Welcome to The Trident Radar.

Lots of new subscribers, good to have you here!!

I am reporting live from the AWS outages this Monday morning… my Roblox account is down, my Ring door bell is calling me names and my smart chair is spinning me around at a rate of knots.

Let's dive in.

  • Browser-native security gets paid: Conceal raises a $26 million Series B to push proxy‑less ZTNA and SSE straight into the browser.

  • Early-stage identity bets: UK startup Ploy lands $3.3 million to automate identity security, while Theodosian raises 1.3 million dollars for file‑level encryption and compliance.

  • MSSP consolidation: LevelBlue signs to acquire Cybereason, a goodbye to a cyber OG, or is it?

  • Identity risk goes runtime: Imprivata buys Verosint to bring real‑time risk signaling into access workflows.

  • Insider Insight: Threat intel sharing just hit a legal speed bump

  • Company Spotlights are back!!

FUNDING SPOTLIGHT

Conceal – Series B – $26 million (Two Bear Capital leading)
Augusta‑based Conceal is building browser‑native Secure Service Edge and proxy‑less ZTNA, consolidating user access and security into the browser instead of the network. The raise fuels product and GTM expansion.

Ploy – Seed – $3.3 million (Osney Capital leading)
London‑based identity security startup automating permissions hygiene and access anomaly detection. New capital will build out product and go‑to‑market.

Theodosian – Pre‑Seed – $1.3 million (Fuel Ventures leading)
File‑level encryption and attached compliance controls that travel with the data. Think encryption plus policy that sticks to the file across storage and sharing.

AISLE – Angel – Undisclosed (angels include Aparna Chennapragada)
Security startup built by seasoned security leaders and AI scientists; early capital to build out the platform.

NROC Security – Seed – $1.67M
Governance and guardrails for GenAI adoption, helping enterprises set policy and enforce safe AI usage.

M&A INTELLIGENCE

LevelBlue → Cybereason (announced Oct 14)
The world’s largest pure‑play MSSP signs a definitive agreement to acquire Cybereason. This folds XDR, DFIR, and threat intel into LevelBlue’s managed platform. Translation for buyers: more one‑throat‑to‑choke for detection and response, less vendor wrangling. For startups: expect fewer stand‑alone XDR buyers as MDR platforms keep absorbing capability.

Imprivata → Verosint (announced Oct 14)
Imprivata adds identity threat detection and response to its access stack. Real‑time risk signals feed authentication and workflow decisions, which is exactly where identity defense needs to live. Smart tuck‑in that moves beyond static IAM into active identity defense.

Takeaway: This week’s deals rhyme. Managed platforms are bundling detection plus response; identity platforms are wiring risk engines into the login flow. Both directions reward tighter, runtime‑aware control planes.

INSIDER INSIGHT

Threat intel sharing just hit a legal speed bump

The Cybersecurity Information Sharing Act of 2015 quietly expired on September 30 and the US Congress hasn’t reauthorized it yet. That means the legal shields that made public‑private threat intel sharing straightforward are paused. You could feel it this week in DC briefings and ISAC chatter. Teams are stepping into the middle of what used to be routine sharing, and it is slowing things down.

Why this matters right now:

  • Signal drag. Without liability protections, some companies will share less or share later.

  • Fragmentation risk. If federal protections stay lapsed, watch for sector‑by‑sector and state‑by‑state workarounds. That balkanizes defenses and raises costs.

  • Short‑term playbook. Keep sharing with trusted peers and ISACs but document what you share and why. Your counsel will want that trail until Congress lands a renewal. Senate efforts to extend ten years are live, but timing is politics.

Bottom line: for the next few weeks, assume slower intel flow from some partners and invest a little more in your own telemetry.

COMPANY SPOTLIGHT

The spotlight is back this week, featuring a… you guessed it, AI company!

What they do: Knostic builds need‑to‑know access controls and AI data lineage for enterprise AI. It maps who can see what across assistants, LLMs, agents, and knowledge bases, then enforces least‑privilege answers and de‑sensitizes outputs on the fly.

Why we’re watching: The AI security story is moving from “secure the model” to “secure the data paths.” Knostic sits right there. They raised $11 million seed in March to scale the platform and have been visible at RSA and Black Hat since. The team includes Gadi Evron and Sounil Yu, which is real operator DNA.

Trident take: If your AI rollout is stuck on data governance and over‑sharing, Knostic is the sort of control plane that can unblock pilots without burning the village to save it.

HOT JOBS

SLED Account Executive | Dallas
Leading cyber solutions and services business. Own and grow a SLED territory for a top cyber player. $300K OTE.
Contact: [email protected]

Head of Sales | East Coast
Agentic AI for SOC vendor with 10 paying self‑sourced customers and $1M ARR. Up to $450K OTE, 50/50 split, attractive equity.
Contact: [email protected]

Account Executive | Threat Intelligence Platform | NYC / Remote
Series A threat‑led defense company mapping adversary behavior to enterprise stacks. $350K OTE.
Contact: [email protected]

Founding Account Executive | New York / Remote
AI‑powered security platform redefining data and cloud protection for the enterprise. $330K OTE.
Contact: [email protected]

Founding Account Executive | Tel Aviv
Data protection company providing full visibility into sensitive data movement with automated leak detection and seamless deployment. $360K OTE.
Contact: [email protected]

BOTTOM LINE

For Security Vendors
Make your value show up in the workflow. Buyers are rewarding tools that collapse steps and push decisions to the point of action. If you need a POC to prove value, keep it short and instrumented.

For Enterprise Buyers
Prioritize controls that reduce operational drag. Browser‑native access, identity risk scoring in front of auth, and data‑aware AI guardrails are quick wins that free analyst hours.

For Investors
This week confirms the platform plus risk engine thesis. Managed roll‑ups with embedded detection and identity platforms with runtime risk will keep clearing deals. Seed checks are flowing where time‑to‑value is measured in days, not quarters.

NEXT WEEK'S PREDICTIONS

  • Another in‑browser or browser‑adjacent security raise hits the wire
    Buyer interest plus the Conceal signal suggests more capital chasing this consolidation vector.

  • Identity vendors talk up risk engines
    Expect more roadmaps leaning into ITDR and pre‑auth scoring in response to Imprivata’s move.

  • Hill chatter intensifies on CISA 2015 renewal
    With counsel slowing intel sharing, Senate and agency surrogates will push for visible progress to calm operators.

📥 INBOX INTEL

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

  • Funding rounds in stealth mode

  • Executive movements and reorganizations

  • Customer wins/losses that signal market shifts

  • Technology partnerships before they're announced

  • Hiring sprees or freezes at specific companies

Email: [email protected]
All sources protected. We verify before we publish.

The Trident Radar - Intelligence that moves faster than your competition
Delivered by Trident Search Research Desk
Editor: Ryan Keeley | London

Share the newsletter

Keep Reading