Cyber Street Journal
Cyber Street Journal is where cybersecurity meets Wall Street. Hosted by Mike Housch, this show dives into the business side of cyber — covering mergers and acquisitions, funding rounds, startup spotlights, and the financial forces shaping the security industry. If you want to understand not just the hacks, but the money behind the headlines, this is your insider journal.
Cyber Street Journal
Cyber Street Journal Episode 1 (9/29/2025)
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Cyber Street Journal is where cybersecurity meets Wall Street. Hosted by Mike Housch, this show dives into the business side of cyber — covering mergers and acquisitions, funding rounds, startup spotlights, and the financial forces shaping the security industry. If you want to understand not just the hacks, but the money behind the headlines, this is your insider journal.
Alright, settle in, you digital dwellers, because this ain't your grandma's tech news. This is the Cyber Street Journal, and I'm your host, Mike Housch, cutting through the noise to bring you the raw, unfiltered truth from the digital trenches. We're talking real threats, real money, and the relentless evolution of the cyber battleground. It's September 2025, and if you think the game's slowed down, you're already dead.
Let's get straight to it. AI isn't just transforming industries; it's reshaping the entire damn attack surface. And companies, bless their hearts, are pouring cash into shoring up their defenses – or sharpening their spears. We’ve seen a flurry of activity this month alone.
First up, the big players are making moves. Cato Networks just snagged Aim Security in its debut acquisition for an undisclosed fee. Cato, a SASE vendor, is integrating Aim’s AI protection capabilities right into their SASE Cloud Platform. Why? Because, as Cato Networks' CEO, Shlomo Kramer, put it, "AI transformation will eclipse digital transformation as the main force that will shape enterprises over the next decade". Aim’s tech secures everything from employee use of public AI apps like Microsoft Copilot to private AI applications and even the AI development lifecycle itself. They’re locking down AI agents and preventing runtime attacks, enforcing corporate policies across the board. Basically, if you're deploying AI, you need an adult in the room, and Aim Security aims to be that adult, now under the Cato banner.
Not to be outdone, F5, the application delivery and security giant, just announced plans to acquire CalypsoAI for a cool $180 million. CalypsoAI is all about securing AI at inference – that's when the AI is live and operational. Their platform uses "agentic red teaming" – basically, AI attacking AI to find weaknesses – and deploys real-time defenses against things like prompt injection and jailbreaks. They're also designed to detect and prevent sensitive data leakage from AI systems. F5's integrating these capabilities into their Application Delivery and Security Platform because, let's face it, enterprises are rushing into AI and they need to reduce the risk of data leaks or compliance failures. It's about delivering innovation faster without increasing risk.
And the startups? They're still raking it in. Take Aurva, which emerged from stealth with $2.2 million in seed funding. They're offering a unified platform for access monitoring and AI observability, providing identity-centric runtime monitoring for modern enterprises. What does that mean? It means they're securing AI-driven data access in real time, because traditional tools can't keep up with how AI systems gobble up sensitive data. They're using eBPF for low-overhead, real-time monitoring, a game-changer for detecting overprivileged access and unauthorized AI usage. They’re already monitoring billions of transactions daily for a large financial institution and tracking thousands of AI apps for a major e-commerce provider. This ain't small-time stuff.
Then there’s Geordie, also fresh out of stealth with $6.5 million in funding. Their platform gives enterprises "deep visibility into AI agents and what they are doing". Why is this critical? Because AI agents perform tasks autonomously, often with elevated privileges and access to crucial data, making them prime targets for threat actors. Geordie helps organizations securely deploy these agents by tracking every single one and alerting customers to unexpected behavior in real-time. It's all about ensuring you don't have to choose between innovation and security.
Now, let's talk about the sharp end of the stick. The AI race in cybersecurity isn’t coming, it’s here, and attackers are already using AI to move faster than human defenders. So, what are the good guys doing?
FireCompass just scored $20 million in funding for its AI-powered automated penetration testing platform. Their offensive security platform uses thousands of attack playbooks to run real-world attacks in safe environments, identifying exploitable risks. Co-founder and CEO Bikash Barai says their platform "thinks and acts like a real attacker—chaining vulnerabilities, moving laterally, and validating risks continuously at machine scale. It outpaces humans by orders of magnitude". That's machine-scale red teaming, folks, and it’s aligned with the MITRE ATT&CK framework. The only way to fight fire is with bigger, smarter fire.
On the defensive front, AegisAI launched with $13 million in seed funding for its AI-native email security platform. Modern email threats are using AI to craft lures that look more real than ever, bypassing old-school filters. AegisAI deploys a network of real-time AI agents to autonomously inspect, analyze, and neutralize threats, eliminating the need for static rules and complex playbooks. These agents learn from real-world behavior, providing fast detection and remediation, and they can reduce false positives by 90% compared to traditional solutions. It’s about creating better security outcomes, not just more alerts.
And then there's the problem of credentials, the very keys to the kingdom. Hush Security just emerged from stealth with $11 million to eliminate credential threats with a "no-secrets" platform. They're replacing vaults and secrets managers with just-in-time policies, aiming to eliminate credentials entirely. As Hush CEO Micha Rave puts it, "Vaults were built for an era where environments changed slowly and AI was not part of the equation. That era is over. AI agents, ephemeral workloads, and automation have changed the game, and the vault model can’t keep up.". Instead of static keys, their system defines policies within the software code itself, determining who or what gets access based on dynamic attributes and conditions. It's a fundamental shift, acknowledging that credential-based threats disappear when there are no credentials to steal.
And for those still struggling with perimeter defenses in a world of remote work and Gen-AI tools, Red Access raised $17 million for its agentless security platform. Their unified platform protects browsers, applications, and enterprise assets from cyber threats, extending core Secure Access Service Edge (SSE) capabilities. It’s designed for one-click deployment, easy management, full visibility, and total control, especially for remote workers on untrusted networks. Because the old castle-and-moat strategy? That ship sailed, capsized, and sank a long time ago.
Look, the old ways are dying. The sheer volume and sophistication of attacks, fueled by AI, demand new thinking, new tools, and new speed. You can't just throw bodies at the problem anymore.
That's where innovation like Sola Security comes in. They just closed a $35 million Series A round to bring no-code app building to cybersecurity teams. Imagine security teams designing and deploying custom apps in minutes, without heavy engineering, tackling tool sprawl head-on. Their AI-powered platform lets over 2,000 users create more than 1,000 custom security apps in just six months. This is about empowering security teams to build what they need, when they need it, in a rapidly changing landscape.
And if you want to understand your enemy, you need intelligence. Tidal Cyber raised $10 million for its CTI and adversary behavior platform. Co-founded by former MITRE experts, they're all about threat-informed defense, automating detection and response by operationalizing MITRE ATT&CK. They map adversary tactics, techniques, and procedures – the TTPs – and provide procedural-level insights to tailor security strategies around specific adversary groups and their behavior. They even calculate residual risks and the effectiveness of your existing security stack against real-world attacks. It's about moving beyond assumptions and checkbox compliance, putting "real adversary behavior at the center of defense".
The message is clear, folks: The cyber war is escalating, and AI is both the weapon and the shield. From real-time data security to automated red teaming and eliminating credentials, the landscape is shifting at breakneck speed. Keep your eyes open, your systems patched, and your guard up. Because on the Cyber Street, ignorance isn't bliss – it's just another vulnerability waiting to be exploited.
That's it for this edition of the Cyber Street Journal. I’m Mike Housch. Stay safe out there. Or at least, try to.