February 2025 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

33 transactions
tracked across cybersecurity vendors in February 2025
$792M
in disclosed funding capital
29 funding rounds
— of which 16 were Seed or Series A
4 acquisitions — 2 with disclosed values totaling $415M

Get the full February 2025 dataset — every named company, round, investor, and segment.

What February told us

February 2025 saw disclosed funding nearly double January's total to $792M across 33 transactions — and the entire jump came from late-stage growth checks, not deal volume. Funding round count held steady at 29 and the Seed/Series A share dropped to 55% from 66% the prior month, signaling that the rationing of growth capital observed in January was already loosening for vendors with category-leading positions.

Three rounds did most of the lifting. Tines closed a $125M Series C led by Goldman Sachs in security automation. Dream Security raised a $100M Series B in Detection/Response — only its second appearance in the series after a $34M Seed in late 2023. Semgrep added a $100M Series D in AppSec. Combined, those three rounds account for 41% of the month's disclosed capital, which is roughly the pattern that has held since mid-2023: the top three deals usually carry the headline number, and what changes month-to-month is whether the next ten rounds back them up or not.

Detection/Response and Vulnerability tied for top segment at 4 transactions each, with Identity and Training (3 each) close behind. M&A was thinner — only 4 acquisitions cleared — but the two disclosed values were structurally meaningful. Drata's $250M acquisition of SafeBase fuses GRC automation with the trust-center / customer-facing security review surface; CyberArk's $165M acquisition of Zilla Security pulls identity governance into the privileged access platform. Both are platform-extension deals, both happen at scale, and both reinforce the consolidation theme that defined late 2024.

Stage and segment breakdown

February 2025 Stage & Segment Breakdown
February 2025 Stage & Segment Breakdown
StageCount
Seed9
Series A7
Series B4
Series C2
Series D+2
Growth Funding3
Debt1
Merger1
Acquisition4
Top segmentsTransactions
Detection/Response4
Vulnerability4
Identity3
Training3
GRC2
Automation2

Two deals worth your attention

Tines — $125M Series C led by Goldman Sachs. Tines' security workflow automation platform crosses into its fourth appearance in this series (after rounds in 2021, 2022, and 2024). The Goldman lead gives Tines the balance sheet to push into agentic automation as the SOC tooling category absorbs LLM-driven workflows.

Drata's $250M acquisition of SafeBase. Drata, the GRC automation platform, pays $250M for SafeBase's trust center and customer security review automation — combining the back-office compliance workflow with the customer-facing security artifact distribution. It's the largest disclosed GRC-adjacent consolidation event we've tracked since the segment took off in 2021.

Companies we've covered before

SafeBase first appeared in March 2022 with an $18M Series A in Ratings. Three years later, it exits to Drata for $250M — the largest disclosed customer-trust / vendor risk consolidation event in the series.

Tines first appeared in April 2021 with a $26M Series B and has shown up three times since across Series B, B+, and now C. The current $125M round is more than double its prior largest and signals the automation segment has moved from feature to platform.

The other 31 transactions are in the data feed — including the 4 acquisitions whose values never hit the press. Get February's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2025-03-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.