There is a clear confidence gap -
Absolute Security's latest research report reveals that 58% of security leaders say they would consider paying a ransom in the event of a ransomware attack. This means that companies do not believe their recovery will be fast enough or clean enough to avoid paying. Paying is the backup plan when you do not trust the primary plan.
This is worse for SMBs.That is an MSSP issue because recovery is what MSSPs are hired to handle. Detection, response, containment, and getting the business back online. If more than half of buyers are mentally pricing in a ransom payment, they are telling you their security provider has not given them confidence in the recovery side of the deal. It is a signal that the operational promise MSSPs make, that we will get you through this, is not landing for a majority of the market. Every AI tool, automation pitch, and platform upgrade an MSSP sells should be answering that doubt directly. If it does not shorten recovery or make the outcome more predictable, the buyer is going to keep the ransom option on the table.
At the same time, AI is no longer an industry theme - this is turning into a very practical managed security operations issue. Attackers are using automation to move faster, SOC teams are still buried in alerts, and customers are asking harder questions about what they are actually getting from their security providers. For MSSPs, now is the time to move beyond just offering AI-enabled tools. Customers want to know whether those tools "actually" shorten investigation time, speed containment, and get them back to business faster. The market is rewarding providers that make security operations easier to prove and easier for customers to justify.
Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts
Palo Alto Networks Introduces Idira:
Palo Alto Networks has introduced Idira, a new identity security platform designed to extend privileged access controls across human, machine, and agentic identities. Idira uses AI-driven visibility, zero standing privilege, just-in-time enforcement, and automated governance to help organizations manage identity risk as AI adoption expands enterprise access paths. For existing CyberArk SaaS customers, the launch brings discovery and user experience improvements, with additional options for zero standing privilege, machine identity and agentic identity protections depending on license type.
ThreatDown Launches Identity Threat Detection: T
hreatDown has launched Identity Threat Detection and Response, a new product designed to help security teams detect suspicious identity activity, misconfigurations and credential-based attacks across Microsoft Entra ID, Okta and Active Directory. The product is natively integrated with ThreatDown’s EDR and MDR platform, giving teams correlated endpoint-to-identity visibility, guided response and identity posture hardening without adding another agent or console. The company also introduced Ultimate MDR Plus, a bundled offering that combines ITDR, MDR Plus and Premium Support in a single SKU
SailPoint has launched Agentic Fabric: SailPoint has launched Agentic Fabric, a new identity security solution designed to help enterprises govern AI agents and other non-human identities as they spread across cloud environments, applications and endpoints. The platform extends SailPoint’s identity security model beyond human users by mapping AI agents to human owners, access rights, activity and the systems they touch. SailPoint is also introducing Agentic Business and Agentic Business Plus packages, along with a free Discovery Tool trial for new and existing IdentityIQ and Identity Security Cloud customers.
Frame Security has launched out of stealth with $50 million:
Frame Security has launched out of stealth with $50 million in funding led by Team8, Index Ventures, and Picture Capital, with participation from Elad Gil, Cerca Partners, and Tesonet. The company is positioning itself around “human security,” with an AI-driven platform for personalized security awareness training, phishing and deepfake simulations, human risk scoring, and phishing triage. The launch comes as AI makes social engineering easier to scale across email, Slack, SMS, phone, and video, putting more pressure on security teams to move beyond generic awareness programs.
Exaforce has raised $125 million in Series B: Exaforce has raised $125 million in Series B funding to expand its AI-native security operations platform, bringing its total funding to $200 million. The company’s platform uses a real-time security knowledge graph and AI agents, called Exabots, to help security teams detect, triage, investigate and respond to threats faster. Exaforce said the new funding will support platform development, including multi-model AI and real-time reasoning, along with global expansion in regions such as Japan and Europe. For MSSPs and enterprise security teams, the announcement reflects the continued shift toward AI-native SOC operations, where live context, faster investigations and MDR oversight are becoming central to how providers scale detection and response.
Have news to share or just want to connect? Reach anytime at [email protected].