Welcome back to The Trident Radar!

The ServiceNow/Armis deal finally closed. $7.75 billion. That's billion with a B. For an asset intelligence platform. Announced back in December, the deal completed this week and marks the biggest cybersecurity acquisition of the year so far. We're watching workflow automation companies become security behemoths, Israeli founders become billionaires, and everyone else scrambling to figure out what this means for the category.

This week we're covering the biggest cybersecurity M&A of 2026, a French aerospace giant buying offensive security capability, why the AI pentesting space just got another entrant, and what it actually feels like to sell cybersecurity from Tel Aviv versus London versus San Francisco.

Let's dive in!!

ServiceNow closes $7.75B Armis acquisition. Announced in December, closed this week. The biggest cybersecurity deal of the year. Asset intelligence meets workflow automation. Israeli cyber strikes again.

Airbus acquires Quarkslab. French aerospace giant buys offensive security and reverse engineering expertise. Sovereignty play for European defence.

Spectrum raises $19M seed. TechOperators leads for the security platform covering physical and digital infrastructure.

Rilian Technologies raises $17.5M seed. Government-focused AI security from McLean, VA. Backed by 8VC, First In, and Tamarack.

OpenOrigins raises $17.2M. London-based digital authenticity platform fighting fake content.

APX Security raises $375K angel. Another AI pentesting agent enters the ring. Ex-AWS security lead goes solo.

4 companies ceased operations. The culling continues.

Insider Insight: The Geography of Cyber Sales - US, Israel, UK
Company Spotlight: APX Security

Over the next four weeks, we're going to break down everything we know about scaling cybersecurity teams efficiently. Not a sales pitch, just the lessons we've learned placing hundreds of people into vendors at every stage, from two founders in a WeWork to post-IPO enterprises.

This week: how to think about which hiring model fits where.

Stealth to Seed: You need a founding team. A CRO who's built before. A VP Engineering who can ship. These are retained searches, high-touch, confidential, and critical. One hire can make or break your Series A story. This is where deep network relationships and candidate trust really matter.

Series A to B: You've got product-market fit. Now you need to build the go-to-market engine. Three AEs. An SE. A demand gen lead. Maybe your first sales manager. This is where many companies hit a wall. Retained search is built for precision on critical hires, not for filling five roles simultaneously against a board milestone.

This is where Embedded RPO changes the game.

Rather than running five separate searches, an RPO model embeds recruitment capability directly into your business. Same expertise, same network, but operating as an extension of your team, handling sourcing, screening, scheduling, and pipeline management so your leaders can focus on closing candidates, not reviewing CVs.

The results we've seen across our RPO clients:

Speed: 45-day average time-to-fill versus the 75-day market average. When you're racing to hit headcount targets before your next board meeting, that difference matters.

Quality: 80% submittal-to-interview ratio. Not throwing CVs at the wall. Every candidate properly vetted against specific requirements.

Scalability: Need to ramp up after a funding round? RPO flexes with you. Need to pause hiring while you nail down territory plans? Built-in flexibility with 30 to 90-day termination clauses.

Cost efficiency: At volume, RPO delivers significant savings versus per-placement models, typically reducing cost-per-hire by 30-50% for companies hiring 15+ roles annually.

One example from our portfolio: We took a US cybersecurity company from 30 to 300 employees over three years. 96% offer acceptance rate. 29-day average time-to-offer. Over $4 million in cost savings versus traditional agency models.

The point isn't that one model is better than another. It's that different stages require different approaches. A retained search for your CFO. Embedded RPO for your sales team buildout. Advisory support when you're still figuring out what "good" looks like for your first GTM hire.

Next week: the financial breakdown, when RPO makes sense versus building internal TA.

Armis
Acquisition Financing, $7.75B (ServiceNow)
Developer of an asset intelligence cybersecurity platform designed to manage cyber risk exposure and protect the entire attack surface. Provides real-time insights into network-connected devices across IT, OT, medical devices, and industrial environments.

Category: Asset Intelligence / Cyber Exposure Management
HQ: San Francisco, CA

Spectrum Security
Seed Round, $19M (TechOperators, Alumni Ventures, Skinos Ventures)
Developer of security technology designed to protect digital infrastructure and physical environments. Offers managed detection services, threat monitoring, incident response, access control systems, and surveillance integration.

Category: Physical & Digital Security
HQ: San Francisco, CA

Rilian Technologies
Seed Round, $17.5M (First In, 8VC, Tamarack Global)
Operator of cybersecurity software for government agencies and critical infrastructure. Offers advanced threat intelligence and AI-driven insights for US government, allies, and regulated markets. Funds to accelerate agentic AI security capabilities.

Category: Government Security / AI
HQ: McLean, VA

OpenOrigins
Venture Funding, $17.2M
Developer of a digital authenticity platform for detection of fake and real content on the internet. Uses cryptography, distributed systems, and trusted execution environments to establish trust in online content.

Category: Content Authenticity / Trust
HQ: London, UK

Matrics2
Venture Funding, $11.75M
Developer of symmetric key cybersecurity platform using random number encryption resistant to quantum computing threats. Standards-based approach to unbreakable encryption for digital transactions.

Category: Quantum-Resistant Cryptography
HQ: Vienna, VA

Copperhelm
Seed Round, $7M (TLV Partners, ToDay Ventures, Icon Ventures)
Provider of cloud-native security platform for validating real risk and reducing false positives. Uses autonomous agents to investigate live cloud environments, map topology, and verify exposure and exploitability.

Category: Cloud Security Validation
HQ: Tel Aviv, Israel

Phin Security
Seed Round, $5.97M
Operator of phishing simulation and security awareness platform. Provides simulation-based solutions for social engineering, phishing, and malware attacks. Post-money valuation $42M.

Category: Security Awareness / Phishing Simulation
HQ: Newark, DE

Ciphero
Pre-Seed, $5.75M (Chingona Ventures, Sovereign's Capital)
Developer of AI-native verification layer to secure enterprise AI adoption. Monitors, verifies, and governs AI interactions across employees, agents, and models. Funds to expand adoption with new features.

Category: AI Security / Verification
HQ: New York, NY

DebitMyData
Series 1 Seed, $2.48M
Developer of AI and digital identity platform for consent-based management of data and agent interactions. Offers identity verification, agentic avatars, and blockchain integration. Post-money valuation $18.5M.

Category: Digital Identity / Data Privacy
HQ: Fort Lauderdale, FL

Origin
Seed Round, $1.5M
Security technology company operating in the San Francisco market. Early-stage with limited public information available.

Category: Security Technology
HQ: San Francisco, CA

APX Security
Angel, $375K
Developer of AI pentesting agent that reasons like an attacker. Maps targets, discovers vulnerabilities, transforms them into exploitable attacks with reproducible scripts. See Company Spotlight for more.

Category: AI Pentesting
HQ: Sammamish, WA

ObscureCore
Angel, $200K
Security technology company based in Las Vegas. Early-stage with limited public information.

Category: Security Technology
HQ: Las Vegas, NV

Armis → Acquired by ServiceNow (NYSE: NOW)
Deal Type: Acquisition
Deal Date: April 20, 2026
Deal Size: $7.75B

The biggest cybersecurity acquisition of 2026 finally closed this week. First announced in December 2025, ServiceNow completed its $7.75 billion cash acquisition of Armis, the Israeli-founded asset intelligence and cyber exposure management platform. The deal represents a significant premium over Armis's $6.1 billion valuation from its pre-IPO round just months before the announcement.

Armis provides real-time visibility into all connected assets across IT, operational technology, medical devices, and industrial environments. The combination creates what ServiceNow calls "a unified, end-to-end security exposure and operations stack" connecting asset discovery, threat intelligence, and risk prioritization with automated remediation.

For Israeli cyber, this is a landmark moment. Armis joins Wiz, Cato Networks, and others in the unicorn-to-exit club. Expect more Israeli founders to look at strategic exits over IPOs given current market conditions.

Quarkslab → Acquired by Airbus Space
Deal Type: Acquisition
Deal Date: April 21, 2026
Deal Size: Undisclosed

French aerospace and defence giant Airbus acquired Quarkslab, a Paris-based offensive security and reverse engineering specialist. Quarkslab provides vulnerability research, software and hardware security analysis, and protection solutions.

This is a clear sovereignty play. European defence contractors are building internal offensive security capabilities rather than relying on US or Israeli vendors. Expect more acquisitions like this as aerospace, defence, and critical infrastructure operators bring security R&D in-house.

Daintta → Management Buyout backed by LDC
Deal Type: LBO
Deal Date: April 21, 2026
Deal Size: Undisclosed

UK-based cybersecurity, data analytics, and AI services provider Daintta completed a management buyout backed by LDC. The company serves enterprises across technology, financial services, retail, and manufacturing with data engineering, analytics, and ML capabilities.

We've placed cybersecurity salespeople into Israeli vendors, American vendors, and British vendors. We've watched people thrive in one culture and crash in another. And the differences are more significant than most candidates realise when they're evaluating offers.

Let us break down what we've observed.

The Israeli Vendor Experience

Israeli cybersecurity companies operate differently. The military service background creates a culture of directness that can feel jarring if you're coming from a more political corporate environment. Decisions happen fast. Hierarchy is flat. A 25-year-old product manager will challenge the CEO in a meeting and nobody blinks.

The upside is speed. Israeli startups ship product aggressively. They iterate quickly. The famous "chutzpah" means they'll go after deals larger companies won't touch. The early customer acquisition model often runs through the founder's network and the VC ecosystem, particularly with firms like Cyberstarts, YL Ventures, and Team8 who actively open doors to their CISO networks.

The challenge for salespeople is that Israeli companies often struggle to build repeatable sales motions outside their initial network. The same connectedness that helps them get their first 20 customers can become a crutch. If you're joining an Israeli vendor as a sales hire in the US or UK, ask hard questions about how they've sold outside of founder-led deals. If the answer is "we're still figuring that out," you're being hired to solve a problem they don't fully understand yet.

The compensation can be excellent, particularly equity. Israeli founders understand cap tables and tend to be more generous with early sales hires than their American counterparts. But the hours are real. You'll be on calls at strange times to sync with Tel Aviv. And the culture of "everyone in the trenches together" means boundaries blur.

The American Vendor Experience

US vendors, particularly the Silicon Valley and East Coast establishment, run on different fuel. The sales culture is more structured. There are playbooks, stages, and methodologies. Quota is sacred. Everything gets measured.

The upside is infrastructure. You'll have better tooling, more SDR support, clearer career paths, and more defined expectations. Enterprise sales motions in American companies tend to be more mature. If you want to learn how to run a disciplined sales process, a Series C or D US vendor will teach you.

The challenge is that American sales cultures can be more political. There's often more internal competition, more territory disputes, and more layers between you and decisions. The "up or out" mentality is real at many vendors. And compensation can be deceiving, with high OTEs that assume unrealistic attainment percentages.

If you're evaluating a US vendor, look at the attrition. Ask how many of their AEs hit quota last year. Ask about the average tenure. If they hesitate, that tells you something.

The UK Vendor Experience

British cybersecurity vendors occupy an interesting middle ground. The sales culture tends to be more relationship-driven than the American playbook approach. There's often more emphasis on technical credibility and less tolerance for the stereotypical "used car salesman" energy.

The upside is that UK vendors often have more reasonable expectations about work-life balance. The hours tend to be more civilised. The pressure is real but less performative. And if you want to work across EMEA, being based with a UK vendor gives you natural coverage.

The challenge is that UK cybersecurity has historically been less ambitious than its US and Israeli counterparts. As one industry observer noted, UK startups haven't always possessed the same ambition as their American and Israeli contemporaries. That's changing, with companies like Darktrace, Snyk, and Tessian proving UK companies can build at scale, but the ecosystem is still catching up.

Compensation in the UK tends to be lower in absolute terms, though when you factor in working hours and quality of life, the calculation shifts. Equity is often less generous than Israeli or US equivalents.

How to Spot the Right Fit

If you thrive in chaos, want maximum equity upside, and can handle ambiguity, look at Israeli vendors, particularly those between seed and Series B.

If you want structure, career progression, and to learn enterprise sales properly, look at US vendors with established motions.

If you value work-life balance and want to build deep customer relationships, UK vendors might be your fit.

But regardless of geography, the questions that matter are the same: What's the average tenure? How many reps hit quota? What happened to the last three people in this role? How do they sell outside their founder's network?

The geography shapes the culture, but the fundamentals of a good sales job are universal. Territory matters. Product-market fit matters. Manager quality matters. Commission structure matters.

Pick your culture deliberately, not by accident.

Website - apxlabs.ai

The AI pentesting market is getting crowded. Horizon3.ai has raised $186M. XBOW just hit unicorn status at $1B+. Pentera commands enterprise budgets at EUR 46,000 per year. And now APX Security has raised $375K in angel funding to take on the incumbents from Sammamish, Washington.

The Founder:

Gaurav Singhal is the solo founder and CEO. His background is what makes this interesting: he was previously a Principal Security Engineer at AWS. That's not a junior role. Principal at AWS means you've operated at serious scale and survived Amazon's famously rigorous technical culture. He's also been vocal about threat modelling with AI and the security implications of the current wave of AI-generated code.

What They're Building:

APX Security describes itself as "an AI pentesting agent that can reason like an attacker." The platform maps targets, discovers vulnerabilities, transforms them into exploitable attacks, and critically, verifies authenticity with reproducible scripts. Every discovery comes with proof-of-concept code, not just a scanner output.

The focus appears to be API security. The company claims its agent can "uncover the actual workings of APIs, transforming experiential knowledge into permanent and queryable assets." That's a specific problem space where traditional scanners struggle and manual testing is expensive.

The Market Context:

AI pentesting is real now. XBOW's agent took the top spot on HackerOne's US leaderboard in 2025, outranking thousands of human bug bounty hunters with over 1,060 vulnerabilities submitted. Horizon3.ai's NodeZero has executed over 170,000 pentests. These aren't vaporware demos. They're production tools finding real vulnerabilities.

The question for APX is differentiation. The big players have massive datasets, established customer bases, and significant funding advantages. A $375K angel round against unicorns is a David vs Goliath story.

Why It Matters:

What's interesting is the approach. Rather than competing head-to-head on enterprise autonomous pentesting, APX appears to be focused on making AI pentesting accessible to a broader market. Their trust centre emphasises "patent-pending technology" and the ability to deliver "verified exploits with reproducible proof, not scanner noise."

The timing works. Enterprise buyers are increasingly comfortable with AI agents. The cost of traditional penetration testing is prohibitive for many organisations. And there's a clear gap between expensive manual pentests and noisy vulnerability scanners that APX could exploit.

At $375K, this is very early. No institutional backing yet. No disclosed customers. But the founder background is credible, the timing is right, and the market is large enough to support multiple winners.

One to watch.

VP Federal
💰 $250K base
📍 US
High-growth security vendor targeting federal and government markets. Strategic role building federal go-to-market from the ground up. Well-funded with strong technical differentiation.
Contact: [email protected]

Head of Marketing
💰 $230K base
📍 US
Offensive security company disrupting the penetration testing market. Building marketing function for high-growth phase. Strong technical product with clear differentiation.
Contact: [email protected]

Demand Generation Lead
💰 $200K
📍 US
Enterprise security vendor with established product and growing customer base. Building demand generation capability for US expansion.
Contact: [email protected]

VP Sales EMEA
💰 €150K base
📍 EMEA
Threat intelligence platform with strong European presence. Leading regional sales organisation across multiple markets.
Contact: [email protected]

Channel Account Manager - East
💰 $135K base
📍 US (East)
Enterprise technology solutions provider. Building channel relationships across cybersecurity and infrastructure portfolio.
Contact: [email protected]

Ready to make your next move? These roles won't stay open long.

Four cybersecurity companies went out of business this week:

Boldend - Cybersecurity company. Limited public information. (Carlsbad, CA)

GovSky - Government-focused security technology. (Exeter, NH)

OXS Lab - Security operations platform. (Paris, France)

Unblinkr - Security monitoring technology. (Herndon, VA)

Have market intelligence to share? Our network sees deals before they're announced, hiring freezes before they're public, and technology shifts before they hit the headlines.

Send us your tips:

Email: [email protected]
All sources protected. We verify before we publish.