Welcome to The Trident Radar!

The first week of December came in fast, early-stage activity picked back up, identity and AI-compute risk took centre stage, a really small acquisition by ServiceNow ( /s ), and a wave of API, cloud and data-layer security startups surfaced with real velocity.

A very busy week for us so far on the role front too, check out our Jobs section at the bottom of this weeks newsletter.

Let's dive in.

This weeks Trident Talks!

This week on Trident Talks, Rosie Larter chats with Roy Katmor, CEO & Co-Founder of Orchid Security - a 20+ year security veteran - about the cyber problem everyone’s living with and quietly struggling to fix: identity fragmentation.

Mirror Security – Seed – API & App-Layer Security
Mirror Security is part of the new generation of API protection platforms built for AI-era threat models. The company focuses on securing cloud-native applications and LLM-facing endpoints by detecting behavioural anomalies, toxic request patterns, and data-exfiltration attempts.

AiScore – Early Stage – AI Trust, Risk & Model Evaluation
AiScore is building an enterprise-grade framework to measure AI model safety, reliability, and behavioural drift. With every company now deploying internal LLMs and agentic workflows, AiScore provides a scoring and evaluation engine that identifies harmful behaviours, hallucinations, and compliance risks before they reach production.

Zafran – Late Stage – Automated Exposure Management
Zafran is developing a continuous exposure management platform that unifies attack surface discovery, prioritisation, and internal risk visibility. By combining environmental context with attacker-centric modelling, Zafran positions itself as a platform capable of identifying not just vulnerabilities, but conditions for compromise.

AnChain.ai – Late Stage – Blockchain Threat Intelligence & Fraud Prevention
AnChain is one of the most recognised blockchain threat intelligence vendors, providing machine-learning-driven monitoring, anomaly detection, and fraud analytics across digital assets.

7AI – Early Stage – AI-Augmented Security Operations
7AI builds agentic AI capabilities for security operations, enabling automated triage, continuous threat validation, and intelligent alert reduction. Their platform aims to close the gap between SOC visibility and SOC capacity.

Veria Labs – Early Stage – Behavioural Analytics & Synthetic Identity Detection
Veria Labs operates at the intersection of fraud prevention and cybersecurity, analysing behavioural signals to detect synthetic identities, account manipulation, and coordinated digital fraud.

We have another big one my friends…

Veza Acquired by ServiceNow

2025 wraps up with a huge identity move, which isn’t really all that surprising. The deal, reportedly exceeding $1B, marks one of the largest cyber acquisitions of the year. Veza had already raised $108M in Series D funding earlier in 2025, and establishing it as a category leader in authorization intelligence.

A quick TLDR on who Veza are (were)

Veza’s “Access Graph” platform maps and governs every form of identity i.e. human, machine, API key, service account, or AI agent… delivering visibility into who or what can access sensitive data across cloud, SaaS, and AI-driven systems. This acquisition slots directly into ServiceNow’s expanding Security & Risk portfolio and strengthens its emerging AI Control Tower, giving enterprises the ability to govern AI-agent permissions and machine identities at scale. This also marks Servicenow’s largest year of investment in both count and cost!

Across all 2025 seed deals, a few patterns have emerged: it is looking likely that the future of cybersecurity will be built around identity, AI-native telemetry, agentic automation, and behavioural analysis across every digital surface.

These are the themes that stand out:

Seed capital is flowing disproportionately to AI-native companies

More than half of all 2025 seed deals embed AI as a core product mechanic, not a feature. These teams aren’t layering AI on top of traditional tools, they are designing systems where:

This marks the shift from assistive AI → operator AI.

Identity is the epicentre of early-stage innovation

The seed data shows a sharp rise in:

Identity is no longer a directory problem.
It’s a risk surface and founders see it.

As AI agents take actions across cloud and SaaS, every button they can click becomes a potential breach path.

Cloud & application security are shifting “up” the stack

Seed founders are building platforms to protect:

This is where Mirror, Cystemic, Firetail, and many others operate:
protecting the behaviour of systems, not just the infrastructure underneath them.

Fraud, abuse, and cyber are converging into a single discipline

Across the seed dataset, a spike in fraud detection, bot mitigation, and behavioural security startups is evident.

Digital identity cannot be trusted at face value anymore, platforms must infer trust from signals, not declarations.

This trend is powering companies like Veria Labs, Verisoul, and UnCognito.

Seed rounds are smaller but more strategic

2025 seed rounds are less about burn and more about:

Investors are prioritising execution velocity, not just big visions.

The Bottom Line

The 2025 seed market is telling us the next cybersecurity era will be defined by:

The winners will be companies that understand the new threat model:
AI-driven systems attacking AI-driven systems in highly dynamic cloud environments.

Just ask Claude!!

Cloud & API Runtime Protection Built for the Modern App Layer

Firetail delivers real-time protection for cloud applications and APIs, ensuring organisations can detect, block, and understand malicious behaviour before it leads to a breach.

The platform provides:

As enterprises adopt microservices and expose more data through APIs, Firetail positions itself as a critical safety layer on the application plane where attackers increasingly operate.

Funding Background

Firetail raised $5M in seed funding (Paladin Capital Group leading) with participation from Zscaler and five additional investors. The capital is being used to expand coverage across languages, cloud platforms, and new geographic markets.

Leadership

Both bring deep experience in cloud architecture, application security, and enterprise deployment models. Key strengths in a market that demands credibility and speed.

The Trident Take

Firetail represents a category that is expanding rapidly: protecting the app layer where cloud, API, and AI-driven logic intersect. Traditional perimeter controls can’t observe or understand modern API behaviour, but Firetail can.

Expect this category to accelerate throughout 2026.

VP of Sales – AI Security | East Coast, US
Early-stage, seed-funded Israeli AI security startup. First GTM hire in the US, tasked with building and scaling the commercial function quickly across enterprise and strategic accounts. $450K–500K OTE with meaningful equity upside.
Contact: [email protected]

Account Executive – DoD | DMV Area (DC / Maryland / Virginia)
VC-backed compliance and security cloud infrastructure startup with an established and trusted brand. Join a high-performing federal sales team focused on deepening relationships across DoD and wider defence ecosystems.
$300K OTE.
Contact: [email protected]

Account Executive – Public Sector (Federal) | Washington, DC
Fast-growing, VC-backed security compliance and automation vendor. First Public Sector / Federal sales hire — you will own and run the federal motion end-to-end for a Series A company scaling rapidly in regulated markets.
$300K OTE.
Contact: [email protected]

Account Executive – Data Security (DSPM) | Central / East US
High-growth data security platform focused on DSPM for modern cloud environments. Central / East Coast patch, strong demand from regulated and high-growth customers. Rep who started recently is on track to clear ~$500K in 2026.
$300K–320K OTE.
Contact: [email protected]

Account Executive – Agentic DLP | East US
Next-gen data loss prevention platform built around agentic AI for real-time data protection. Backed by a $20M seed round, signalling strong conviction and runway. East Coast-focused role selling into security-forward mid-market and enterprise accounts. $300K–350K OTE.
Contact: [email protected]

Account Executive – Non-Human Identity Security | TOLA
Category-leading NHI (non-human identity) security vendor recognised as one of the core players in the space. Work directly with a CRO who has two successful exits under their belt, selling into cloud-native and AI-heavy organisations.
$300K–320K OTE.
Contact: [email protected]

Account Executive – OT / Critical Infrastructure Security | US South
Operational technology security vendor focused on critical infrastructure and industrial environments. Role covers Southern states; Trident has placed much of the sales organisation here (CRO + multiple AEs), so you’ll be joining a proven, well-known leadership team.
$220K–240K OTE.
Contact: [email protected]

Ready to make your next move? These roles won't stay open long.

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

Email: [email protected]
All sources protected. We verify before we publish.