This week’s market activity makes one thing clear for MSSPs: identity and AI are becoming the new control planes for managed security. As enterprises give AI agents real access to systems and data, moves like ServiceNow’s planned acquisition of Veza signal how central identity governance is becoming to day-to-day security operations. At the same time, vendors are pushing security earlier in the attack lifecycle, with Arctic Wolf prioritizing ransomware prevention over post-incident response. Offensive security is also adapting, as Bugcrowd blends AI-driven testing with human expertise to keep pace with modern application complexity. Backed by significant funding for agent-led SOC platforms like 7AI and early investment in AI governance startups like Lumia, the message is hard to miss: MSSPs will be expected to deliver faster prevention, tighter AI oversight, and greater scale without adding headcount.
Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts
ServiceNow plans to acquire Veza. ServiceNow plans to acquire Veza to deepen its push into identity security. The deal brings clearer visibility into who and what can access data, systems, applications, and AI agents across an organization. Veza’s access graph maps permissions for human, machine, and AI identities, helping teams enforce least-privilege access. Once integrated, this identity insight will flow into ServiceNow’s AI Control Tower and security workflows, adding much-needed context to incident response, vulnerability management, and risk decisions, especially as enterprises start managing autonomous AI at scale.
Arctic Wolf acquires UpSight Security. Arctic Wolf is enhancing its Aurora Endpoint Security offering through the acquisition of UpSight Security, with a focus on adding AI-driven ransomware prevention and rollback capabilities. The deal adds AI-driven ransomware prevention and rollback to the Aurora Endpoint Security platform, using on-device models to stop attacks before encryption or data theft occurs. It also enables faster isolation of infected systems and recovery through rollback. The move reflects a broader shift toward prevention, as ransomware attacks continue to move faster than traditional detection can keep up.
Bugcrowd acquires Mayhem Security. Bugcrowd has acquired Mayhem Security to combine AI-driven offensive security with human-led testing in a single, continuous platform. The deal brings automated vulnerability discovery into Bugcrowd’s crowdsourced model, helping teams find issues earlier in development while keeping real-world testing in production. By combining machine-scale automation with human expertise, Bugcrowd is aiming to reduce noise and keep up with the growing complexity of modern applications, APIs, and supply chains.
7AI raises Series A funding. 7AI has raised a $130 million Series A round, the largest in cybersecurity to date, as enterprises move quickly to adopt agentic AI for security operations. The funding comes less than a year after the company emerged from stealth and follows rapid customer traction, with its AI security agents already handling millions of alerts and investigations autonomously while cutting response times from hours to minutes and eliminating most false positives. Positioned around what it calls an “agentic security inflection point,” 7AI is betting that AI agents can do the bulk of investigation and triage work inside the SOC, freeing human analysts for higher-value tasks and allowing organizations to rethink traditional SIEM- and labor-heavy security models at scale.
Lumia raises $18 million seed round. Lumia has raised $18 million seed round to address a growing security gap created by the rapid adoption of autonomous AI agents in the workplace. The company’s platform is designed to give enterprises real-time visibility and control over how employees, applications, and digital agents interact with sensitive systems and data, without disrupting workflows. Led by Team8, the funding will support product expansion into regulated industries and deeper integrations across major technology stacks, as organizations move from experimenting with AI tools to relying on them at scale and need stronger governance, accountability, and oversight built for agent-driven environments.
Intezar launches Forensic AI SOC Platform. Intezer has launched its Forensic AI SOC platform to help enterprises and MSSPs deal with alert overload, talent shortages, and increasingly AI-driven threats. Instead of relying only on chat-style AI, it combines AI agents with forensic tools like endpoint analysis, reverse engineering, and sandboxing to automate investigations. Most alerts are handled automatically, with only a small number passed to human analysts, cutting triage down to minutes. The pitch is simple: better accuracy and scale without adding headcount, a pressure point many MSSPs are feeling right now.
Have news to share or just want to connect? Reach us anytime at [email protected] or [email protected].
