acquisition of Gem Security that took place last year. Read the full release post here. It has tons of in-app demos of the module + an end-to-end real-world example of Wiz Defend in action.
Data Security
Harmonic Security Raises $17.5M Series A for ‘Zero-Touch’ Data Protection
Harmonic, a 2024 RSAC Innovation Sandbox finalist, has raised a $17.5M series A in a round led by Next47.
More Data Security news ⬇️
New innovations in Microsoft Purview for protected, AI-ready data
Cyberhaven nabs $100M for its AI-powered data protection platform
Identity Security
Hacker match made in heaven. Trimarc and it's founder, Sean Metcalf, have been at the forefront of Microsoft Active Directory for over a decade. They now join David Kennedy and the TrustedSec crew who are an industry-leading service provider.
Security Operations
Exabeam introduces Nova AI agent
The Nova agent digs into every alert to help triage and add context. Exabeam has a ton of relevant telemetry from their decade+ in the SecOps+UEBA game so their agent should be pretty powerful. That said, I expect gazillion agentic AI announcements in the coming weeks leading up to RSA. I wish there was benchmark to evaluate the efficacy of all the agents about to flood the markets, something similar to the MITRE ATT&CK evaluations.
More Security Operations news ⬇️
ReliaQuest secures $500 Million in funding, boosting AI-driven cybersecurity operations
Stellar Cyber Open Cybersecurity Alliance enhances threat detection and response
Interested in sponsoring TCP?
Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~6,000 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye for now 👋🏽
That’s all for this week… ¡Nos vemos la próxima semana!
Disclaimer
The insights, opinions, and analyses shared in The Cybersecurity Pulse are my own and do not represent the views or positions of my employer or any affiliated organizations. This newsletter is for informational purposes only and should not be construed as financial, legal, security, or investment advice.