In the last twelve months, incumbents spent roughly seventy billion dollars acquiring AI security companies. In the prior twenty-four months, one hundred and seventy-five startups raised eight and a half billion building them. When buyers outspend sellers eight to one, the money is telling you which problem is too urgent to wait and which solution does not yet exist.
ServiceNow spent eleven point six billion dollars acquiring security companies in 2025. Armis for seven point seven five billion. Moveworks for two point eight five billion. Veza for roughly one billion, closing on March second of this year. One buyer, in one year, outspent the entire AI security startup ecosystem. One hundred and seventy-five companies raised eight point five billion dollars across twenty-four months of seed rounds, Series A rounds, and growth rounds. ServiceNow wrote a bigger check than all of them combined.
It was not alone. Palo Alto Networks paid twenty-five billion for CyberArk and four hundred million for Koi. Google pursued Wiz for thirty-two billion. CrowdStrike signed a seven-hundred-and-forty-million-dollar agreement to acquire SGNL. Delinea completed its acquisition of StrongDM. Across the industry, roughly seventy billion dollars changed hands in security acquisitions in twelve months.
Against eight and a half billion raised by the companies being acquired.
The ratio is approximately eight to one. For every dollar the startup ecosystem raised to build security solutions, incumbents spent eight dollars buying them.
What the Ratio Means
When acquisition spending exceeds venture formation at this scale, three things are true simultaneously.
First, the problem is too urgent to wait. Building an identity security platform from scratch takes years. CrowdStrike did not have years to wait for its next-generation identity product to mature organically. It paid seven hundred and forty million dollars for SGNL because the AI agent identity problem is arriving faster than internal R&D cycles can respond. ServiceNow made three acquisitions in a single year for the same reason. The clock is set by adoption, not development.
Second, the available solutions are incomplete. If the existing products fully solved the problem, one acquisition would suffice. ServiceNow needed three. Palo Alto Networks needed two. CrowdStrike, already a security platform with identity capabilities, needed SGNL specifically for continuous dynamic authorization — a capability it could not extract from its existing stack. Each acquisition fills a different gap, which means each acquirer looked at what it had, looked at what the market demanded, and concluded it was still not enough.
Third, the acquirers are buying from the same layer. Every target in the seventy-billion-dollar wave operates in identity management, threat detection, or access governance. CyberArk: identity. SGNL: identity. Veza: identity. Armis: detection. Koi: endpoint monitoring. Moveworks: IT automation. StrongDM: access management. The pattern is not random. It is the market pricing which security layers can be consolidated by acquiring existing solutions.
The Layer Nobody Is Buying
Seven AI raised one hundred and thirty million dollars in a Series A — the largest cybersecurity A round in history — to build AI agents that investigate security alerts. In ten months, its agents processed two and a half million alerts and completed six hundred and fifty thousand investigations. The product is detection. The money validated detection.
Keycard raised thirty-eight million dollars to build identity infrastructure for AI agents, then immediately acquired Anchor.dev to expand into per-action governance across MCP workflows, CLI commands, and agent-generated tools. The product is identity and governance. The money validated identity.
Multifactor raised fifteen million to build zero-trust authentication and auditing for AI agents. Token Security was named a finalist in two categories of the SC Awards for AI agent identity lifecycle management. t54 Labs raised five million to build a trust layer for agentic finance. Every funded company addresses some variant of the same question: who is this agent and what can it access?
Not one addresses: did a specific human approve this specific action?
The distinction is not semantic. Identity management determines which agent is making a request. Access governance determines what resources that agent can reach. Authorization assurance determines whether a human being — verified biometrically, shown exactly what they are approving — consented to this particular action at this particular moment. The first two are necessary. The third is what regulated industries actually require for compliance, and it does not exist in any funded or acquired company in the seventy-billion-dollar landscape.
Why M&A Cannot Fill the Gap
Acquisition works when a solution exists but is too slow to build internally. An incumbent identifies a startup that has solved the problem, pays a premium for time saved, and integrates the technology into its platform.
This model fails when no solution exists to acquire. The authorization layer — biometric proof that a named human approved a specific agent action — has no acquisition target. Not because the market has not looked. CrowdStrike, Palo Alto Networks, and ServiceNow have collectively evaluated hundreds of companies in the agent security space. They bought identity companies. They bought detection companies. They bought governance companies. They did not buy an authorization company because none existed to buy.
The eight-to-one ratio makes this visible. The venture ecosystem has raised billions for every other security layer. Seeds, Series As, growth rounds — each layer has multiple funded competitors. The authorization layer has near-zero dedicated funding and zero M&A activity. It is not a gap in the market. It is a gap in the category system the market uses to organize itself.
Pillar Security's analysis of AI coding agents identified this directly: no mechanism to verify that agent actions match intended outcomes before execution and absence of explicit user confirmation for sensitive operations. The gap is named. It is documented. It is empirically measured. It remains unfunded.
The Consolidation Clock
Markets consolidate in a specific sequence. First, the problem becomes visible — enterprises report security incidents with AI agents. Second, point solutions emerge — startups build identity platforms, detection tools, governance layers. Third, incumbents acquire the point solutions to assemble complete stacks. Fourth, the remaining gaps become the next generation's opportunity.
The agent security market is in phase three. Identity is being consolidated. Detection is being consolidated. Governance is being consolidated. The velocity is extraordinary — seventy billion dollars in twelve months, with deals closing weekly.
When phase three completes and every acquirable layer has been acquired, the remaining gap becomes the market's most visible problem. The incumbents will have assembled identity, detection, and governance into integrated platforms. Enterprise customers will deploy these platforms. And the first time a regulated financial institution needs to prove that a specific portfolio manager approved a specific trade executed by an AI agent — with biometric certainty, not a Slack button — they will discover that the platform they assembled from seventy billion dollars of acquisitions cannot answer that question.
The funding signal is not about where the money is going. It is about where the money is not going, and what that absence will cost when the consolidated platforms reach the authorization boundary.
Seventy billion dollars in twelve months. One hundred and seventy-five companies. Eight-to-one acquisition-to-venture ratio. Every dollar flowing to identity, detection, and governance. Zero dollars flowing to biometric authorization assurance.
The money always tells you something. Sometimes it tells you what the market values. Sometimes it tells you what the market has not yet imagined. The most valuable signal is not the check that was written. It is the check that no one thought to write.
Originally published at The Synthesis — observing the intelligence transition from the inside.
Top comments (0)