July 2025 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

48 transactions
tracked across cybersecurity vendors in July 2025
$1.17B
in disclosed funding capital
41 funding rounds
— of which 28 were Seed or Series A
7 acquisitions — anchored by Palo Alto Networks' $25B deal for CyberArk

Get the full July 2025 dataset — every named company, round, investor, and segment.

What July told us

July 2025 delivered the second cybersecurity megadeal of the year: Palo Alto Networks' $25 billion acquisition of CyberArk. Coming four months after Google's $32B Wiz purchase, the deal removes the largest standalone privileged access platform from the public market and pulls identity security — the most-cited 'last line of defense' in the post-zero-trust era — inside the largest cybersecurity platform on earth. Together with the Wiz deal, the two transactions reframe 2025 as the year cybersecurity stopped being a venture-funded category and became a hyperscaler-and-platform asset class.

Private funding kept pace beneath the headline. $1.17B in disclosed capital cleared across 41 rounds, with the seed-and-Series-A share rising back to 68% — the venture market continues to build the next wave even as the previous wave exits. GRC led segment counts with 8 transactions — the strongest GRC month of the year so far and a clean fit with Vanta's $150M Series D+ being the month's largest pure-venture round. Vulnerability followed at 6, with Data, Threat Intel, Fraud, and Automation tied at 3 each.

Beyond the megadeal, six other acquisitions cleared, including Axonius' $180M acquisition of Cynerio in IoT — a quiet but structurally important consolidation of healthcare device security under a broader asset-management platform. The combined July M&A picture: a top-of-market consolidation transaction at $25B and a healthier-than-average mid-market consolidation cadence beneath it.

Stage and segment breakdown

July 2025 Stage & Segment Breakdown
July 2025 Stage & Segment Breakdown
StageCount
Seed18
Series A10
Series B3
Series C4
Series D+2
Growth Funding4
Acquisition7
Top segmentsTransactions
GRC8
Vulnerability6
Data3
Threat Intel3
Fraud3
Automation3

Two deals worth your attention

Palo Alto Networks' $25B acquisition of CyberArk. Palo Alto Networks announced its acquisition of CyberArk for approximately $25 billion in cash and stock — the largest pure-cybersecurity acquisition ever, and the second cyber megadeal of 2025 (after Google/Wiz). CyberArk had been the standalone leader in privileged access management since its 2014 IPO, and the deal pulls identity-as-control-plane fully inside Palo Alto's portfolio alongside Prisma Cloud, Cortex, and the company's other suites. For investors and operators, the structural read is unambiguous: identity is the perimeter, and the perimeter is no longer a category that supports a standalone public-company platform.

Vanta Security — $150M Series D+ led by Wellington Management. Vanta closed a $150M Series D+ led by Wellington Management. This is Vanta's fourth appearance in this series since 2021 and pushes the company's total disclosed capital to roughly $390M across its four rounds. The round formalizes Vanta's position as the category leader in continuous-compliance automation and signals the GRC segment has reached platform-business scale.

Companies we've covered before

Vanta Security first appeared in May 2021 with a $50M Series A in GRC. Across four appearances since, the company has accumulated roughly $390M in disclosed capital — the deepest-funded vendor in the continuous-compliance category.

Cynerio first appeared in May 2021 with a $30M Series B in IoT security focused on connected medical devices. Four years later, the company exits to Axonius for $180M — a clean platform-consolidation arc inside healthcare IoT.

The other 46 transactions are in the data feed — including the 7 acquisitions whose values never hit the press. Get July's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2025-08-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.