Welcome to The Trident Radar!

It was one of those strange weeks where overall deal volume cooled but the deals that did happen were loud.

AI threat detection, human-layer security, and compliance automation drew the sharpest investor and acquirer attention. Two of the seed deals this week caught our eye for their category-defining potential.

Let's dive in.

  • Human-layer security is heating up: Nudge Security lands new funding as user-centric security becomes a board-level priority.

  • Compliance automation remains a no-brainer: Multiple small enterprise compliance vendors saw early-stage capital this week.

  • Regional ecosystems show life: Tel Aviv, Boston, and Austin continue producing genuinely interesting early-stage cyber companies.

  • Insider Insight: The first AI-orchestrated espionage campaign changes the rules, defenders need to rethink detection.

Trident Talks!

In this episode of Trident Talks, Gareth Davies speaks with Itzik Alvas, Co-Founder & CEO of Entro Security, to unpack how the NHI space is evolving and why it’s quickly become a board-level security priority.!!

FUNDING SPOTLIGHT

Method Security – Series A – $26M (Andreessen Horowitz & General Catalyst)
Methods Series A positions the company as a front-runner in AI-native defensive security, designed specifically to counter AI-enabled threats. Founded in 2023, the team is already backed by a heavyweight syndicate including Andreessen Horowitz. With $50.5M raised to date, Method is now one of the best-funded early-stage entrants in AI-driven cyber defense.

Nudge Security – Series A – $22.5M (Cerberus Capital Management)
Las Vegas–based Nudge continues to define the human-layer security category. Their platform identifies risky SaaS usage, insider behaviours, and shadow access, then uses behavioural nudges, not punitive workflows, to reduce breach risk. This round values the company at $104M, signalling investor conviction that identity-centric risk is becoming a board-level priority.

Doppel – Series C – $70M (Bessemer Venture Partners)
California startup Doppel protects brands from phishing, impersonation and account-takeover campaigns. Their digital risk protection platform spans detection, takedown, and continuous threat monitoring. The $70M Series C puts them near a $600M valuation, and cements their position as one of the largest players in the brand-protection and attack-surface fraud category.

Apono – Series B – $34M (US Venture Partners)
Tel Aviv–based Apono automates and governs permissions for data and infrastructure, eliminating standing privileges and replacing them with just-in-time access workflows. This $34M Series B takes the company to a $115.5M post-money valuation, reinforcing investor appetite for identity-lifecycle and permissions automation tooling.

AI Security Platform – Accelerator Admission (WTIA Startup Program)
An AI security platform focused on protecting agent-based workflows joined the WTIA Startup Program’s 13th Founder Cohort on November 18. No equity or funding was exchanged, but the selection signals rising early-stage momentum in the AI-agent safety space.

M&A INTELLIGENCE

Not too much to shout about this month, however we want to give a quick mention to our friends at CyberSeer who have just been aquired by RedSquid a UK MSP.

Well done team!

INSIDER INSIGHT

AI-Orchestrated Espionage Has Arrived
(these AI pictures are getting ridiculous, ha!)

This weeks Insider Insight covers a recent report made by Anthropic.

If you haven’t read it I highly suggest to do so!

Full report: Disrupting the first reported AI-orchestrated cyber espionage campaign

This is the beginning of a new class of threat actor.

What Has Changed?

Historically, state-aligned APTs relied on humans for:

  • domain recon

  • phishing lure creation

  • vulnerability triage

  • operational security

  • sequencing multi-stage intrusion paths

The campaign documented in the Anthropic report demonstrated AI systems:

  • autonomously generating spear-phishing content,

  • selecting targets,

  • building attack chains with minimal human setup,

  • adapting mid-operation based on system responses.

This collapses the cost curve of espionage. What once required teams of operators now requires:

  • a small crew,

  • a budget,

  • and an LLM with guardrails removed.

Why It Matters for Security Leaders

Most detection today still assumes a human operator at the other end: timing patterns, linguistic tells, workflow sequences.

AI breaks all of those signals. Anthropic’s report shows LLM-driven attacks that:

  • randomise timing,

  • mimic employee writing styles,

  • adapt payloads on the fly,

  • and pivot in ways that don’t match any known TTP corpus.

This creates an intelligence gap. MITRE ATT&CK was built around human behaviour. AI actors won’t play by those rules.

The Defenders’ Next Move

We’re entering the era of AI-vs-AI security, meaning:

  • detection logic must shift from patterns to outputs

  • SOCs need tools that can distinguish “AI-generated action sequences”

  • enterprises must add AI behaviour monitoring (Prompt, Lakera, Cranium etc.)

  • cloud providers must enforce model-layer security policies

AI will not just be the attacker, it must also become the counterweight.

This week's seed deals (GhostEye, AISLE, Nudge, Defakto) already reflect the trend: defenders are finally starting to build for an adversary that doesn’t sleep, doesn’t mis-type, and doesn’t get sloppy.

COMPANY SPOTLIGHT

Nudge Security is one of the most interesting companies in the human-layer + SaaS security space, and their newly announced Series A signals growing investor conviction in the “SaaS + AI sprawl” problem they’re tackling.

Latest round: $22.5M Series A (Cerberus Capital) Valuation: $104M post-money Founded: 2021 Category: SaaS & AI Security Governance / Human-Layer Security

What They Do

Nudge gives security teams full visibility into how employees adopt and use SaaS and AI tools across the organisation. The platform maps every identity, app, integration, permission, and data flow — then automatically identifies issues like:

  • risky SaaS or AI app usage

  • unapproved third-party integrations

  • orphaned accounts and dangling OAuth connections

  • shadow access

  • permission creep

  • AI model usage and data exposure risks

Their edge is the behavioural layer: instead of dumping alerts on the SOC, Nudge quietly “nudges” users with personalised, contextual prompts that guide them to remediate issues themselves.

Why It Matters

SaaS and AI adoption is exploding faster than CISOs can govern it. Nudge addresses the root of the problem: most risk comes from how people use apps, not from misconfigurations alone.

This is why the product fits so neatly between identity security, SaaS security, and insider-risk programs.

Traction Signals

  • Strong enterprise adoption narrative (their site highlights customers like KarmaCheck achieving 150% ROI).

  • Integrations with the full enterprise stack — Microsoft 365, Google Workspace, Okta, GitHub, Slack, Salesforce, Snowflake and more.

  • Growing demand in AI governance, especially around AI app usage, model permissions and data access.

The Trident Take

Nudge is building what many legacy SSPM platforms missed: a human-aware governance layer for SaaS and AI. Their Series A gives them the fuel to scale deeper identity integrations, permission governance and AI-usage risk features.

If 2024–2025 was the year of DSPM and SSPM hype, Nudge looks like the next wave: SaaS Identity Governance built around real employee behaviour.

HOT JOBS

CTO x3 | Across the United States
DSPM - Series A - mission to take down the DSPM legacy giants with truly agentic AI - must be in the NYC office 3 days per week.
Offensive Security - Series B - $15m+ ARR - heavy on M&A as they look to innovative via acquisition - remote USA
Blockchain Security - Seed - $10m ARR - building Agentic AI products to protect businesses building on blockchain - remote USA
Contact: [email protected]

Enterprise Account Executive | East or Central US
Agentic AI platform for modern SOC teams, already at $1M ARR with 10 enterprise customers. High-growth trajectory with strong equity upside. $300K OTE + attractive equity.
Contact: [email protected]

DoD Account Executive | Washington, DC
VC-backed AI-driven GRC and automation platform. Requires strong network across DoD and DoW environments. $300K OTE.
Contact: [email protected]

Account Executive | West Coast, USA
Series B cyber vendor transforming how enterprises manage threat reporting and assessment workflows. Up to $150K base ($300K OTE).
Contact: [email protected]

Account Executive | Central / East Coast US
DSPM platform scaling rapidly across regulated industries. Target metro areas include New York, Atlanta, Houston, Chicago. $300–350K OTE.
Contact: [email protected]

Ready to make your next move? These roles won't stay open long.

📥 INBOX INTEL

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

  • Funding rounds in stealth mode

  • Executive movements and reorganizations

  • Customer wins/losses that signal market shifts

  • Technology partnerships before they're announced

  • Hiring sprees or freezes at specific companies

Email: [email protected]
All sources protected. We verify before we publish.

The Trident Radar - Intelligence that moves faster than your competition
Delivered by Trident Search Research Desk
Editor: Ryan Keeley | London

Share the newsletter

Keep Reading