Market News

MSSP Market News: AI Security Stacks, Identity Plays, and Training Tie-Ins

Digital Lock Icons Representing Cybersecurity in Modern Technolo

This week’s cybersecurity market activity really shows how fast AI is changing everything. CrowdStrike snapping up Pangea and Check Point buying Lakera tells you everything you need to know - vendors are betting their future on AI-native defenses. They’re not just bolting AI onto existing tools; they’re pulling it right into the core, protecting data, models, and identities. Then you’ve got Hack The Box rolling LetsDefend into its training platform, which is a smart move. You can’t have strong defenses without skilled people. And EchoStor buying CyberNorth may not be as flashy, but it fits the same pattern - enterprises want end-to-end coverage that ties cloud, infrastructure, and security together.

On the funding side, investors are throwing serious money at AI-first security startups. Fabrix is tackling identity, Terra’s going after pen testing with agentic AI, Ray is working on predictive data security, RegScale is automating compliance, and SEON is doubling down on fraud prevention.

The clear takeaway here is opportunity for MSSPs. All of these moves open doors to package new, AI-driven services - whether it’s identity resilience, exposure management, or secure networking - and turn them into recurring revenue. That’s where the channel play is.

Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts

CrowdStrike acquires Pangea: CrowdStrike will acquire Pangea to extend its Falcon platform into AI Detection and Response (AIDR). By combining its EDR foundation with Pangea’s interaction-layer security, CrowdStrike aims to unify protection across data, models, agents, and infrastructure, positioning itself to safeguard one of the fastest-growing areas of the enterprise attack surface.

Check Point acquires Lakera: Check Point will acquire Lakera to extend its Infinity architecture into a full AI security stack. By pairing Lakera’s research-driven defenses with its existing GenAI Protect, SaaS and API security, and DLP capabilities, Check Point aims to deliver prevention-first coverage across the entire AI lifecycle. The acquisition also establishes a Global Center of Excellence for AI Security, giving enterprises and MSSPs a unified platform to protect GenAI workflows, enforce guardrails, and build new managed services around AI-driven environments.

Hack The Box acquires LetsDefend: Hack The Box has acquired LetsDefend to unite offensive and defensive cybersecurity training into a single platform. HTB’s gamified red team labs now combine with LetsDefend’s virtual SOC simulations, giving enterprises, MSSPs, governments, and universities an integrated environment for upskilling across the cyber kill chain. For MSSPs, the platform creates new recurring service opportunities by packaging role-specific training, compliance reporting, and performance benchmarking as part of managed offerings.

EchoStor acquires CyberNorth: EchoStor Technologies will acquire CyberNorth to expand its presence while deepening its capabilities in data protection, infrastructure, and cloud services. CyberNorth’s expertise in safeguarding enterprise and public sector environments complements EchoStor’s broader portfolio in security, AI, and data services, creating a more integrated offering for customers facing ransomware, data breaches, and modernization challenges.

Funding

RegScale raises $30M+: RegScale has secured over $30 million in an oversubscribed Series B led by Washington Harbour Partners, with participation from Microsoft’s M12, Hitachi Ventures, Ankona Capital, and existing backers. The funding will accelerate RegScale’s AI roadmap and go-to-market expansion for its Continuous Controls Monitoring (CCM) platform, which automates compliance, evidence collection, audits, and risk analysis in real time.

Ray Security exits stealth: Ray Security has launched from stealth with $11 million in seed funding co-led by Venture Guides and Ibex Investors to debut what it calls the first predictive data security platform. The technology monitors enterprise data usage, learns access patterns, and predicts which data will be needed next, applying safeguards before risks emerge. By adapting security dynamically and automating detection and response, the platform aims to cut enterprise data risk by 90 percent.

Fabrix Security raises $8M: Fabrix Security has exited stealth with $8 million in seed funding led by Norwest, Merlin Ventures, and Jibe Ventures to launch its AI-native identity platform. The company is targeting both human and non-human identities, including employees, contractors, bots, service accounts, API keys, and AI agents. Its platform uses AI agents operating across an identity fabric graph to automate risk detection, enforce least privilege, and manage access decisions with explainable reasoning trails.

Terra Security raises $30M: Terra Security has closed a $30 million Series A round led by Felicis with participation from Dell Technology Capital and SVCI, bringing total funding to $38 million. The Tel Aviv–based startup is building an AI-powered penetration testing platform that shifts from point-in-time assessments to continuous, agentic-AI testing aligned with real attacker tactics. With the new funding, Terra will expand into AI-based red teaming, accelerate product development, and grow adoption among large enterprises.

SEON raises $80M Series C: SEON has secured $80 million in Series C funding led by Sixth Street Growth, with participation from IVP, Creandum, Firebolt, Hearst, and others, bringing total funding to $187 million. The company will use the capital to expand globally, strengthen its presence in North America, APAC, and Latin America, and accelerate AI-powered fraud prevention and AML innovation.

Platform Integrations

Stellar Cyber, NetFoundry Integration: Stellar Cyber and NetFoundry have partnered to unify security operations with zero trust networking. The integration brings Stellar Cyber’s open SecOps platform together with NetFoundry’s identity-based networking, shifting control from IP addresses to user and device identities. For MSSPs, the partnership enables bundled services that combine AI-driven detection with secure access, while advancing interoperability through the Open Cybersecurity Alliance.

Stamus, SentinelOne Extend Partnership: Stamus Networks and SentinelOne have expanded their collaboration by integrating Stamus’ Clear NDR with SentinelOne’s AI-native Singularity platform. The move positions high-fidelity network intelligence as a core input for AI-driven detection and response, helping reduce false positives and accelerate threat identification. By combining Clear NDR’s behavioral context with SentinelOne’s endpoint, identity, and cloud telemetry, the integration delivers a fuller attack narrative and unified visibility for enterprises and MSSPs building AI-first security operations.

Cohesity, Semperis Identity Resilience: Cohesity and Semperis have launched Cohesity Identity Resilience, a platform designed to protect and recover hybrid identity systems across on-premises Active Directory and Microsoft Entra ID. The joint solution combines Semperis’ disaster recovery and identity forensics with the Cohesity Data Cloud, enabling enterprises and MSSPs to secure, restore, and validate identity infrastructure without adding operational complexity. By treating identity as critical infrastructure, the platform reduces downtime, cuts risk of re-infection, and ensures resilient recovery across the entire attack lifecycle.

Dataminr, Genetec Integration: Dataminr and Genetec have partnered to merge AI-powered real-time event intelligence with physical security operations inside Genetec Security Center. The integration feeds Dataminr alerts on threats such as active assailants, fires, hazmat, and severe weather directly into Genetec’s platform, where they can be correlated with internal security controls and trigger automated workflows. For enterprises and MSSPs, the collaboration reduces noise, eliminates silos, and enables faster, more proactive responses across both cyber and physical environments.

Centroid adopts Stellar Cyber's SecOps Platform: Centroid Systems is expanding into managed security services by adopting Stellar Cyber’s SecOps platform to protect Oracle Cloud Infrastructure (OCI) users. The partnership allows Centroid to deliver SIEM, NDR, SOAR, UEBA, and other AI-driven security capabilities as part of its OCI cloud services portfolio. With cloud adoption rising and threats like misconfigurations, credential abuse, and API exploits on the rise, Centroid is positioning itself as an MSSP for enterprises seeking stronger cloud security. By embedding Stellar Cyber’s Open XDR features, the company can help customers close visibility gaps, streamline detection and response, and scale protection across multi-cloud environments. This move reflects the growing role of MSSPs in securing generative AI–enabled and cloud-first enterprises that need 24x7 monitoring without added complexity.




Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds