Welcome back to The Trident Radar!

This edition covers a longer window than usual: April 1st through 12th.

The post-RSA news cycle hasn't slowed down. The UK continues its AI security moment with Trent AI raising $13.3M from OpenAI, Databricks, AWS, and Spotify. Bridgepointe Technologies quietly hit unicorn status. Terra Quantum announced a $3.25B SPAC. And the AI Security Institute dropped a report on Claude Mythos that has the entire industry talking about what autonomous offensive AI actually means for defenders.

Let's dive in!!

Insider Insight: When AI Can Hack Better Than Most Humans
Company Spotlight: Trent AI

Tao Digital
Series A/B Combo, $34.67M
Developer of digital services platform combining product engineering, data monetization, cybersecurity, cloud services, and payment processing. AI-driven strategies for enterprise transformation. Pre-money valuation $126M.

Category: Digital Services / Cybersecurity
HQ: Santa Clara, CA

Trent AI
Seed, $13.3M (Cambridge Innovation Capital, Phoenix Court)
Developer of AI application and agent security management software. Platform analyzes agent behavior across APIs, tools, and workflows. Identifies prompt injection, data leakage, and privilege escalation. Backed by OpenAI, Databricks, AWS, and Spotify. Post-money valuation $45.2M.

Category: AI Agent Security / Application Security
HQ: Cambridge, UK

RIIG
Series A, $6.5M (5ir Funds)
Developer of digital asset management platform for physical infrastructure oversight. Real-time data collection, automated reporting, predictive maintenance, and risk intelligence. Post-money valuation $45M.

Category: Infrastructure Security / Risk Intelligence
HQ: Afton, VA

Flashpass
Seed, $4.1M (J2 Ventures)
Developer of online certification platform for cybersecurity, AI, digital marketing, and data analytics upskilling. Funds support new job-matching engine development.

Category: Cybersecurity Training / EdTech
HQ: Cincinnati, OH

DeepCytes
Seed, $1.45M
Provider of cybersecurity services including threat detection, forensic investigations, dark web monitoring, red teaming, and compliance management.

Category: Managed Security Services
HQ: London, UK

PrismLayer
Pre-Seed, $1M (Fenway Summer)
Developer of AI-based risk management platform for enterprise risk assessments. Governed AI with structured workflows and encoded risk frameworks.

Category: GRC / Risk Management
HQ: Ireland

Zero Point Security → Acquired by Fortra
Deal Type: Merger / Acquisition
Deal Date: April 2026
Deal Size: Undisclosed

UK-based offensive security training provider. Known for "Red Team Ops" and "C2 Development" courses. Joins Fortra's security awareness and training portfolio alongside Terranova Security.

Defy Security → Acquired by Booz Allen (NYS: BAH)
Deal Type: Merger / Acquisition
Deal Date: April 2026
Deal Size: Undisclosed

Federal cybersecurity consulting firm. Strengthens Booz Allen's cyber mission capabilities for government clients.

Anitian → Acquired by Arkenstone Defense
Deal Type: Merger / Acquisition
Deal Date: April 2026
Deal Size: Undisclosed

Cloud security and compliance automation platform. Enables rapid deployment of compliant cloud environments. Joins Arkenstone's federal security portfolio.

The UK's AI Security Institute dropped a report this week that deserves more attention than it's getting.

They evaluated Claude Mythos Preview, Anthropic's latest model, on offensive security tasks. The results: on expert-level capture-the-flag challenges, Mythos succeeds 73% of the time. These are challenges that no model could complete before April 2025.

But the headline number isn't the CTF performance. It's what happened on "The Last Ones" - a 32-step corporate network attack simulation that AISI estimates would take human professionals 20 hours to complete. Mythos Preview solved it from start to finish in 3 out of 10 attempts.

Let that sit for a moment. An AI model, given network access and explicit direction, can now execute a multi-stage attack on a vulnerable network - reconnaissance through full takeover - that would take experienced human pentesters days. It completed an average of 22 out of 32 steps across all attempts.

The caveats matter. The test environment had no active defenders, no security tooling, no consequences for tripping alerts. AISI is clear: "We cannot say for sure whether Mythos Preview would be able to attack well-defended systems." And initial access was provided - the model wasn't breaking in from scratch.

But here's the thing: most real networks aren't well-defended. The median enterprise is running unpatched systems, has security alerts that nobody reads, and lacks the staff to investigate anomalies. The model that can hack "small, poorly defended enterprise systems" can probably hack a lot of actual enterprises.

Anthropic isn't releasing Mythos publicly. Instead, they launched Project Glasswing - giving early access to major tech companies, cybersecurity firms, and the Linux Foundation to find vulnerabilities before the capability proliferates. That's a responsible approach to a genuinely novel risk.

The implications for defenders are straightforward but uncomfortable:

Patch cycles have to shrink. If AI can autonomously write n-day exploits, the window between "vulnerability disclosed" and "exploit in the wild" just collapsed. The report explicitly warns that "software users and administrators will need to drive down the time-to-deploy for security updates."

Security basics become existential. AISI's advice is almost boring: apply updates, enforce access controls, configure systems properly, maintain comprehensive logging. But "boring" doesn't mean "easy." Most organisations aren't doing these things consistently. Now there's an AI that will punish every gap.

Defenders need AI too. The same capabilities that make Mythos dangerous on offense make it valuable on defense. Vulnerability discovery, misconfiguration detection, incident response automation - defenders who aren't using AI will be outpaced by attackers who are.

The asymmetry is real but not permanent. Offensive AI is ahead right now because attack is easier than defense - always has been. But AI-assisted defense scales in ways human-only defense never could. The question is whether defenders adopt fast enough.

Two years ago, the best models could barely complete beginner-level cyber tasks. Now they're solving expert challenges and executing multi-stage attacks. The trajectory is clear. The timeline for "AI that can hack well-defended systems" isn't decades - it's years, maybe less.

The organisations that will be fine are the ones treating this as urgent. Patch faster. Log everything. Assume breach. Use AI to find your own vulnerabilities before someone else's AI does.

The organisations that won't be fine are the ones reading this and thinking "we'll get to it."

Website - https://www.trent.ai

The UK keeps producing AI agent security startups. Trent AI is the latest, raising $13.3M seed from a cap table that reads like an AI industry summit: OpenAI, Databricks, AWS, Spotify, Cambridge Innovation Capital, and Phoenix Court.

The founding team brings research depth:

Their core product analyzes agent behavior across APIs, tools, and workflows. Rather than static rules or blocklists, Trent uses context engineering to continuously evaluate security posture and shape agent behavior before policy violations occur.

The platform instruments agents built on LangChain, AutoGen, CrewAI, Claude, GPT-4, or proprietary frameworks through SDK integration, API interception, and endpoint telemetry. No platform lock-in required.

Funding and Momentum

Trent raised $13.3M (GBP 10M) in seed funding on April 7, 2026, led by Cambridge Innovation Capital and Phoenix Court. Post-money valuation: $45.2M.

The investor list tells a story. OpenAI and Databricks are AI infrastructure providers backing AI security. AWS brings cloud distribution potential. Spotify is an unusual addition - presumably as an enterprise customer or strategic partner.

Why It Matters

The AI agent security category is crowded. Geordie AI just won Innovation Sandbox. Above Security raised $50M. Onyx raised $40M. Token Security, Realm Labs, and others are all competing for the same budget line.

Trent's differentiation is the research pedigree and the investor ecosystem. Having OpenAI and Databricks on the cap table creates integration pathways that pure-play security startups can't match. The Cambridge connection provides academic credibility in a space where "AI security" often means marketing claims rather than technical substance.

The risk is execution. Research-heavy teams sometimes struggle with go-to-market. The AI agent security market is moving fast - Trent needs to convert investor relationships into customer deployments before better-funded competitors establish category leadership.

Cambridge doesn't win Innovation Sandbox very often. But with Geordie in London and Trent in Cambridge, the UK is building a real cluster in AI agent security.

SDR - East/Central
💰 $65K
📍 New York, US
Application security company helping developers find and fix vulnerabilities. Strong engineering culture with modern DevSecOps approach.
Contact: [email protected]

Southeast Enterprise Account Executive
💰 $175K base, double OTE
📍 Miami, US
Secure external collaboration platform for Microsoft 365. Integrates file sharing, data rooms, content collaboration and secure email with governance controls for highly-regulated organisations.
Contact: [email protected]

Founding Account Executive
💰 $200K
📍 US
Early-stage identity security platform for the agentic AI era. Backed by top-tier cyber VCs. Founding sales hire.
Contact: [email protected]

Account Executive - UK
💰 $100K base
📍 London, UK
Continuous security testing platform providing attack surface management and automated penetration testing. Fast-growing with strong enterprise traction.
Contact: [email protected]

GTM EMEA
💰 €100K
📍 Paris, France
Early-stage cybersecurity company building go-to-market function across EMEA. Greenfield territory opportunity.
Contact: [email protected]

Ready to make your next move? These roles won't stay open long.

Nine cybersecurity companies went out of business in the first two weeks of April:

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

Email: [email protected]
All sources protected. We verify before we publish.