Welcome back to The Trident Radar!

We're back from San Francisco, running on caffeine and adrenaline, and still processing everything that happened last week.

RSA 2026 was one for the books. Geordie AI, a London-founded startup, took home the Innovation Sandbox crown for their AI agent security platform. Above Security emerged from stealth with $50M to tackle insider risk in the agentic era. Rapid7 acquired Kenzo Security to bring agentic AI to their MDR platform. Airbus announced the acquisition of Ultra Cyber to build a sovereign UK cyber champion. And that's before we get to the funding rounds, the hallway conversations, and the deals that haven't been announced yet.

The theme of the week was unmistakable: AI agents are the new attack surface, and everyone is racing to secure them.

Lets dive in!!

Insider Insight: The Autonomous Pentest Wars
Company Spotlight: Geordie AI

Lets take us back to one of our first Cyber CEO episodes, highlighting early-stage Cyber Vendors, we were joined by Ofir Har-Chen | LinkedIn, CEO and Co-Founder of Clutch Security - a vendor making waves in the Identity space, tackling the challenges of Non-Human Identities.

What a week. The Trident team left everything on the field in San Francisco.

🎙️ We recorded 25+ episodes for our Trident Talks series

🤝 Across the team we had 150+ meetings in 72 hours

🎤 CISO Karaoke delivered, as always. Huge respect to everyone who stepped on stage.

👟 Over 650,000 steps between our whole team

Thank you to everyone who stopped by The Harlequin, came to CISO Karaoke, or grabbed coffee with us between sessions. The conversations were incredible and we're already looking forward to next year.

Above Security
Seed, $50M (Ballistic Ventures, Merlin Ventures, Norwest, Jump Capital, QPVentures)
AI-native agentic managed insider threat platform. Fleet of specialised AI investigators analyses human and AI behaviour to surface real risk without rules, policies, or configuration. Deploys in minutes. Founded by Unit 8200 veterans Aviv Nahum (CEO) and Amir Boldo (CPTO), both with prior exits. Already generating substantial revenue six months in. Selected for the 2026 CrowdStrike, AWS & NVIDIA Cybersecurity Startup Accelerator.

Category: Insider Threat / AI Security Operations
HQ: Tel Aviv, Israel

Cyabra (NAS: CYAB)
Reverse Merger, $70M
AI and machine learning platform monitoring and analysing online content in real time to detect disinformation, fake profiles, and inauthentic activity. Analyses sources, amplification patterns, and coordinated behaviour to provide actionable insights. Went public via reverse merger with Trailblazer Merger I.

Category: Disinformation Detection / Online Threat Intelligence
HQ: Tel Aviv, Israel

Ledger
Later Stage VC, $50M (Pascal Gauthier)
Developer of cryptocurrency security technology facilitating authorisation of digital asset transactions. Hardware wallets, server appliances, and embedded technology based on a low-footprint crypto-embedded operating system. Enables financial institutions to secure digital assets.

Category: Cryptocurrency Security / Hardware Wallets
HQ: Paris, France

$20M-$50M

Treeline
Series A, $25M (Andreessen Horowitz)
Modern IT operating system combining AI and software-first architecture with managed services. Mobile device management, computer provisioning, remote monitoring, auth management, dark web monitoring, compliance audit management, and penetration testing. Replaces fragmented MSP model with centralised software layer. Founded by Peter Doyle (former Accel investor) and Hussain Kader.

Category: IT Services / Managed Security
HQ: San Francisco, CA

BlueFlag Security
Series A, $16.5M (Maverick Ventures, Ten Eleven Ventures, Pier 88 Investment Partners)
Identity-centric SDLC security and governance platform. Governs every identity in the development lifecycle including human developers, contractors, non-human identities, and AI agents. New capabilities include AI Agent Governance and Developer Behavioural Risk Analysis. 300% YoY revenue growth in 2025. Total funding now $28M. Post-money valuation $43M.

Category: Developer Security / Identity Governance
HQ: Sunnyvale, CA

$5M-$20M

ZeroPath
Seed Extension, $7.03M (HOF Capital, Mergus Ventures, Multimodal Ventures, Olive Tree Capital, Orange Collective, SurgePoint Capital)
AI-native code security platform replacing traditional SAST, SCA, Secrets, and IaC stacks with unified engine. Finds business logic flaws and chained vulnerabilities that legacy tools miss. Paul Graham as angel investor. RSA Innovation Sandbox finalist. Total funding now $12.5M.

Category: Application Security / AI Code Analysis
HQ: San Francisco, CA

Enclave Networks
Later Stage VC, $6M (8VC, Aaron Levie, Jeremy Stoppelman, Marc Benioff, Patrick Collison)
Zero-trust platform providing private systems invisible to the public internet. Simpler network infrastructure management improving security, reducing costs, and increasing agility. Notable angel roster from tech founders.

Category: Zero Trust / Network Security
HQ: Newport, United Kingdom

SkillBit
Seed, $1M
Cybersecurity educational training and recruiting platform. Interactive learning-based competitions and training breaking down complex concepts into engaging challenges simulating real-world scenarios.

Category: Cybersecurity Training / Education
HQ: Charlottesville, VA

rmBug
Seed, $460K (Silicon Gardens, Damir Sabol)
Identity-based database access technology securing connections for engineers and automated workloads. Single sign-on authentication, time-limited access grants, API key identities, role-based controls, query firewalls, data masking, and audit logs.

Category: Database Security / Access Management
HQ: Zagreb, Croatia

Solitude Labs
Angel, $430K
Decentralised cybersecurity platform ensuring zero-trust security across connected infrastructure. Robust cryptographic controls and network-agnostic design protecting operational technology assets.

Category: OT Security / Zero Trust
HQ: West Palm Beach, FL

Provally
Seed, $250K (Rabbit Ventures)
Software verification tools assessing and validating security findings. Uses AI to generate executable proofs of concept confirming genuine issues. Reduces alert fatigue for DevSecOps teams.

Category: Security Validation / DevSecOps
HQ: San Francisco, CA

Zerothird
Seed, undisclosed (Findus Venture, KGAL Group, Sparring Capital Partners, VERBUND X Ventures)
Quantum cryptography system generating unbreakable encryption keys. Based on BBM92 protocol considered unbreakable by current and future technology.

Category: Quantum Cryptography
HQ: Vienna, Austria

Ariovis
Seed, undisclosed
Enterprise cybersecurity services including endpoint protection, identity and access management, GRC, and tailored awareness training.

Category: Managed Security Services
HQ: Paris, France

Kenzo Security → Acquired by Rapid7 (NAS: RPD)
Deal Type: Merger / Acquisition
Deal Date: March 26, 2026
Deal Size: Undisclosed

Agentic AI security platform built to scale autonomous security investigations. Multi-agent AI system deploys specialised agents that collaborate across a proprietary data mesh to investigate threats, tune detections, and execute dynamic playbooks. Customer deployments reported 94% reduction in investigation time and alert coverage rising from 12% to 100%. Integrates into Rapid7's Command Platform to accelerate MDR services from AI-assisted to AI-driven operations.

Ultra Cyber → Acquired by Airbus (PAR: AIR)
Deal Type: Corporate Divestiture
Deal Date: March 23, 2026
Deal Size: Undisclosed

UK government-approved cybersecurity technology provider joins Airbus Defence and Space. More than 200 employees based in Maidenhead cyber centre of excellence. Creates scaled UK sovereign cyber champion. Sold by Cobham Ultra (Advent portfolio company). Expected to close H2 2026 pending regulatory approvals.

Antimatter → Acquired by Databricks
Deal Type: Merger / Acquisition
Deal Date: March 24, 2026
Deal Size: Undisclosed

Cryptographic infrastructure platform supporting customer data security. Leverages secure enclaves available in all major clouds, transparently encrypting all customer data without code changes.

Cipher (New York) → Acquired by Soxton
Deal Type: Merger / Acquisition
Deal Date: March 24, 2026
Deal Size: Undisclosed

AI agent supervision platform providing behavioural correction and security monitoring. Specialises in web, voice, RAG, and API workflows.

Chimere → Acquired by Ekinops (PAR: EKI)
Deal Type: Merger / Acquisition
Deal Date: March 24, 2026
Deal Size: Undisclosed

Secure remote access software using zero-trust access controls, private network exposure, and cloud-hosted deployment. Restricts direct internet visibility and manages user authentication.

_{^{(yes we are back to the matrix again}} 😂_⁾

If you talk to anyone who was building security programs in the mid-90s, the conversations happening right now sound exactly like the ones from when companies first connected to the internet. Back then it was:

"What do you mean someone can access our systems remotely?"
and
"Why would anyone attack us?"
and
"Do we really need a firewall?"

Fast forward thirty years and the nouns have changed but the script is basically the same. Now it's AI agents, autonomous workflows, MCP servers, model APIs, and thousands of non-human identities running around infrastructure.

Here's the thing: the security fundamentals haven't changed at all. The questions we should be asking about authentication and identity and monitoring for AI agents in 2026 are the same questions the industry asked in 1995. What's different is that we're now giving automated software credentials and letting it operate at machine speed across systems we spent decades trying to lock down.

We've watched this pattern play out before. Internet connectivity gave us firewalls and intrusion detection. Web applications gave us AppSec and WAFs. Cloud adoption gave us IAM, CSPM, and a whole new generation of security companies. Each wave produced initial panic, followed by a land grab, followed by consolidation, followed by maturity. AI agents will produce their own version of that stack. The only question is how long the cycle takes and who wins.

What makes this wave different isn't the threat model. It's the blast radius. A compromised web server leaks data. A compromised AI agent with your AWS credentials can delete infrastructure. The agent holds credentials and takes irreversible actions, and the damage scales with whatever permissions you gave it. That's not a new security problem. That's the oldest security problem, running at machine speed.

A comment I saw online this week stuck with me: scope what the agent can reach before it gets compromised, not after. That's just least privilege with a new noun. The organisations that will struggle are the ones treating agentic AI as something unprecedented that requires throwing out everything they know. The organisations that will thrive are the ones applying lessons from every previous security cycle.

For founders and investors, the pattern recognition here is about market timing. Every previous wave created billion-dollar categories, and there's no reason to think this one will be different. Geordie AI just won the RSA Innovation Sandbox. Above Security raised $50M this week. Onyx raised $40M the week before. The land grab is underway, and the window to establish category leadership is shorter than it looks.

For sales teams, the "we've seen this before" framing is a powerful tool when prospects push back that AI security feels too early. Point to history. The organisations that waited on cloud security or AppSec ended up retrofitting at ten times the cost. Urgency sells when it's grounded in pattern recognition rather than hype.

For marketers, the lesson is don't over-complicate the narrative. The best positioning will connect new capabilities to proven frameworks rather than inventing new jargon. Identity governance for AI agents. Least privilege for autonomous workflows. Behavioural monitoring for non-human identities. The concepts already exist. The attack surface is what's new.

For security leaders, the playbook is familiar even if the technology isn't. Scoping permissions, monitoring for anomalous behaviour, closing the gap between what's deployed and what's secured - none of this is novel. What's novel is the speed at which shadow AI usage is outpacing official tooling. Most enterprises have more agents running than they realise. Start there.

The conversations coming out of RSA this week felt urgent because they were. But they also felt familiar because the security industry has been here before. We're watching the same cycle repeat itself, just with AI layered on top. The vendors who acknowledge that will build trust. The buyers who recognise it will make better decisions. And the practitioners who lean on experience rather than panic will be the ones who actually secure this stuff.

Precedented times. Proven playbooks. Faster execution.

Website - https://www.geordie.ai

The biggest moment of RSA 2026 belonged to a London startup. Geordie AI took home the Innovation Sandbox crown, beating nine other finalists to claim the title of "Most Innovative Startup" and validating what many in the industry have been saying: AI agent security is the category of the moment.

Founded in 2025 by cybersecurity veterans from Darktrace and Snyk, Geordie has built a security and governance platform purpose-built for AI agents. As enterprises race to deploy autonomous AI systems, most have zero visibility into what those agents are actually doing. Geordie provides the backbone for safe adoption.

The founding team brings serious pedigree:

Their core product, Beam, is an agent-native observability and governance engine that captures model inference calls, tool invocations, API requests, and data access activities across heterogeneous agent environments. What distinguishes it from existing LLM observability tooling is the intervention model. Rather than static guardrails or reactive blocking, Beam uses context engineering to continuously assess risk and feed mitigations back into the agent's operating context, shaping behaviour upstream before a policy violation occurs.

The platform instruments agents built on LangChain, AutoGen, CrewAI, Claude, GPT-4, or proprietary frameworks through SDK integration, API interception, and endpoint telemetry. No platform lock-in required.

Funding and Momentum

Geordie raised $6.87M in seed funding in September 2025, co-led by Ten Eleven Ventures and General Catalyst, with participation from Step Function and Global Investment Partners. Post-money valuation at seed was $14.59M.

In January 2026, the company joined the AWS, CrowdStrike & NVIDIA Cybersecurity Startup Accelerator. In December 2025, they won the Black Hat Europe Startup Spotlight. The RSA Innovation Sandbox win continues the momentum.

The company reported 10x growth in secured agents in under five months and tenfold revenue growth in the two months before RSA. Gartner recognised Geordie in its Market Guide for Guardian Agents prior to the contest.

Why It Matters

The judges rewarded an architecture that solves the hardest problem in agentic AI security: governing non-deterministic autonomous behaviour across heterogeneous platforms without forcing enterprises into a single-framework bet. As CEO Henry Comfort put it: "We believed agent adoption would accelerate far faster than expected and that security and AI teams would need new governance models to keep up."

With employees and offices in London and New York, Geordie is now positioned as the company to beat in AI agent security. The Innovation Sandbox track record speaks for itself: previous finalists include Wiz (acquired by Google for $32B this month), Axonius, SentinelOne, and Imperva. The alumni list has tallied over 100 acquisitions and $50B+ in investments over 20 years.

London doesn't win Innovation Sandbox very often. This one counts.

VP Product
💰 €300K
📍 Copenhagen, Denmark
European cybersecurity company providing a sovereign security operations platform for MSSPs and regulated organisations.
Contact: [email protected]

Sales Engineer
💰 $100K base
📍 US
Israeli intelligence and defence technology company providing breakthrough capabilities to trusted governments.
Contact: [email protected]

Enterprise Account Executive
💰 $175K base, double OTE
📍 US (3 openings)
Secure external collaboration platform for Microsoft 365. Integrates file sharing, data rooms, content collaboration and secure email with governance controls for highly-regulated organisations.
Contact: [email protected]

Account Executive
💰 $150k + OTE
📍 US
Deception-based identity protection platform using technology to trap attackers and recover stolen credentials.
Contact: [email protected]

Account Executive
💰 $160K base, double OTE
📍 US
Early-stage cybersecurity company. Retained search.
Contact: [email protected]

Head of Marketing
💰 $175K base
📍 US
Deception-based identity protection platform. Paris-founded startup building US go-to-market team.
Contact: [email protected]

Head of Sales
💰 $200K base
📍 US
Deception-based identity protection platform. Leading US sales organisation for Paris-founded startup.
Contact: [email protected]

Ready to make your next move? These roles won't stay open long.

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

Email: [email protected]
All sources protected. We verify before we publish.