All news in category "Market Moves"

Build Your B2B Personal Brand via Foundry Expert Network

💡 The Foundry expert network now lets IT and business leaders build a visible B2B personal brand across German-language platforms such as CSO Deutschland, Computerwoche, and CIO.de. Contributors can publish technical or opinion pieces after topic coordination and may reach audiences beyond the German-speaking region. Apply to join to share perspectives on vendors, digital sovereignty, and management or security practices.

Startup Frenetik Launches Patented Deception Technology

🔐 Frenetik, a Maryland cybersecurity startup, emerged from stealth with a patented approach called Deception In-Use that continuously rotates real identities and resources across Microsoft Entra (M365), AWS, Google Cloud and on-prem environments. By routing critical change details through out-of-band channels accessible only to trusted parties, defenders retain accurate visibility while attackers operate on stale intelligence and are more likely to be funneled into decoys and honeypots.

Cybersecurity M&A Roundup: Giants Strengthen AI Security

🛡️ November 2025 saw a flurry of cybersecurity acquisitions as major vendors raced to embed AI, observability and exposure management across their portfolios. Deals included Palo Alto Networks' $3.35bn purchase of Chronosphere, LevelBlue's completion of its Cybereason acquisition, and Bugcrowd's buy of AI app-security firm Mayhem. Other moves saw Safe Security acquire Balbix, Zscaler buy SPLX, and Arctic Wolf agree to acquire UpSight to bolster ransomware prevention. Collectively these transactions accelerate AI-driven automation and resilience across cloud, endpoint and software security.

Kevin Lancaster Joins usecure Board to Drive Channel Growth

🛡️ usecure has appointed Kevin Lancaster as a Non-Executive Director to accelerate its North American channel expansion. Lancaster, founder of ID Agent and former head of Channel Program, brings deep channel experience and a proven track record of scaling channel-first security and SaaS businesses. He will work with the board and executive team to help usecure become the leading human risk management solution for MSPs, supporting growth across distribution partners and more than 1,800 MSP partners worldwide.

Replicate Joins Cloudflare to Build AI Infrastructure

🚀 Replicate is now part of Cloudflare, bringing its model packaging and serving tools into Cloudflare’s global network. Since 2019 Replicate has shipped Cog and a hosted inference platform that made running research models accessible and scaled during the Stable Diffusion surge. Joining Cloudflare pairs those abstractions with network primitives like Workers, R2, and Durable Objects to enable edge model execution, instant serverless pipelines, and streaming integrations such as WebRTC while supporting developers and researchers.

ServiceNow in Talks to Acquire Identity Firm Veza

🔐 ServiceNow is reportedly in advanced talks to acquire identity-security startup Veza for more than $1 billion, a deal that could be announced next week. The move would pair ServiceNow's recent AI automation capabilities from Moveworks with Veza's Authorization Graph to map and govern permissions for human and machine identities. For customers, the acquisition aims to close trust and governance gaps around AI agents and non-human accounts, though integration, licensing, and standalone availability questions remain.

An Open Letter to Cybersecurity Vendors and Investors

🔊 The cybersecurity market is awash in noise: vendors and investors chase flashy pitches while the long-standing vulnerabilities that cause real breaches remain neglected. The author argues CISOs don’t buy technology so much as they buy reduced risk and confidence, so purchases must fit roadmaps, integrate cleanly, and be sustainable. He prioritizes visibility, identity, automation that empowers people, and tools that reinforce fundamentals like patching and segmentation. Hype, overlapping products, and complexity are rejected in favor of practical reliability.

Replicate Joins Cloudflare to Expand AI Developer Platform

🧭 Cloudflare is bringing Replicate into its developer platform to integrate Replicate’s large model catalog and community with Cloudflare’s global, serverless inference stack. Existing Replicate APIs and workflows will continue to operate without interruption while benefitting from Cloudflare’s performance and reliability. Workers AI users will get immediate access to a greatly expanded catalog plus upcoming support for fine-tuning and custom models, enabled by Cog and unified control through Cloudflare’s AI Gateway.

Why Chief Trust Officers Are Emerging and How CISOs Fit

🤝 Organizations are creating a chief trust officer (CTrO) to elevate trust as a business differentiator, responding to breaches, product-safety worries and AI-related uncertainty. The CTrO typically complements the CISO by focusing on reputation, ethics, transparency and customer confidence while CISOs retain technical controls, incident response and security operations. Leaders stress the role must produce measurable outcomes and avoid becoming mere 'trust theatre' by tracking signals such as customer sentiment, retention and external certifications.

Security Leaders Who Built Companies from Frustration

🔒 Four former CISOs — Paul Hadjy, Joe Silva, Chris Pierson, and Michael Coates — turned recurring operational frustrations into startups that address enduring enterprise security gaps. Hadjy founded Horangi to tackle cloud security in Asia, Silva launched Spektion to reframe vulnerability management as an engineering problem, Pierson created BlackCloak to protect executives’ personal digital lives, and Coates built Altitude to secure cloud collaboration. Their founder journeys emphasize ruthless prioritization, accountability, and treating security as a trust and revenue enabler.

10 Promising Cybersecurity Startups CISOs Should Know

🔒 This roundup profiles ten cybersecurity startups founded in 2020 or later that CISOs should watch, chosen for funding, leadership, customer traction, and strategic clarity. It highlights diverse categories including non-human identity, software supply chain, data security posture, and AI agent security. Notable vendors such as Astrix, Chainguard, Cyera, and Drata have raised substantial capital and achieved rapid enterprise adoption. The list underscores investor enthusiasm and the rise of runtime‑focused and agentic defenses.

How CISOs Can Transition Between Industries Successfully

🧭 Successful cross-industry moves for CISOs require reframing technical experience as demonstrable business impact. Executives often assume security leaders are industry‑locked, but practitioners such as Marc Ashworth and Tim Youngblood show that a background in consulting, active participation in ISACs, and strong risk‑management fundamentals translate across sectors. Recruiters advise emphasizing measurable outcomes, targeting structurally similar industries, and leveraging client relationships to bridge credibility gaps. Avoid being pigeonholed by clearly linking past achievements to the goals of the prospective organization.

Sendmarc names Dan Levinson Customer Success Director

🔐 Sendmarc has appointed Dan Levinson as Customer Success Director — North America to support the company’s regional expansion and enhance locally aligned customer support. Levinson brings more than 15 years of experience across email security, deliverability, account and product management, and leadership, with direct experience implementing SPF, DKIM and DMARC. He will build and lead a North America customer success team focused on accelerating DMARC adoption, improving visibility across email environments, and strengthening protections against impersonation while preserving deliverability.

Why CISO Tenures Are Shortening and What It Means?

🔁 CISO tenures now often last only 18–36 months, driven by burnout, startup pace, and escalating liability concerns. The role demands constant readiness for breaches, extensive cross‑functional communication, and navigation of company politics, which many find unsustainable long term. Larger enterprises typically retain CISOs longer thanks to scale and resources. As a result, some leaders pursue fractional roles, vendor careers, or advisory positions while organizations push for clearer standards and better board-level alignment.

Brave Browser Tops 100M Monthly Active Users in September

🌐 Brave reached a new high in September with 101 million monthly active users and 42 million daily active users, marking the project's largest user base to date. Its privacy-focused Brave Search, built on an independent index, now handles about 1.6 billion queries per month (roughly 20 billion per year), with approximately 8% of queries coming from Chrome users. Regulatory shifts such as the EU Digital Markets Act and Apple’s iOS 17.4 update helped boost installs—iOS downloads in Europe rose about 50%—and Brave's steady gain of ~2.5 million new users per month, combined with privacy AI tools like the AI Answers summarizer (15 million responses/day) and the new Ask Brave chat-search integration, continue to drive adoption.

Cloudflare Sponsors Astro and TanStack for Open Web

🔧 Cloudflare announced financial sponsorships for two key open-source frontend projects, Astro and TanStack. The company is partnering with Webflow to support Astro and with Netlify to support TanStack, creating a coalition of contributors to bolster project sustainability. Cloudflare runs its developer documentation on Astro, citing its “zero JS by default” model and framework-agnostic approach as essential for fast, SEO-friendly docs. The announcement also highlights TanStack’s libraries and the release candidate for TanStack Start as strategic investments for building ambitious, type-safe web applications.

CISA Appoints Stephen Casapulla as Infrastructure Chief

🔔 The Cybersecurity and Infrastructure Security Agency (CISA) announced Stephen L. Casapulla as its new Executive Assistant Director for Infrastructure Security. Casapulla brings extensive federal experience, including service as Director for Critical Infrastructure Cybersecurity in the Office of the National Cyber Director and more than thirteen years at CISA and predecessor organizations. He also has prior roles at the Small Business Administration and the Department of State in Iraq, and over twenty years as a U.S. Navy Reserve officer. Casapulla will continue interim duties at the National Risk Management Center (NRMC) and serve as Acting Chief Strategy Officer.

Check Point Acquires Lakera to Build AI Security Stack

🔐 Check Point has agreed to acquire Lakera, an AI-native security platform focused on protecting agentic AI and LLM-based deployments, in a deal expected to close in Q4 2025 for an undisclosed sum. Lakera’s Gandalf adversarial engine reportedly leverages over 80 million attack patterns and delivers detection rates above 98% with sub-50ms latency and low false positives. Check Point will embed Lakera into the Infinity architecture, initially integrating into CloudGuard WAF and GenAI Protect, offering near-immediate, API-based protection as an add-on for existing customers.

Check Point to Acquire Lakera, Expanding AI Security

🚀 Check Point is acquiring Lakera to build a comprehensive AI security stack for enterprises adopting generative and AI-driven applications. The move aims to protect the emerging AI attack surface by combining Check Point's security platform with Lakera's AI threat analysis and model-protection capabilities. Customers should expect integrated defenses for models, data, and pipelines, increased visibility into model behavior, and tools for managing model risk and compliance.

CrowdStrike to Acquire Pangea to Secure Enterprise AI

🔒 CrowdStrike announced its intent to acquire Pangea to deliver the industry’s first AI detection and response (AIDR) capability, securing enterprise AI use and development across data, models, agents, identities, infrastructure, and interactions. Unveiled at Fal.Con 2025 by Michael Sentonas, the deal will integrate Pangea’s prompt‑layer and interaction security with the Falcon platform to provide unified visibility, governance, and enforcement across the AI lifecycle. The combined solution targets prompt injection, model manipulation, shadow AI and sensitive data exfiltration while enabling developers and security teams to innovate faster with built‑in safeguards.