Welcome to The Trident Radar!

2025 is in the history books, time for a yearly roundup!!

Forewarning for regular readers, this is a bit of a long one. I’ve sent it just before the weekend so that those who are as mad as me about this stuff have time to read!

Every year we try to cut through the noise and figure out what's actually happening in cybersecurity funding. Not the press releases, not the "we're excited to announce" posts, but the real information.

We've put together the full breakdown: every stage, every region, every category. Whether you're raising, selling, hiring, or just trying to understand where the market is headed, it's all in here.

Enjoy!

Here's the short version for anyone who doesn't have time to read the whole thing.

The takeaway? Fewer deals, bigger checks, and a market that's separating winners from everyone else with increasing speed.

Before we dive in, a few caveats that'll help you read this report properly:

Currency conversion: European and UK deals are converted to USD at approximate rates. These aren't precise to the penny, but they're close enough to tell the real story.

Disclosure is actually pretty good for VC: Of the VC deals where funding was actually exchanged, 67% disclosed amounts. The remaining 23% of "VC events" in our dataset are accelerator programs where no equity changed hands. M&A is a different story, only 10% of deals disclosed, so those totals are definitely floors. However it does make sense as M&A tends to contain a lot of redundant buyouts, being dominated by the big buys.

Accelerator deals without equity: 228 VC events are accelerator programs where no funding changed hands. We count them as ecosystem activity but exclude them from dollar totals.

No deduping by company: If a company raised both a Seed and Series A in 2025, both rounds count. That's intentional, each round represents real capital deployment.

The mix tells you a lot about where the market is. VC still dominates deal flow, but M&A is over a quarter of all activity. And that shutdown number? We'll come back to that.

The market got more selective (fewer deals) but more generous to winners (bigger checks). That's the bifurcation story: if you're building something that works, capital is available. If you're not, the runway runs out faster.

Fewer deals, more dollars. That's the story in one line. VCs are being more selective, but when they do invest, they're going bigger.

The median round jumping 31% is significant. It means the average company that got funded in 2025 raised meaningfully more than their 2024 counterparts. Whether that's because valuations are up, companies are raising more runway, or VCs are concentrating bets on higher-conviction opportunities, probably all three.

A few things stand out:

Series B is where the dollars concentrate. Over $3 billion into 60 deals means the average disclosed Series B was north of $58M. If you're a Series A company with solid traction, the path to B looks wide open but only if you've got the metrics.

Seed is healthy but getting expensive. A $4.3M median seed is not cheap. The days of $1-2M seeds being the norm are fading. Early-stage founders are raising more, which means they're also giving up more (or getting better terms which depends on leverage).

The late-stage funnel is narrow. Only 20 Series C deals, 11 Series D deals, 10 Series E+ deals. If you're a late-stage company that didn't get funded in 2025, the competition for those slots was fierce.

Not every deal announces its size, but the transparency is better than you might think:

Seed rounds have the highest disclosure rate (78%), which makes sense as smaller rounds = fewer complex terms, less competitive sensitivity etc. Early Stage VC has the lowest (62%), possibly because growth metrics at that stage are still developing and founders prefer to keep valuations quiet.

The 270 undisclosed deals represent real capital that didn't make it into our totals. If those followed similar distributions to disclosed deals, the actual market could be 30-40% larger than reported numbers suggest.

28 deals cleared the $100M mark in 2025, totalling $6.5 billion. Here are the biggest:

Saviynt's $700M Series B is an unusual structure. Most $700M rounds happen at Series D or later. Either they compressed multiple rounds, or they've got exceptional metrics to justify that valuation at B stage.

Cyera appears twice because they raised $940M total across two rounds in 2025. Chainguard did the same, pulling in $636M combined. When investors are willing to come back for seconds in the same calendar year, that's a strong signal.

7AI's $131M Series A is the largest A round in the dataset. That's a lot of capital for an early-stage bet but "agentic security" (their positioning) clearly has believers.

SandboxAQ at $450M shows quantum-adjacent security is attracting serious capital.

These companies raised multiple rounds in 2025:

When companies raise twice in one year, it usually means one of two things: they're scaling fast and burning through capital (good problem), or they're structuring rounds intentionally to manage dilution and valuation step-ups. Either way, these are names to watch.

_{*based on HQ listed location}

The US captured 75% of disclosed VC dollars. No surprise there as it's where most of the buyer budgets are, and the investor ecosystem is deepest.

But the more interesting story is in the ratios. Israel had only 75 VC deals but pulled in $1.9B, that's a $39M average and a $22M median. Compare that to Europe's 249 deals for $1.3B (roughly $11M average). Israeli companies are raising larger rounds, which typically means more mature businesses or higher investor conviction.

Top Israeli VC rounds in 2025:

The Israeli ecosystem punched well above its weight in 2025. With only 75 deals, they generated $1.9B which if you compare that to their 2024 numbers and the growth is substantial. Part of this is category timing (identity, AI security, and cloud-native are hot), and part is the maturity of the Israeli cyber ecosystem producing growth-stage companies ready for larger rounds.

Top European VC rounds:

Europe had 249 VC deals, plenty of activity but the disclosed total of $1.3B works out to smaller average rounds than either the US or Israel. The funding gap isn't about deal volume; it's about check size at growth stages.

That said, Multiverse Computing ($204M), Tines ($125M), Navys ($124M), and Exein ($184M combined across two rounds) show that European companies can raise at scale when they break out.

Not all cybersecurity is created equal. Here's how funding broke down by security category:

Identity continues to dominate. With $3B+ in VC funding across 188 deals, identity and access management remains the largest funded category. This makes sense: every enterprise needs it, the buying cycle is predictable, and the TAM keeps expanding as cloud and SaaS proliferate.

Security Operations is the second-largest category ($1.35B) includes: SIEM, SOAR, detection and response. The SOC modernization wave is still generating funding.

GRC & Compliance is bigger than you'd think. 164 deals and $1.29B shows that compliance-driven security spending is a fundable market, not just a cost center.

AI Security is nascent but real. There’s a big difference between AI in cybersecurity and companies protecting against AI - often mistaken for the same thing. Only 20 deals and $171M, but the category barely existed 18 months ago. The $9.5M median suggests investors are writing meaningful early checks.

Cloud Security looks underfunded at $185M across 19 deals but that's very misleading. Many "cloud security" companies are categorized elsewhere (Wiz would show up in our pending M&A, not VC). The acquirers are buying cloud security faster than VCs are funding it.

M&A tells a different story as it shows what the strategics and PE firms think is mature enough to buy:

Data Security is the M&A leader ($2.94B) - think Securiti ($1.73B to Veeam) and similar deals. The data security posture management (DSPM) wave is creating exits.

MSSP consolidation continues - $2.4B disclosed across just 13 deals means large average deal sizes. PE firms and consultancies are rolling up managed security.

Cloud Security exits are happening - Hornetsecurity ($1.8B to Proofpoint) shows the category is mature enough for billion-dollar exits even if VC activity looks quiet.

The failure data paints a picture of an overcrowded market:

Identity has the most shutdowns (36) - but also the most funding. More companies attempting = more failures. The failure rate matters more than the absolute number, and identity still looks healthy on a funding-to-failure ratio.

Fraud & Trust has a rough ratio - 9 shutdowns against only 19 VC deals suggests the category is challenging. Buyers may not be willing to pay, or differentiation is hard.

The US captured 60% of global cybersecurity VC deals. But "US" isn't monolithic as the funding distribution across metros tells you where the action really is.

_{*based on HQ listed location}

SF Bay Area is still #1, but not dominant. $2.9B from 160 deals this is up 22% YoY. The Bay still leads, but it's 29% of US VC dollars, not 50%+. The median round ($15M) is healthy but not exceptional.

NYC had a down year. Funding dropped 35% to $1.89B despite deal count holding steady. The mega-rounds went elsewhere in 2025. That said, Cyera alone raised $940M across two rounds - without them NYC would look much weaker.

LA/SoCal's numbers are distorted by Saviynt ($700M). Strip that out and it's a small market. But Saviynt choosing El Segundo over SF is notable.

DC/NoVA/MD is surging. Up 73% to $867M. The government-adjacent cyber market is real: ID.me ($340M), Sublime Security ($150M), SpecterOps ($75M). If you're selling to federal or defense, this is the place to be.

Seattle punches above its weight. Only 23 deals but $853M and a $24.5M median, this is the highest of any major metro. Chainguard ($636M across two rounds) is the anchor.

Boston has the highest median among established hubs ($28M). Fewer deals but bigger rounds, that points to a mature ecosystem producing growth-stage companies.

Austin is growing but still small. 17 deals, $280M. Halcyon ($125M) and CertifID ($48M) lead. The Austin cyber scene is real but early.

SF Bay Area:

NYC Metro:

DC/NoVA/MD:

Boston:

Seattle:

Austin:

The geographic distribution of cyber VC is remarkably stable. SF and NYC together account for 36% of deals which is the same as 2024. The minor shifts (DC up, LA down) are within normal variance.

The takeaway: geography matters less than it used to, but it does still matters. If you're building a cyber company, you can do it anywhere, however if you want the densest network of investors, customers, and talent, SF and NYC remain the centers of gravity.

The M&A market is busy. 599 deals is 5% more than 2024. But the disclosure rate is abysmal. Only 60 deals told us what they paid. So when you see "total M&A value," understand that's barely scratching the surface.

A few patterns emerge from who's buying what:

AI Security is the hottest target. Protect AI → Palo Alto Networks ($675M). Lakera → Check Point ($300M). Prompt Security → SentinelOne ($275M). The platform vendors are racing to add AI security capabilities, and building is slower than buying.

Identity consolidation continues. Veza → ServiceNow ($1B). The identity market has been "hot" for years now, and the big platforms are still assembling.

Email security still commands premium prices. Hornetsecurity → Proofpoint for $1.8B shows email security isn't boring it's very lucrative.

Thoma Bravo is everywhere. The PE giant was behind the Proofpoint/Hornetsecurity deal and continues to be the most active acquirer in cyber.

Distribution matters. Exclusive Networks ($2.38B) shows that cybersecurity distribution and VAR businesses command significant valuations.

This is the section nobody likes to write, but it matters.

190 companies shut down in 2025, a huge 53% increase from 2024. That's not a rounding error by the way.

By previous financing status:

47% of shutdowns were formerly VC-backed companies. These aren't just bootstrapped experiments that didn't work out, they're companies that raised institutional money and couldn't make it to the next milestone.

By region:

Israel's low shutdown count (7) relative to its deal activity is notable. Either the Israeli companies that get funded are more robust, or the ones that would fail are getting filtered out earlier.

The 53% increase in shutdowns tells you the market is getting less forgiving. Companies that couldn't hit milestones, find product-market fit, or secure follow-on funding are running out of runway.

A lot of these are likely 2021-2022 vintage companies, raised during the frothy period, burned through capital, and couldn't raise in the tighter 2023-2024 market.

If you're a founder: the bar is higher. If you're a sales leader at one of these companies, watch your cap table and runway carefully. If you're a buyer, some of these shutdowns might have good technology worth acqui-hiring.

14 cybersecurity companies went public globally in 2025, with two major Western listings:

SailPoint's return to public markets is the headline. After going private in 2022, they came back with a $1.38B raise, the largest cyber IPO of 2025. Identity governance clearly has public market appeal.

Netskope finally went public after years of speculation. At $908M, it's a significant debut for the SASE category.

The IPO window being open is good news for the pipeline of private companies waiting for their shot.

Top investors by deal count:

Y Combinator leads by deal count, which makes sense as they write a lot of small checks at the earliest stages. The AWS/CrowdStrike accelerator is a close third, reflecting how strategic accelerators have become a real pipeline for cyber startups.

Among traditional growth-stage VCs, Ballistic Ventures (13 deals) and SYN Ventures (15 deals) punch above their AUM relative to the mega-funds. Both are cyber-focused, which means they're not diluting attention across other sectors.

In-Q-Tel's 10 deals remind you that the intelligence community is an active investor in emerging security tech. If IQT is backing something, there's usually a national security angle worth understanding.

The data suggests 2025’s debt boom wasn’t real growth capital, it was survival financing.

Debt deals fell by 40%, but the remaining ones were bigger and older, often refinancing existing loans rather than fueling new expansion. That points to a class of late-stage vendors keeping the lights on through lender forbearance.

Refinancing rounds, especially when they appear in place of equity raises, are often a symptom of maturity stress.

From our data:

That pattern strongly implies that many cybersecurity companies are rolling forward debt they can’t pay down yet.

If we project the same debt maturity patterns forward:

1. The market is healthy but bifurcated. Strong companies raised at higher valuations with bigger checks. Weak companies shut down in record numbers. There's no middle anymore.

2. Check sizes are up across the board. Median VC round jumped 31%. Whether you're raising Seed or Series D, expect (and need) larger rounds than you would have two years ago.

3. M&A is constant but opaque. 599 deals is a lot of consolidation. But 90% undisclosed means the real exit values are mostly invisible. If you're planning for M&A as an outcome, do your homework on actual comps, not press releases.

4. Israel is having a moment. $1.9B in VC funding across 75 deals which is a $22M median. Israeli companies are raising growth rounds that compete with anyone.

5. AI security is real, not hype. The acquirers (Palo Alto, Check Point, SentinelOne) are buying AI security companies. The VCs are funding them. The category is legitimate.

6. Identity isn't slowing down. Saviynt's $700M, Veza's $1B exit. The identity market continues to absorb capital and produce exits.

7. 190 shutdowns is a warning. If you're at a company with 12-18 months of runway and no clear path to profitability or next round, the market is telling you something. Adjust accordingly.

Before we speculate about 2026, let's talk about what's already been announced but hasn't closed yet. These deals are in the pipeline, and if they all complete, they'll reshape the market:

The Mega-Deals

That's $66 billion in announced M&A from just three deals. To put that in perspective: the entire disclosed M&A market in 2025 (completed deals) was $18 billion.

Wiz → Google ($32B) is the headline everyone's watching. When it closes, it’ll be the largest cybersecurity acquisition in history. Google is betting that cloud security is the next platform war, and Wiz's multi-cloud posture management is the prize. The regulatory path is the question mark.

CyberArk → Palo Alto Networks ($26.2B) will create a security behemoth. Palo Alto adding CyberArk's identity security to its platform play is a statement: the platform vendors believe identity is essential, not optional. This is public-company-to-public-company, so it makes sense there is some scrutiny.

Armis → ServiceNow ($7.75B) is fascinating because ServiceNow isn't a security company it's a workflow company. But they're buying one of the best asset intelligence platforms in the market. The thesis: security is becoming a data and workflow problem, not just a tools problem. ServiceNow sees Armis as the connective tissue between IT, OT, and security operations.

Other Notable Pending Deals:

The dividend recaps at Ping Identity, Darktrace, and Infoblox signal that PE owners are extracting value while they can. That's not necessarily bearish as these are mature, cash-generating businesses but it does mean the sponsors are taking chips off the table.

CyberCX → Accenture is notable because it's a major MSSP in Australia being absorbed by a global consultancy. Expect more of this: the big consultancies want security delivery capabilities, and buying established MSSPs is faster than building.

This report is based on 2,265 deal events from cybersecurity vendors headquartered in the USA, Europe, Israel, and other regions. All figures are in USD (European currencies converted at approximate rates: €1 = $1.08, £1 = $1.27). Undisclosed deals are counted in totals but excluded from funding calculations. Built from public data sources.

Trident Search specializes in cybersecurity recruitment for high-growth companies from Seed to Series A. For GTM hiring needs across Account Executives, Sales Engineers, and Customer Success, reach out to the team.