Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Product + Marketing at Monad and former detection engineer in big tech. Each week, I dig through all the major headlines to bring you the latest security product innovation and industry news. Subscribe below for weekly updates! 📧

🧘🏽‍♂️ AI-Powered Investigations, Zero Analyst Burnout 🧘🏽‍♂️

Drowning in noisy alerts and slow triage? Your analysts deserve better. Prophet Security’s Agentic AI SOC Analyst automates full-context alert investigations with machine speed and precision—cutting through the noise so your team focuses on real threats.

Free your analysts from alert fatigue. Speed up response. Catch what matters.

Request a demo​​​​​ today

Tl;dr

• 🤺 Microsoft launches Entra Agent ID Security and other AI security offerings at their annual dev conference.

• 💰 Palo Alto Networks and Cisco reported earnings. Both beat expectations. Both SIEM businesses performing well based on earnings calls.

• 🤖 OpenAI launches their coding agent, Codex, and shed light on plans for GPT-5.

• 🐍 Chainguard launches ‘Chainguard Libraries for Python’

• 🚂 ConductorOne’s 2025 Future of Identity Security report

• 👀 Docker and Wiz launch similar solutions to Chainguard Images

• 🏜️ Redpoint raises $650M in their 10th early-stage fund

Okay cool, let’s cyber 🕺🏽

⚒️ Picks of the Week ⚒️

💰Palo Alto Networks Reports Q3 FY25 Earnings💰

Overall, very strong quarter. $2.3B in quarterly revenue (+15% YoY) 📈

Key takeaways

• Nikesh Arora acknowledges they fell behind in cloud runtime security and cites it as one of the factors behind their acquisition of Protect AI. Humility and awareness on public display. Kudos.

  … we learned our lesson in cloud. In cloud security we dwelled too long on the peacetime capabilities cloud security or the posture capabilities of Prisma Cloud. But in the firewall sort of AI business, we’ve actually doubled down on the production capabilities. So we are aggressively starting with runtime security, which actually was eighteen months later in the cloud security industry.”- Nikesh Arora, CEO of Palo Alto Networks

• 200% ARR Growth for XSIAM… 270+ customers 🔥

• Super heavy push on the unified data lake being the future of security which goes hand in hand with their platformization strategy

• Significant ARR growth driven by large "platformization" deals ($90M, $46M, $33M deals cited).

• Heavy focus on securing AI builds and deployment.

• Their Talon acquisition also seems to be performing (3M licensed seats. Up 10x from a year ago)

  • Referenced as "Talend" in linked earnings call transcript.

• Transitioning to contract manufacturing in Texas, reinforcing its stance as the only major cybersecurity player assembling hardware in the U.S. to mitigate tariffs and optimize costs

Earnings report assets ⬇️

• Presentation PDF

• Official press release

• Recorded Webcast

CrowdStrike (CRWD 0.00%↑) reports first week of June. It'll be interesting to see how their SIEM business is fairing against CrowdStrike's Next-Gen SIEM and Cisco's Splunk.

Note: Doesn't seem like Cisco reports hard numbers on Splunk performance. However, in their most recent earning's call, they did mention that they signed their largest Splunk deal in history with a financial institution and that it is performing slightly ahead of their own expectations in terms of revenue and profitability. They also mentioned that the people side of the company integration is complete and product integration continues.

Latest on Coinbase breach

It’s all over the news so the tl;dr is Coinbase customer service agents were bribed into extracting sensitive customer info including SSNs, govt. home addresses, and everything in between.

The attackers requested a $20M ransom which Coinbase did not pay and instead launched a $20M reward fund for information leading to the arrest of the criminals. This is unprecedented and I’m a huge fan of the approach. Coinbase does expect total damages to be ~$400M so what’s another $20M?

Coinbase has since fired the overseas support agents and the US DOJ has launched an investigation along with intl. law enforcement. Coinbase is also being sued by a few impacted customers.

The timing of this is a bit interesting as it came on the same week Coinbase's S&P500 inclusion was announced.

Lots going on here, but it reminds me of the MGM breach where help desk agents were social engineered into handing over account creds. I think this is a space where AI can disrupt and better mitigate social engineering attacks.

OpenAI GPT-5 + OpenAI’s Codex is part of a new cohort of agentic coding tools

Through a Reddit AMA (Ask Me Anything), we recently learned more about OpenAI's next foundational model release of GPT-5. They'll be looking to roll up multiple of their models into one leading to less model switching and better prompt chaining.

This comes on the heels of the release of their AI coding agent, Codex-1.

Pwn2Own Berlin 2025: total prize money reached $1,078,750

$1M+ in prize money for 28 0days in VMWare, NVIDIA, Microsoft and Firefox products. Heap-based overflow, integer overflow, and array index validation flaws were some of the vulns exploited. Star Labs, Singapore-based company walked away with the top prize and "Master of Pwn" title.

🔮 The Future of Security 🔮

AI Security

Microsoft makes building trustworthy AI agents easier and more secure

Microsoft recently had their annual developer conference, "Microsoft Build", and it came with a few security-related announcements for AI. In fact, "security" is mentioned 58 times in their book of news.

Key announcements

• Entra Agent ID - Assigns a unique identifier to every Microsoft AI agent in an environment. Check out the full announcement post here.

• Defender for Cloud (CNAPP) coverage for their Azure AI Foundry service.

• Microsoft Purview SDK for embedding Purview's data security capabilities directly into AI apps.

Note: Google's developer conference, Google I/O, is also going on at the moment, but I'm not seeing much of a security focus in their slated talks.. Mostly AI, Chrome and Android related.

More AI Security news ⬇️

• Trend Secures AI Infrastructure with NVIDIA

Application Security

Chainguard Libraries for Python

Chainguard has launched Chainguard Libraries for Python, a curated collection of Python packages rebuilt entirely from source within a secure, SLSA Level 2-hardened environment. This initiative aims to mitigate supply chain attacks by ensuring that each library and its dependencies are constructed from verified source code, thereby reducing the risk of malware insertion during the build and distribution processes.The libraries are compatible with major Linux distributions, including Chainguard OS, RHEL, Debian, and Ubuntu, facilitating integration into existing development workflows.

The release includes nearly 10,000 popular Python projects, providing a secure and standardized source for dependencies in the Python ecosystem.

Interestingly enough, this announcement came < 1-2 hours after Wiz announced "WIzOS", a competing product to Chainguard's flagship offering "Chainguard Images". Docker has also launched "Docker Hardened Images (DHI)" two days ago which is a competitor to both. Competition is good and I imagine Chainguard is about to put the $350M+ they recently raised to good use as evident by the aforementioned launch.

OX Security Raises $60M Series B

OX is one of the most complete and promising AppSec platforms on the market today and they just raised a $60M Series B in a round led by DTCP, with participation from IBM Ventures, Microsoft, Swisscom Ventures, Evolution Equity Partners, and Team8.

AppSec space remains hot due to the proliferation of AI-generated code and OX is well positioned to capitalize on this for their next leg of growth.

More AppSec news ⬇️

• GitHub Copilot evolves into autonomous agent with asynchronous code testing

Cloud Security

Wiz launches WizOS

Wiz has introduced WizOS, a hardened Linux distribution designed to minimize vulnerabilities in container base images. This is a direct competitor to Chainguard's flagship product and honestly, I think it's synergistic that Wiz, a cloud security market leader, go after this space. All politics aside, it's what's best for the customer.

Docker Launches Docker Hardened Images (DHIs)

Two days ago, Docker launched DHIs which is pretty much another competitor to Chainguard Images. Product demo video here:

Governance, Risk, and Compliance (GRC)

TrustCloud raises $15M to accelerate GRC Transformation

TrustCloud, a GRC automation player, has raised $15M in a funding round led by ServiceNow Ventures, with participation from Cisco Investments, Presidio Ventures, OpenView Venture Partners, Tola Capital, and existing investors.

Identity Security

The Future of Identity Security Report from ConductorOne

The great team at ConductorOne recently published their "2025 Future of Identity Security" report and man, is it a masterclass in how to pull off a vendor research report. First of all, identity has arguably been the hottest sector in security in recent years and this report puts figures behind a lot of what's been top of mind for the security industry.

The report is also ungated so not being used for lead gen which is very altruistic of C1. Lastly, their sample size of 490+ security and IT leaders is pretty nice and they have an inordinate amount of stats that they share. Huge kudos to the C1 team on this report!

Get the full report here.

Security Operations

BreachRx Raises $15M Series A

BreachRx, an incident response startup, has raised a $15M Series A in a round led by Ballistic Ventures, with additional participation from SYN Ventures, Overline, and Silver Buckshot Ventures.

More SecOps news ⬇️

• Arctic Wolf Debuts Incident360 Retainer to Simplify Cyber Response and Readiness

• Mapping AWS security services to MITRE frameworks for threat detection and mitigation

Threat Intelligence

CloudSEK Raises $19 Million for Threat Intelligence Platform

CloudSEK has announced their $19M Series 2 and B1 (O.o) funding from MassMutual Ventures, Inflexor Ventures, Prana Ventures, Tenacity Ventures, Commvault, StartupXSeed, Neon Fund, Exfinity Ventures, and angel investors.

Venture Landscape

Redpoint raises $650M fund

Redpoint Ventures has raised it's 10th fund at $650M. They've got a pretty strong track record in and out of the security space. Push Security, Cyera, Cribl, Arctic Wolf, Snowflake, and Stripe to name a few. I'd imagine some of that funding will go into the next class of security market leaders.

Vulnerability Management

Intruder cvemon

Intruder Security has launched a free vulnerability intelligence platform that aggregates vendor advisories, NIST NVD, CISA KEV, and social media mentions to help inform security teams on the latest vulns. What's cool about it is that it offers a hype score + an RSS feed which makes it easy for teams to know if the CVE is a big deal or a big nothingburger.

Free + high quality security resources are a blessing for budget-strapped security teams so kudos to Intruder for building + maintaining this!

Interested in sponsoring TCP?

Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~6,000 CISOs, practitioners, founders, and investors across 100+ countries 🌎

👉 Learn more here!

Bye for now 👋🏽

That’s all for this week… ¡Nos vemos la próxima semana!