Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Growth Marketing at Monad and former detection engineer in big tech. Each week, I dig through all the major headlines to bring you the latest security product innovation and industry news. Subscribe below for weekly updates! 📧

Security Teams Need Outcomes, Not More Alerts

Varonis gives you outcomes, not alert fatigue. We detect real risks, automate prevention, and accelerate remediation across cloud, on-prem, SaaS, and third-party apps. Get a free data risk assessment with clear, actionable results in under 24 hours.

Request a free assessment

👋🏼 Howdy! Hope you’re doing well wherever you’re tuning in from across the world and if you celebrate Resurrection Day (Easter🐰), I hope you had a great one!

That said, just a couple more days before tens of thousands of us drop into SF for the BSidesSF and RSAC conference marathon. If you wanna meet and chat cyber throughout the week, shoot me a DM! 📥

Tl;dr

• 🤺 2025 Verizon Data Breach Investigations Report is LIVE!

• 🤖 Bot traffic now makes up 51% of all internet traffic

• 🐙 Chainguard raises $356M Series D from KP, IVP and many others

• 💭 Krebs out from SentinelOne after Trump attacks

• 🎯 Descope launches Agentic Identity Hub

• 🦅 CrowdStrike launches Falcon Privileged Access

• 🤠 Lasso open-sources MCP Gateway

• 🤔 Something about self-driving SIEMs?

• 20+ more “Future of Security” announcements across 7 domains

Needless to say, this week’s issue will be a long one so if you’re reading from email, make sure to hop over to our Substack to ensure you don’t get cut off. Stick around til the end for my meme of the week 🙈

Now, let’s cyber 🕺🏽

Tired of an endless alert backlog and too many false positives?

Intezer's Autonomous SOC solution automates investigations and triage decisions, freeing up your team to focus on what matters most. Discover how enterprise teams and top MSSPs are using AI-powered alert triage to cut through the noise, enhancing their SOC analysts' efficiency and accuracy.

See Intezer in Action Today!

⚒️ Picks of the Week ⚒️

2025 Verizon Data Breach Investigations Report is out!

The 2025 Verizon DBIR report just dropped this AM! While I haven’t had the chance to dig in, it’s still worth surfacing given the importance the annual report over the nearly two decades.

It’s one of the most referenced reports in our industry and rightly so.

Check it out here!

Bot traffic now surpasses human traffic online

Bot traffic now makes up 51% of all internet traffic. 37% of that being 'bad bots'.

"The most common AI-assisted bots include ByteSpider Bot (responsible for 54% of all AI-enabled attacks), AppleBot (26%), Claude Bot (13%) and ChatGPT User Bot (6%). The success of the ByteSpider Bot comes from its widespread confusion with the legitimate ByteSpider web crawler operated by ByteDance (the TikTok firm) used to scrape internet content for training data for ByteDance’s LLM models.

Sucks, but obviously this will only get worse.

Kudos to Imperva for the great research on this 👏🏽

Research Briefing: MCP Security from Rami McCarthy

This is one of the most comprehensive posts I've come across covering MCP security risks and mitigations. As Rami states it "We have the opportunity to apply past lessons, rather than relearn them the hard way."
One clear example is how we approach MCP server registries and marketplaces. They're privy to the same risks (i.e., unverified authors) as other registries like Docker Hub or VSCode extensions. Local and remote MCP server use could also lead to remote code execution. In other words, things can get bad fast if you're not taking a security-minded approach as most folks building with MCP probably are.

In the post, Rami goes over 10+ practical steps on how

Chris Krebs Resigns From SentinelOne

Chris Krebs, former director of CISA has recently stepped down from his role as SentinelOne's Chief Intelligence and Public Policy Officer in response Trump's memorandum on Chris Krebs' activities while at CISA. When Krebs stepped down from SentinelOne, he added that "this is my fight, not the company's." Pretty stand up move from Krebs as the litigation and noise surrounding this would have been a massive distraction to SentinelOne's business objectives.

🔮 The Future of Security 🔮

Introducing Fix by Resourcely

Fix by Resourcely cuts the manual toil out of cloud security remediation. Automate misconfig remediation, accelerate compliance, and eliminate spreadsheet chaos. From IAM cleanup to encryption enforcement, Fix helps teams move faster and stay secure — without the back-and-forth.

👉🏼 Learn more here

AI Security

Lasso open source Security Gateway for MCP

Speaking of MCP security… Lasso has open-sourced their MCP Gateway which enables security teams to:

• Apply configurable security filters to both requests and responses.

• Prevent sensitive data exposure before information reaches your agent.

• Monitor MCP usage

Kudos to the Lasso team for open-sourcing this!

More AI Security news ⬇️

• PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks

• Ebryx LLMSec protects LLMs and autonomous AI agents in production environments

• SecurityBridge Launches AI-Powered Code Vulnerability Analyzer to Strengthen SAP Security

• Nvidia announces general availability of NeMo tools for building AI agents

Application Security

Chainguard Raises $356M in Series D at $3.5 Billion Valuation

Chainguard, who recently expanded their secure-by-design approach to VMs and libraries, announced that they’ve raised a $356M (🤯) in a round led by Kleiner Perkins (KP) and IVP. Joined by new investors like Salesforce’s and Datadog’s VC arms, and existing investors like Sequoia Capital, Redpoint, and Lightspeed.

IPO in the next 2-3 years is what I’m thinking. Chainguard’s momentum and the level of conviction from legendary growth/late-stage VCs tell a very compelling story.

This is not financial advice.

Cycode adds agents

On cue with the theme of the season, Cycode has launched 4 new agents including:

• Change Impact Analysis Agent: Scans code changes to identify potential new security risks.​

• Risk Intelligence Graph Agent: Allows developers to query for vulns using natural language prompts.

• Exploitability Agent: Assesses whether identified vulns are practically exploitable/reachable.

• Fix & Remediation Agent: Provides remediation recommendations for findings.

They also added a runtime memory protection feature that prevents malware from accessing data during the build process.

Ghost Security Exorcising The SAST Demons report

Our friends over at Ghost Security recently launched a report which shows why legacy SAST is dead. Among the findings were that out of +2K vuln findings, 91% were false positives and that AI-enabled triaging could save security and dev teams 350+ hours. Context and AI-based approaches are king for AppSec moving forward. Ghost is leading that charge.

Check out the ungated report here.

More AppSec news ⬇️

• Hopper Raises $7.6M in Seed Funding

• Docker to streamline and secure AI software delivery through containerization

• Unveiling Agentless and Dynamic Reachability Analysis to Dramatically Reduce Cloud Risks

• Snyk API & Web simplifies app security testing with AI-powered tools

• Symbiotic Security Unveils AI Coding Tool Trained to Identify Vulnerabilities

• Amazon partners with GitLab to bring Q Developer to DevSecOps workflows

• Endor Labs, which builds tools to scan AI-generated code for vulnerabilities, lands $93M

• Socket acquires Coana to enhance static analysis and reachability in software composition analysis

Data Security

Relyance AI builds ‘x-ray vision’ for company data

RelyanceAI has launched their "Data Journeys" feature which details the lifecycle and whereabouts of data. Traceability and maintaining a crisp lineage view for crown jewel data is not easy to build or solve for so kudos to Relyance!

More Data Security news ⬇️

• Varonis Expands Threat Detection Capabilities to Pure Storage Environments

• Cy4Data Labs Raises $10 Million to Secure Data in Use

• Varonis and Concentrix Partner to Deliver AI-Ready Data Security Solutions

• Cyera Launches Omni DLP: The AI Brain for DLP

Email Security

Expel launches proactive defense for email threats

Expel has expanded their MDR for email security offering by adding integrations for Sublime Security, Abnormal AI, and Proofpoint. While Expel already had a email security visibility into O365 and Google Workspace, this allows them to bring in 3rd party findings to cross-pollinate with other data sources like identity and endpoint.

Identity Security

Descope launches Agentic Identity Hub

Descope has launched a platform designed to simplify and secure authentication and authorization for AI agents, models, and MCP servers.

• Inbound App Support: Enables apps to act as their own identity providers using OAuth, allowing agents to authenticate and perform actions on behalf of users with explicit consent.

• Outbound App Integration: Provides AI agent devs with a secure method to connect agents to over 50 third-party tools (e.g., Gmail, GitHub, Slack) without manual token management.​

• MCP Server Security: Offers SDKs and APIs to help devs build and manage auth for remote MCP servers.

Descope is one of the strongest stories in identity security today. Love to see them continue to stay at the forefront of identity x all innovation.

More Identity Security news ⬇️

• GitGuardian launches Non-Human Identity (NHI) product 🔥

• CrowdStrike Falcon Cloud Security Adds Detections for AWS IAM Identity Center

• 1Password adds protection for agentic AI in the enterprise

• CrowdStrike Falcon Privileged Access Unifies Identity Protection Across Critical Environments

• Orchid Security Appoints Former Wiz Executive as Chief Revenue Officer to Fuel Next Phase of Growth

• Permiso launches unified identity security platform for cloud and on-premises environments

SaaS Security

Reco launches two AI agents for SaaS Security + $25M Series A Extension

Reco recently launched two agents for SaaS security alerts and identity-related findings. They have a really powerful knowledge graph built on ClickHouse that can open up some fun opportunities on the context + detection side. They're planning several more use case specific agents.

This comes on the heels of them announcing their recent $25M Series A extension led by Insight Partners, Zeev, Boldstart, Angular, and Redseed.

Security Operations

BlinkOps launches no-code custom cybersecurity AI agent builder

Agents are all the hype these days because of the promise that they will augment humans and shoulder the burden of tedious work, enabling us to focus on more important tasks. BlinkOps is democratizing this for security teams by making it super simple to build use case specific agents.

While I'm not sold that an agent built by a customer will outperform an agent built by a vendor with agents trained on exabytes of security telemetry and different customer environments.

That said, this approach will certainly improve over time and solve many challenges for understaffed security teams.

More SecOps news ⬇️

• Exaforce Lands $75M To Bring AI Agents To Security

• Gurucul introduces self-driving SIEM powered by AI enhancements

• Kenzo Security Raises $4.5M in Funding

• Stellar Cyber Redefines SecOps with Autonomous SOC and Expands Footprint in Brazil

• Halcyon Expands Anti-Ransomware Platform to Address Kernel-Level and Data Exfiltration Threats

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~6,000 CISOs, practitioners, founders, and investors across 100+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!

🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀🍀