January Cybersecurity Insights – Funding and M&A

Cybersecurity investment opened the year at pace, with strong backing for AI-native platforms, cloud runtime security, and cyber-physical resilience. Growth-stage rounds led the momentum, including Claroty’s $150M Series F and Upwind’s $250M Series B, alongside Torq’s $140M Series D, signalling continued confidence in scalable, automation-driven security operations and cloud protection. Earlier-stage companies such as WitnessAI, Outtake, Memcyco, Mesh Security, depthfirst, Minimus, and AiStrike also attracted significant capital, underscoring investor appetite for AI governance, fraud and impersonation defense, vulnerability reduction, and agentic security models built for the AI era.

M&A activity reinforced the shift toward integrated, intelligent security platforms. CrowdStrike announced acquisitions of Seraphic Security and SGNL to enhance browser monitoring and dynamic access controls, while Palo Alto Networks agreed to acquire Chronosphere in a ~$3.35bn deal to strengthen automated detection and observability capabilities. Additional strategic moves by Delinea, Radware, and ThreatModeler highlight continued consolidation around identity security, API protection, and AI-driven threat modeling as vendors expand end-to-end security capabilities.

Investing:

WitnessAI raise $58M in Funding | Founded in 2023, WitnessAI is a unified AI security and governance platform trusted by enterprises to oversee and protect all AI activity

Series F:

Claroty raise $150M in Series F Funding | Founded in 2015, Claroty provides a software platform to secure cyberphysical systems across industrial, healthcare, public sector, and commercial environments, collectively referred to as the Extended Internet of Things. The round was led by Golub Growth.

Series D:

Torq raise $140M in Series D Funding | Founded in 2022, Torq is an AI-native autonomous security operations and hyperautomation platform. This round was led by Merlin Ventures.

Series B:

Upwind raise $250M in Series B Funding | Founded in 2022, Upwind delivers a runtime first cloud security platform that unifies visibility, risk prioritization and threat detection across modern cloud native applications, giving security and DevOps teams deep insight into live workloads, network flows and data so they can act with speed and confidence. The round was led by Bessemer Ventures.
Outtake raise $40M in Series B Funding | Founded in 2023, Outtake is a cybersecurity company that uses autonomous AI agents to protect organizations digital presence from evolving threats like impersonation, fraud, phishing, fake domains and malicious apps across online platforms. The round was led by ICONIQ Capital.

Series A:

Memcyco raise $37M in Series A Funding | Founded in 2021, Memcyco delivers real-time, preemptive protection to companies and their customers against phishing, digital impersonation, and account takeover (ATO) fraud. This round was led by NAventures.
Mesh Security raise $12M in Series A Funding | Founded in 2023, Mesh Security is building the execution layer for modern security operations. This round was led by Lobby Capital.
Depthfirst raise $40M in Series A Funding | Founded in 2024, depthfirst is an applied AI lab developing novel security solutions for businesses facing modern, AI-era threats to their systems. The round was led by Accel.

Seed:

Minimus raise $51M in Seed Funding | Founded in 2022, Minimus is a cybersecurity platform focused on providing secure, minimal container and virtual machine images that drastically reduce software vulnerabilities in cloudnative applications by trimming out unnecessary components and managing continuous security updates. The round was led by YL Ventures and Mayfield.
AiStrike raise $7M in Seed Funding | Founded in 2024, AiStrike is a cybersecurity company delivering preemptive cyber defense through an AI-native, agentic approach to security operations.

M&A:

Crowdstrike announce their agreement to acquire Seraphic Security & SGNL| CrowdStrike plans to combine Seraphic’s browser monitoring with technology from SGNL in order to enable dynamic access controls that adjust permissions based on real-time risk signals rather than static credentials. The deal amount for Seraphic was for $420M and SGNL was $740M.
Palo Alto Networks announce their agreement to acquire Chronosphere| Palo Alto Networks plans to integrate its Cortex AgentiX platform with Chronosphere’s observability technology. The integration aims to enable automated detection and resolution of security and IT issues. The deal amount was ~$3.35bn.
Delinea announce their agreement to acquire StrongDM| The combination of Delinea and StrongDM reflects the evolution of traditional session-based PAM into a scalable, modern identity security control plane that governs privileged access across all human and NHIs through JIT runtime authorization. The deal amount was not disclosed.
Radware announce their agreement to acquire Pynt| The acquisition enhances Radware’s API security portfolio by adding pre-production API security testing capabilities, enabling customers to identify and remediate API security risk earlier in the development lifecycle while maintaining continuous protection in production. The deal amount was not disclosed.
ThreatModeler Software announce their agreement to acquire IriusRisk|ThreatModeler’s AI-driven platform enables security architects to operate with speed, consistency, and impact across complex environments, while IriusRisk’s deep engagement with development and architecture teams has driven broad adoption and the industry’s most active threat modeling community. The deal amount was not disclosed.

Find out more about the companies mentioned in this article:

Investing