Cybersecurity Startup Funding 2025-2026
In our cybersecurity market deck, you will find everything you need to understand the market
SUMMARY
We analyzed every publicly disclosed equity round raised by pure-play cybersecurity companies between July 2025 and June 2026, a 12-month window covering every geography. We only kept equity rounds of $300K or more, and excluded companies whose core activity does not fit the cybersecurity market.
Over this period, fundraising in the cybersecurity market was broad on deal count and selective on dollars. The dataset includes 96 disclosed deals, 96 unique companies, and $4.19B raised.
Capital in the cybersecurity market is concentrated, but not completely captured by one company. The top deal represents 16.7% of total capital, the top 3 deals reach 30.8%, and the top 10 deals reach 53.1%.
The median round size in the cybersecurity market is $19.5M, while the average round size is $43.6M. That gap shows how several large rounds pull headline funding totals above the experience of the typical company.
Deal flow has been consistently active. The cybersecurity market averaged 8.0 disclosed rounds per month, with March 2026 standing out at 14 deals and $908M raised.
Identity Security is the clear center of gravity. It accounts for 30 deals and $1.78B raised, equal to 31.3% of deals and 42.6% of disclosed capital.
North America dominates cybersecurity funding by both scale and count. It captures 55 of 96 deals and $2.98B, or 71.3% of all disclosed capital.
The cybersecurity market is not mainly a seed-formation market. Seed and Series A rounds produce 61.5% of deal count, but Series B and later rounds capture 70.6% of disclosed capital.
Follow-on rounds dominate the funding signal. Most large checks go to companies that already have product evidence, customer traction, or category-control potential.
Investor repetition is limited. Only 11 investors appear in more than one disclosed deal, which means the cybersecurity market has wide participation but few visibly repeated syndicate leaders.
This market map, featured in our cybersecurity market deck, highlights top companies and startups in the cybersecurity market
What are all the funding deals in the cybersecurity market from July 2025 to June 2026?
The table below lists every disclosed equity round raised by pure-play cybersecurity companies between July 2025 and June 2026. We count as “pure-play” cybersecurity companies those whose primary purpose is to protect digital systems, data, and users from cyber threats.
Each row shows the company, what it does, its category, the deal date, the funding stage, the round size, the region, and the main investors. For a wider view of how cybersecurity fits inside the broader security software and services opportunity, we cover it in our Cybersecurity market report.
| Company | What they do | Category | Date | Stage | Deal size | Region | Main investors |
|---|---|---|---|---|---|---|---|
| Crash Override | AppSec for AI/code security and exploitation workflows | Application Security | Jul 2025 | Seed | $28M | North America | GV |
| AirMDR | managed detection and response platform | Managed Security Services | Jul 2025 | Seed | $10.5M | North America | Race Capital |
| Cyata | identity security platform | Identity Security | Jul 2025 | Seed | $8.5M | Middle East | TLV Partners |
| North Pole Security | endpoint security startup | Endpoint Security | Jul 2025 | Seed | $4M | North America | Undisclosed |
| Zip Security | cybersecurity platform/MSSP for SMBs | Managed Security Services | Jul 2025 | Series A | $13.5M | North America | Ballistic Ventures |
| Wallarm | API security platform | Application Security | Jul 2025 | Series C | $50M | North America | Toba Capital |
| Root Evidence | vulnerability evidence and application risk platform | Application Security | Jul 2025 | Seed | $12.5M | North America | Ballistic Ventures |
| Seal Security | vulnerability remediation and open-source security | Application Security | Jul 2025 | Series A | $13M | Middle East | Vertex Israel |
| Approov | mobile API and application security | Application Security | Aug 2025 | Series A | $6.7M | Europe | Investment Funding for Scotland |
| 1Kosmos | passwordless identity and identity verification security | Identity Security | Aug 2025 | Series B | $47M | North America | Forgepoint Capital |
| Seemplicity | exposure and vulnerability remediation automation | Application Security | Aug 2025 | Series B | $50M | Middle East | Sienna Venture Capital |
| Hush Security | identity security | Identity Security | Sep 2025 | Seed | $11M | Middle East | Battery Ventures |
| ScaleKit | developer identity and authentication infrastructure | Identity Security | Sep 2025 | Seed | $5.5M | Asia-Pacific | Together Fund |
| Fabrix Security | identity security | Identity Security | Sep 2025 | Seed | $8M | North America | Norwest Venture Partners |
| Prelude | endpoint security and adversary-emulation security tooling | Endpoint Security | Sep 2025 | Unknown | $16M | North America | Brightmind Partners |
| Vouched Identity | identity verification security | Identity Security | Sep 2025 | Series A | $17M | North America | Spring Rock Ventures |
| FireCompass | penetration testing and attack-surface validation | Managed Security Services | Sep 2025 | Series A | $20M | Asia-Pacific | EC-Council |
| Red Access | browser/endpoint security | Endpoint Security | Sep 2025 | Series A | $17M | Middle East | Norwest Venture Partners |
| Koi | security for browser extensions, AI models, and software add-ons | Endpoint Security | Sep 2025 | Series A | $48M | Middle East | Battery Ventures and Team8 |
| Terra Security | penetration testing and offensive security platform | Managed Security Services | Sep 2025 | Series A | $30M | Middle East | Felicis |
| BotCity | bot and application abuse protection | Application Security | Sep 2025 | Series A | $12M | Latin America | Four Rivers |
| ID.me | digital identity verification | Identity Security | Sep 2025 | Series D+ | $340M | North America | Ribbit Capital |
| Vali Cyber | Linux endpoint security | Endpoint Security | Sep 2025 | Growth Equity | $5M | North America | Undisclosed |
| Descope | customer identity and access management | Identity Security | Oct 2025 | Seed | $35M | North America | Cerca Partners |
| MokN | identity security | Identity Security | Oct 2025 | Seed | $3M | Europe | Moonfire |
| Ploy | identity security | Identity Security | Oct 2025 | Seed | $3.33M | Europe | Onsey Capital |
| Talion Cyber Security | managed security services provider | Managed Security Services | Oct 2025 | Unknown | $2.7M | Europe | Mercia Equity Finance |
| Arcjet | developer-first application security | Application Security | Oct 2025 | Series A | $8.3M | North America | Plural |
| Glide Identity | identity security | Identity Security | Oct 2025 | Series A | $20M | North America | Crosspoint Capital |
| OneLayer | private cellular and IoT network security | Network Security | Oct 2025 | Series A | $28M | Middle East | Maor Investments |
| CybaVerse | managed cyber services and security platform | Managed Security Services | Oct 2025 | Series A | $6.7M | Europe | Pembroke VCT |
| Keycard | identity security | Identity Security | Oct 2025 | Series A | $30M | North America | Acrew Capital |
| Defakto | identity security | Identity Security | Oct 2025 | Series B | $30.75M | North America | XYZ Venture Capital |
| ConductorOne | identity governance and access control | Identity Security | Oct 2025 | Series B | $79M | North America | Greycroft |
| Conceal | browser and endpoint security | Endpoint Security | Oct 2025 | Series B | $26M | North America | Two Bear Capital |
| Tenzai | application security and AI AppSec | Application Security | Nov 2025 | Seed | $75M | North America | Greylock |
| Self | identity security | Identity Security | Nov 2025 | Seed | $9M | Europe | Greenfield Capital |
| Seezo | application security | Application Security | Nov 2025 | Seed | $7M | Middle East | Accel |
| Blast Security | cloud security | Cloud Security | Nov 2025 | Seed | $10M | Middle East | 10D |
| Opti | identity security | Identity Security | Nov 2025 | Seed | $20M | Middle East | YL Ventures |
| Oleria | identity security | Identity Security | Nov 2025 | Unknown | $19M | North America | Undisclosed |
| iVerify | mobile endpoint security | Endpoint Security | Nov 2025 | Unknown | $12.326M | North America | Undisclosed |
| FireTail | API security | Application Security | Nov 2025 | Unknown | $5M | North America | Paladin Capital Group |
| Codenotary | application and software integrity security | Application Security | Nov 2025 | Unknown | $16.5M | North America | Undisclosed |
| Feroot | web application client-side security | Application Security | Nov 2025 | Series A | $14M | North America | True Ventures |
| Clover Security | application security | Application Security | Nov 2025 | Series A | $36M | North America | Notable Capital |
| NetFoundry | zero-trust network security | Network Security | Nov 2025 | Series A | $15M | North America | SYN Ventures |
| Apono | privileged access and identity security | Identity Security | Nov 2025 | Series B | $34M | Middle East | US Venture Partners |
| Guardio | browser and endpoint protection | Endpoint Security | Nov 2025 | Series B | $80M | Middle East | ION Crossover Partners |
| Sweet Security | cloud runtime and AI security | Cloud Security | Nov 2025 | Series B | $75M | Middle East | Evolution Equity Partners |
| Multifactor | identity security | Identity Security | Dec 2025 | Seed | $15M | Asia-Pacific | Nexus Venture Partners |
| Soverli | endpoint security | Endpoint Security | Dec 2025 | Seed | $2.6M | Europe | Founderul |
| Saporo | identity attack-path and access risk security | Identity Security | Dec 2025 | Series A | $8.1M | Europe | TIN Capital |
| Prime Security | application security and design-stage security | Application Security | Dec 2025 | Series A | $20M | North America | Scale Venture Partners |
| Saviynt | identity governance and administration | Identity Security | Dec 2025 | Series B | $700M | North America | KKR |
| Dam Secure | application security | Application Security | Jan 2026 | Seed | $4M | North America | Paladin Capital Group |
| Symbiotic Security | application security | Application Security | Jan 2026 | Seed | $10M | Europe | Alven and Drysdale |
| Rein Security | API security | Application Security | Jan 2026 | Seed | $8M | Middle East | Glilot Capital |
| DSShield | security services | Managed Security Services | Jan 2026 | Unknown | $54M | North America | Merak Capital |
| MagicCube | endpoint/payment device security | Endpoint Security | Jan 2026 | Unknown | $10M | North America | Verifone |
| Act Security | cloud security | Cloud Security | Jan 2026 | Series A | $40M | North America | Notable Capital |
| Netbird AI | VPN/network security | Network Security | Jan 2026 | Series A | $10M | Europe | Pace Capital |
| Aikido Security | application security platform | Application Security | Jan 2026 | Series B | $60M | Europe | DST Global |
| Defense Unicorns | secure DevSecOps and software delivery security | Application Security | Jan 2026 | Series B | $136M | North America | Bain Capital |
| Upwind | cloud security platform | Cloud Security | Jan 2026 | Series B | $250M | Middle East | Bessemer |
| Allthenticate | identity and access security | Identity Security | Feb 2026 | Seed | $4.85M | North America | Undisclosed |
| Clearly AI | application security | Application Security | Feb 2026 | Seed | $8.4M | North America | Basis Set Ventures |
| Veria Labs | penetration testing and offensive security | Managed Security Services | Feb 2026 | Seed | $3.2M | North America | Amino Capital |
| t54 Labs | identity security | Identity Security | Feb 2026 | Seed | $5M | North America | Anagram |
| Delta Spike Asia | security services | Managed Security Services | Feb 2026 | Unknown | $7.16M | Asia-Pacific | VentureTECH |
| RADICL | managed/security services for regulated sectors | Managed Security Services | Feb 2026 | Series A | $31M | North America | Paladin Capital Group |
| Backslash | application security | Application Security | Feb 2026 | Series A | $19M | Middle East | KOMPAS VC |
| Venice | identity security | Identity Security | Feb 2026 | Series A | $33M | North America | IVP |
| Andronite | application security | Application Security | Feb 2026 | Series A | $5M | North America | Gatemore Capital |
| Reco | SaaS application/cloud security | Cloud Security | Feb 2026 | Series B | $30M | Middle East | Zeev Ventures |
| GitGuardian | secrets and non-human identity security | Identity Security | Feb 2026 | Series C | $50M | Europe | Insight Partners |
| Idfy | identity verification security | Identity Security | Feb 2026 | Series D+ | $53M | Asia-Pacific | Neo Secondaries Fund |
| Manifold | endpoint security | Endpoint Security | Mar 2026 | Seed | $8M | North America | Costanoa Ventures |
| 1stProtect | endpoint security | Endpoint Security | Mar 2026 | Unknown | $20M | North America | Andra Capital |
| FIG Security | detection and response security operations | Managed Security Services | Mar 2026 | Series A | $38M | North America | Ten Eleven Ventures |
| Qevlar | detection and response security operations | Managed Security Services | Mar 2026 | Series A | $30M | Europe | Partech |
| Tracebit | detection and response security operations | Managed Security Services | Mar 2026 | Series A | $20M | Europe | FirstMark |
| Native | cloud security | Cloud Security | Mar 2026 | Series A | $31M | North America | Ballistic Ventures |
| Corridor | application security | Application Security | Mar 2026 | Series A | $25M | North America | Felicis |
| Oasis Security | non-human identity security | Identity Security | Mar 2026 | Series B | $120M | Middle East | Craft Ventures |
| TENEX | AI security operations and managed security services | Managed Security Services | Mar 2026 | Series B | $250M | North America | Crosspoint Capital |
| depthfirst | application security | Application Security | Mar 2026 | Series B | $80M | North America | Meritech Capital |
| XBOW | AI penetration testing | Managed Security Services | Mar 2026 | Series C | $120M | North America | DFJ Group |
| Cape | endpoint security | Endpoint Security | Mar 2026 | Series C | $100M | North America | Bain Capital |
| ArmorCode | application security posture management | Application Security | Mar 2026 | Growth Equity | $16M | North America | Cheyenne Ventures |
| Linx | identity security for human and non-human identities | Identity Security | Mar 2026 | Series B | $50M | North America | Insight Partners, Index Ventures, Cyberstarts |
| Deep Algorithms | identity security | Identity Security | Apr 2026 | Seed | $1.9M | Asia-Pacific | Unicorn India Ventures |
| Copperhelm | cloud security | Cloud Security | Apr 2026 | Seed | $7M | Middle East | TLV Partners |
| Artemis | detection and response security platform | Managed Security Services | Apr 2026 | Series A | $70M | North America | Felicis |
| Exaforce | AI security operations center platform | Managed Security Services | May 2026 | Series B | $125M | North America | HarbourVest, Peak XV, Khosla Ventures |
| Opal Security | AI-native identity governance | Identity Security | Jun 2026 | Unknown | $23M | North America | Greylock, Battery Ventures |
In our cybersecurity market deck, we identify pain points entrepreneurs should prioritize
OUR METHODOLOGY TO BUILD THIS TRACKER
We built this cybersecurity funding tracker by reviewing every publicly disclosed equity round raised by pure-play cybersecurity companies between July 2025 and June 2026. A company counts as pure-play when more than 80% of its activity is dedicated to protecting digital systems, data, and users from cyber threats.
We applied four filters to build the dataset. First, we only included equity rounds, so grants, debt, and revenue financing are excluded. Second, we only counted rounds of $300K or more. Third, we only kept pure-play cybersecurity companies. And fourth, every entry had to be confirmed by a direct company announcement, a press release, or a tier-1 media report, with the source URL preserved for every row.
We included cybersecurity software across identity, endpoint, network, cloud, application, and data security, plus dedicated security services such as managed detection and response, security operations, penetration testing, incident response, and security awareness training. We excluded general IT infrastructure, generic backup and disaster recovery, IT outsourcing, and purely physical security unless the company was specifically designed and marketed as a cybersecurity offering.
The final dataset contains 96 disclosed deals across 96 unique companies. Every average, median, share, and concentration ratio is computed on that disclosed sample. Privately raised rounds that were never publicly announced are necessarily missing, which is a known limitation of any public-only cybersecurity funding tracker.
How active has fundraising been in the cybersecurity market?
As of June 2026, fundraising in the cybersecurity market has been active on deal count and large on dollars. Over the past 12 months, companies raised 96 disclosed equity rounds and $4.19B combined, which works out to 8.0 deals per month.
The cybersecurity market did not depend on repeated raises by the same companies. The dataset includes 96 unique companies, so the activity reflects a broad flow of separate funding targets rather than a small group returning to market.
Capital flow was much less even than deal flow. Monthly funding averaged $348.8M, but March 2026 alone produced $908M across 14 deals, while June 2026 was partial and showed only one disclosed deal.
The median monthly deal count was 9.0, which confirms that the activity level was not driven by one noisy month. Still, monthly dollars should be read with caution because December 2025 reached $745.7M largely because of Saviynt’s $700M round.
For more context on why this market remains active, see our cybersecurity market report.
How concentrated has fundraising been in the cybersecurity market?
As of June 2026, fundraising in the cybersecurity market is meaningfully concentrated, but not fully winner-take-all. Over the past 12 months, the largest deal accounts for 16.7% of capital, the top 3 deals reach 30.8%, and the top 10 deals reach 53.1%.
Saviynt’s $700M Series B is the largest round in the dataset and alone explains a large part of Identity Security’s lead. This number should not be read as typical of cybersecurity funding.
The concentration is visible, but less extreme than in markets where one or two mega-rounds define the whole dataset. The top 5 deals account for 40.0% of dollars, leaving a large mid-market funding layer below the biggest rounds.
This means total fundraising headlines can still mislead. A better reading is that cybersecurity funding was broad in company count, while capital conviction concentrated around a few platform-style winners.
How much of the cybersecurity funding signal is driven by outliers?
As of June 2026, outliers drive a large share of the cybersecurity funding signal, but they do not erase the rest of the market. Over the past 12 months, 18 of 96 rounds were above $50M, and those rounds lifted total disclosed capital to $4.19B.
Excluding rounds above $50M reduces disclosed capital from $4.19B to $1.42B. That means the normal sub-$50M cybersecurity market is much smaller than the headline total suggests.
The median round size is $19.5M, while the average is $43.6M. That gap is a simple warning that the average company did not raise anything close to the average round.
Only 8 rounds were above $100M, equal to 8.3% of deal count. The cybersecurity market therefore has a broad base of smaller rounds and a narrow top layer of scale financings.
This chart, included in our cybersecurity market deck, breaks down CrowdStrike’s playbook in cybersecurity
Is the cybersecurity market broad with many targets, or narrow with few fundable companies?
As of June 2026, the cybersecurity market is broad with many fundable targets. Over the past 12 months, 96 unique companies raised 96 disclosed equity rounds, so the dataset does not show a repeat-fundraiser bottleneck.
The category spread confirms this breadth. Identity Security had 30 deals, Application Security had 26, Managed Security Services had 17, Endpoint Security had 13, Cloud Security had 7, and Network Security had 3.
That said, breadth does not mean equal investor conviction. Identity Security captured 42.6% of disclosed capital, while Network Security captured only 1.3%, even though both are part of the cybersecurity market.
The right reading is a broad opportunity set with selective capital intensity. Investors funded many cybersecurity companies, but they reserved the largest checks for categories that can own identity, cloud, SOC, or application-risk control points.
Is cybersecurity mostly an early-stage formation market or a late-stage scaling market?
As of June 2026, the cybersecurity market has early-stage deal volume but late-stage capital weight. Over the past 12 months, Seed and Series A rounds represented 61.5% of disclosed deals, while Series B and later rounds captured 70.6% of capital.
Seed rounds were abundant but financially light. They accounted for 28 deals and $328.3M, or 29.2% of deals but only 7.8% of disclosed capital.
Series B is the real financing hinge in the cybersecurity market. It produced only 18 deals, but those deals raised $2.22B, equal to 53.1% of total disclosed capital.
This suggests investors were willing to test many early hypotheses, but serious capital arrived after companies showed platform potential. In cybersecurity, the round label matters less than whether the company can become a system of record or control plane.
We cover the stage split in more detail in our deeper analysis of the cybersecurity market.
Which categories attract the most investor attention in cybersecurity?
As of June 2026, Identity Security attracts the most investor attention in cybersecurity. Over the past 12 months, the category produced 30 deals and $1.78B, equal to 31.3% of deal count and 42.6% of capital.
Application Security is the second-largest category by deal count, with 26 disclosed rounds. But it raised $725.4M, or 17.3% of capital, which makes it active but more fragmented.
Managed Security Services also matters, with 17 deals and $831.8M raised. The category is being funded less like old labor-heavy services and more like automated SOC, MDR, and offensive-security infrastructure.
Cloud Security is small by count but strong by check size. It had only 7 deals, yet captured $443M and the highest capital-share-to-deal-share ratio in the dataset.
This chart, included in our cybersecurity market deck, illustrates yearly funding for cybersecurity startups
Which categories attract disproportionately large checks in the cybersecurity market?
As of June 2026, Cloud Security and Identity Security attract disproportionately large checks in the cybersecurity market. Over the past 12 months, Cloud Security had a capital-share-to-deal-share ratio of 1.45, while Identity Security reached 1.36.
Cloud Security shows the clearest capital intensity signal. It had only 7.3% of deals but 10.6% of disclosed capital, with a $63.3M average round size and a $31M median.
Identity Security is both large and capital-efficient. It had the most deals, the most dollars, and a $59.5M average round size, helped by major governance and identity verification rounds.
Application Security and Endpoint Security moved in the opposite direction. Their capital-share-to-deal-share ratios were 0.64 and 0.62, which means investors funded many companies but generally wrote smaller checks.
For a deeper look at category quality, read our market report covering cybersecurity categories.
Which geographies matter most for fundraising in the cybersecurity market?
As of June 2026, North America matters most for cybersecurity fundraising by a wide margin. Over the past 12 months, the region captured 55 of 96 deals and $2.98B, equal to 71.3% of all disclosed capital.
The Middle East is the second most important geography in the cybersecurity market. It produced 20 deals and $865.5M, almost perfectly balanced at 20.8% of deals and 20.7% of capital.
Europe was active but smaller-check. It had 14 deals and $222.1M, equal to 14.6% of deal count but only 5.3% of capital.
Asia-Pacific remained visible but selective, with 6 deals and $102.6M. Latin America had one qualifying deal, and Africa had no disclosed qualifying equity rounds in this dataset.
Is the cybersecurity opportunity set broad or concentrated in one hub?
As of June 2026, the cybersecurity opportunity set is broad globally but concentrated in two funding hubs. Over the past 12 months, North America and the Middle East together captured 78.1% of deals and 92.0% of disclosed capital.
North America controls the large-check layer of the cybersecurity market. Its median round size was $25M, and its average round size was $54.3M, both above Europe and Asia-Pacific.
The Middle East, effectively Israel-heavy in this dataset, punched above its weight. It matched its deal share and capital share almost exactly, which means the region was consistently fundable rather than distorted by one small set of deals.
Europe and Asia-Pacific remain important, but their capital shares are much smaller. The cybersecurity market is global in formation, yet still U.S.-centric and Israel-heavy in scale financing.
For more geographic context, see our full market deck on cybersecurity fundraising.
This chart, included in our cybersecurity market deck, compares the main business model options for XDR and MDR cybersecurity vendors
Is cybersecurity a market of small experiments or scaled financings?
As of June 2026, cybersecurity is both a market of small experiments and scaled financings. Over the past 12 months, 78 of 96 disclosed rounds were below $50M, but 18 rounds above $50M captured most of the dollar narrative.
The size distribution shows the barbell clearly. There were 9 deals below $5M, 39 deals from $5M to below $20M, 30 deals from $20M to $50M, and 18 deals above $50M.
A $20M round is close to the market’s median signal. Anything below that should be read as early validation, while anything above $50M usually signals belief in platform potential.
The market is therefore not simply “booming” across all companies. It is selectively aggressive around teams that can own identity governance, cloud runtime, AppSec posture, or SOC workflows.
If you want to go deeper on this funding barbell, explore our cybersecurity market report on funding patterns.
Who are the investors that appear the most in cybersecurity fundraising?
As of June 2026, only 11 investors appear in more than one disclosed cybersecurity round. Over the past 12 months, Ballistic Ventures, Battery Ventures, Felicis, and Paladin Capital Group led the repeat list with 3 deals each.
Several investors appeared twice, including Bain Capital, Crosspoint Capital, Greylock, Insight Partners, Norwest Venture Partners, Notable Capital, and TLV Partners. That is a modest repeat-investor layer for a 96-deal dataset.
The pattern suggests broad participation rather than a market controlled by one syndicate. Specialist cyber investors still matter at category formation and early scaling, while larger generalist or growth capital appears more visibly in the biggest rounds.
One important caveat: round announcements rarely disclose how much each investor personally contributed. So any investor-dollar reading should be treated as co-participation in a round, not as a direct check-size estimate.
This chart, featured in our cybersecurity market deck, illustrates revenue distribution by customer segment in the cybersecurity market
INSIGHTS
The insights below come from reviewing every disclosed equity round in the cybersecurity market between July 2025 and June 2026. They are not row-by-row summaries. They are the reusable patterns that kept showing up across the 96-deal dataset, and they are meant to stay useful when reading any future cybersecurity funding announcement.
- Identity Security is the cybersecurity market’s center of gravity, not just a one-round distortion. It holds 31.3% of deals and 42.6% of disclosed capital. Investors funded identity more often and with larger checks.
- The strongest identity signal is not simple login tooling. The largest rounds cluster around governance, verification, access control, and non-human identity. That points to enterprise anxiety around permissions and privileged actors.
- Series B is the real financing hinge in the cybersecurity market. It produced only 18.8% of deals but 53.1% of capital. Investors waited for product-market proof before committing the largest checks.
- Seed rounds were plentiful but financially light. They represented 29.2% of deals but only 7.8% of capital. The market is willing to test many ideas, but not fund all of them equally.
- The median cybersecurity round was $19.5M, while the average was $43.6M. This gap shows that headline totals overstate the funding environment for most startups.
- The top 10 deals absorbed 53.1% of all capital. Any market reading based on the average company will overstate the strength of the typical fundraising outcome.
- Saviynt alone represented 16.7% of total disclosed capital. That makes identity governance the strongest single capital magnet, but it also makes category totals sensitive to one late-stage round.
- Removing rounds above $50M reduces total capital from $4.19B to $1.42B. The normal cybersecurity funding market is closer to a $1.4B sub-$50M ecosystem than to the headline number.
- Cloud Security had only 7 deals but the strongest capital intensity, with a 1.45 capital-share-to-deal-share ratio. Investors did not back many cloud-security companies, but they backed selected winners heavily.
- Network Security was the weakest category by capital concentration. It had 3.1% of deals and only 1.3% of capital. The category looked necessary, but not venture-prioritized.
- Managed Security Services behaved more like software infrastructure than traditional services. Its $48.9M average deal size suggests investors are funding automation-heavy SOC, MDR, and offensive-security models.
- Application Security was broad but fragmented. It produced 26 deals, yet only 17.3% of capital. Investors still fund AppSec heavily, but the category shows less winner-take-most concentration.
- Endpoint Security remains relevant but not dominant. Its 13 deals and 8.3% capital share show continued demand, but not enough fresh urgency to lead this funding cycle.
- The cybersecurity market is shifting from protecting assets to governing agents and permissions. Identity, cloud runtime, AI-SOC, and application-risk rounds all reflect the same buyer problem: more autonomous systems create more privileged actors.
- North America dominates both count and scale. It captures 57.3% of deals and 71.3% of capital. The U.S.-centric market still controls the large-check financing layer.
- The Middle East punched above its weight. It held 20.8% of deals and 20.7% of capital. That balance suggests consistent fundability, not just a single outlier.
- Europe was active but smaller-check. It had 14.6% of deals and 5.3% of capital. European cybersecurity companies appeared often, but rarely at breakout financing scale.
- March 2026 was the clearest risk-on window. It produced 14 deals and $908M. The month combined high deal count with multiple large Series B and Series C rounds.
- December 2025 shows why monthly dollar totals need deal context. The month had only 5 deals but $745.7M, mainly because of Saviynt’s $700M round.
- The market’s proof pattern is category control plus enterprise urgency. Large rounds clustered around platforms that could own workflows, control planes, or systems of record.
- The weaker proof pattern is feature-level security tooling without platform gravity. Smaller rounds in AppSec and endpoint show that investors still fund tools, but reserve larger checks for workflow ownership.
- Investor repetition was limited for a 96-deal dataset. Only 11 investors appeared more than once. That means participation is broad, but syndicate control is still fragmented.
- The most useful future evaluation rule is to discount novelty unless it shows category ownership. The dataset repeatedly rewards companies that can own identity governance, cloud runtime, AppSec posture, or SOC workflows.
Pinpoint Search Group (July 2025 cybersecurity funding), PR Newswire (Zip Security), Pinpoint Search Group (August 2025 cybersecurity funding), Pinpoint Search Group (September 2025 cybersecurity funding), Business Insider (Koi), Pinpoint Search Group (October 2025 cybersecurity funding), Pinpoint Search Group (Q4 2025 cybersecurity funding), SecurityWeek (Sweet Security), Pinpoint Search Group (Q1 2026 cybersecurity funding), Business Insider (Linx), Pinpoint Search Group (April 2026 cybersecurity funding), TechCrunch (Exaforce), SecurityWeek (Opal Security)
Related blog posts
- An overview of funding deals in the cybersecurity market
- The startups that have raised the most funding in cybersecurity
