This week’s deals and product updates make one thing obvious: the MSSP market is shifting. Speed is becoming the real measure of value, identity has moved to the center of every security conversation, and providers are tired of juggling disconnected tools. Most of what surfaced this week landed somewhere in that mix - faster detection, tighter access controls, and a push toward platforms that bring everything into one place.
You can also see a pattern in how vendors are approaching AI. No one’s trying to rip out SIEM or XDR. Instead, there is layering of AI on top of the stack to handle the work that slows analysts down. That puts MSSPs in a practical spot: it’s time to figure out which AI “co-pilot” makes the most sense for their SOC. This points to a clear direction - managed security is getting faster, more identity-driven, and a lot more unified, and providers will need to adjust their bets accordingly.
Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts
Palo Alto Networks moves into unified observability with Chronosphere acquisition:
Palo Alto Networks plans to buy Chronosphere for $3.35 billion, aiming to tie observability and security more closely together for companies running large AI workloads. Chronosphere brings a system built to handle huge amounts of data and keep modern applications running smoothly, while Palo Alto’s AgentiX platform adds the ability for AI agents to spot issues, investigate what went wrong, and fix problems automatically. This deal will offer customers one platform that gives deeper visibility, lower data costs, and faster, automated responses across both performance and security events.
Safe acquires Balbix: SAFE’s move to acquire Balbix brings two parallel tracks of the cyber risk world together: exposure management and risk quantification. It closes the long-standing gap between security operations and risk teams by linking day-to-day exposures to actual financial and operational impact. For CISOs, this creates one living view of risk they can act on, plan against, and monitor as it shifts. With Balbix’s AI-native exposure engine and SAFE’s quantification model under one roof, the two companies set the stage for more autonomous, agent-driven cyber risk management, and a clearer path to measurable risk reduction.
Huntress acquires Inside Agent: Huntress acquired Inside Agent to strengthen its identity security tools and give MSPs better visibility into weak permissions, risky accounts, and Microsoft 365 gaps. The deal supports Huntress’ upcoming ISPM product, which focuses on catching identity issues before attackers take advantage of them. At the same time, Huntress is making its services easier for MSPs to buy and manage through Sherweb, removing billing headaches and meeting partners where they already work.
Redsquid expands MSSP capabilities with Cyberseer acquisition:
Redsquid added UK-based Cyberseer, gaining a proprietary SOC automation engine and deeper MDR capabilities. The deal fits a pattern across the sector - MSPs evolving into MSSPs by absorbing threat-focused teams and building service architectures with standardized tooling and round-the-clock coverage.
Cork broadens its risk intelligence platform for MSPs and MSSPs:
Cork’s rebrand and expansion show a deeper push into cyber-risk analytics. Its Vantage platform pulls telemetry from multiple tools to produce a single risk view for clients, helping service providers connect technical signals to business-level insights.
Runlayer raises $11M seed for AI operations security:
Runlayer emerged from stealth with funding to build a control plane for securing enterprise AI workflows. The platform focuses on managing data access, agent permissions, and operational oversight as businesses adopt reasoning models. For MSSPs, it signals growing demand for AI-aligned controls that sit above traditional endpoint or network layers.
Doppel lands $70M to fight AI-driven impersonation and social engineering:
Doppel’s latest round backs its expansion into identity-centric threat defense. As AI tools make impersonation and phishing harder to spot, MSSPs are being pushed to invest in controls that understand user behavior, brand misuse, and high-risk identity anomalies across email, social channels, and public-facing assets.
Radware introduces LLM Firewall for GenAI security:
Radware’s new control layer screens prompts and enforces usage policies for enterprise-grade AI systems. For MSSPs, this creates a packaged way to help clients adopt generative AI without introducing unmonitored risk, a concern that’s grown quickly as models become more embedded in business workflows.
Black Kite launches BK-GA³ for AI risk governance:
Black Kite released a framework to help providers assess AI vendor risk across overlapping global standards. It’s part of a broader trend: customers want clearer guidance on whether their AI supply chain is introducing risk, and MSSPs are being asked to translate fragmented regulations into actionable recommendations.
Have news to share or just want to connect? Reach us anytime at [email protected] or [email protected].
