Cybersecurity’s IPO Pipeline Reopens: Vega’s $120M Raise Shows Where Investor Money Is Moving
Enterprise security teams now face two problems simultaneously: attackers use AI to accelerate operations at scale, and defenders struggle with fragmented telemetry spread across distributed cloud environments. That pressure explains why nine VC-backed cybersecurity startups now sit on PitchBook’s likely IPO list, and why Vega just raised $120 million to challenge the architecture at the center of enterprise security operations.
The Eight Cybersecurity IPO Candidates at a Glance
| Company | Category | HQ | Valuation | IPO Status |
| Snyk | Developer Security | Boston, MA | $7.4B | 97% — IPO candidate |
| Illumio | Zero-Trust Segmentation | Sunnyvale, CA | $2.75B | Confirmed candidate |
| ID.me | Digital Identity | McLean, VA | $2B+ | 93% — IPO candidate |
| Immuta | Data Access Governance | Boston, MA | $1B | 93% — IPO candidate |
| Arctic Wolf | Managed Detection & Response | Eden Prairie, MN | $3.91B | 91% — IPO candidate |
| OneTrust | Privacy & Compliance | Atlanta, GA | $4.5B | 91% — IPO candidate |
| Island | Enterprise Browser | Dallas, TX | $4.8B | 90% — IPO candidate |
| Armis | Cyber Exposure Management | San Francisco, CA | $6.1B | Acquired — $7.75B (ServiceNow, Apr 2026) |
Source: PitchBook VC Exit Predictor, December 2025 / Morningstar, January 2026. Armis acquired by ServiceNow, April 2026. Valuation figures reflect last known disclosed rounds.
Vega’s Funding Round Targets a Costly Security Operations Problem
Vega announced a $120 million Series B in February 2026, led by existing investor Accel, with Cyberstarts, Redpoint, and CRV also participating. The round brought Vega’s total funding to $185 million in under two years. TechCrunch reported the post-money valuation at $700 million, nearly double its prior mark. (Calcalist reported $800 million; Vega’s own press release confirmed only that the round “nearly doubled” its valuation without disclosing an exact figure.)
CEO Shay Sandler and CTO Eli Rozen, both veterans of Israel’s Unit 8200, built Vega around a specific diagnosis: legacy SIEM platforms force enterprises to centralize security telemetry before they can analyze threats. For organizations running workloads across cloud services, data lakes, and distributed infrastructure, that model creates compounding problems. Storage and processing costs escalate with data volume. Security teams must move data before they can investigate incidents. And because full ingestion can be prohibitively expensive, some signals go uncollected, leaving gaps in coverage.
Vega’s alternative is what it calls a Security Analytics Mesh: an architecture that analyzes security data where it already resides, rather than pulling every signal into a central repository first. The company says it has already signed multimillion-dollar contracts with global banks, healthcare organizations, and Fortune 200 companies, and has scaled past 100 employees since its 2024 founding.
Vega is not one of PitchBook’s nine IPO candidates. At Series B with a two-year operating history, it is at least one funding cycle away from that conversation. But its raise illustrates where private-market conviction in cybersecurity now flows: AI-native architectures that reduce the cost and operational friction of running security at enterprise scale.
PitchBook’s IPO Watchlist Puts Cybersecurity’s Late-Stage Pipeline on Notice
PitchBook’s VC Exit Predictor, surfaced through Morningstar in late December 2025, flagged nine VC-backed cybersecurity companies as likely public-market candidates, including Snyk, Illumio, ID.me, Immuta, Arctic Wolf, OneTrust, Armis, and Island.
The probability estimates across the named companies reveal a pipeline with genuine depth. Snyk leads with a 97% IPO probability, a last known valuation of $7.4 billion, and $1.07 billion in capital raised; its December 2022 Series G at that valuation was led by Qatar Investment Authority. ID.me carries a 93% probability at a valuation above $2 billion, following a $340 million financing it closed in September 2025. Immuta holds a 93% probability at a $1 billion last known valuation, with Snowflake Ventures and Intel Capital among its backers. Island sits at 90% with a $4.8 billion valuation after a $250 million Series E in March 2025 brought total outside investment to roughly $730 million. Arctic Wolf holds a 91% probability at a $3.91 billion valuation with $1.15 billion raised. OneTrust also lands at 91%, with a $4.5 billion valuation and $1.12 billion in capital.
The pattern across these companies is the most important detail: none of them leads with “AI-powered security” as a primary pitch. Snyk focuses on developer security in software supply chains. Illumio targets lateral movement inside networks through zero-trust segmentation. ID.me provides digital identity verification for government, healthcare, and financial services. Immuta governs data access across cloud and AI environments. Arctic Wolf delivers managed detection and response for organizations that cannot staff full security operations internally. OneTrust handles privacy, compliance, and governance operations. Island builds enterprise browsers with built-in security controls. Each addresses a specific, operationally painful problem that enterprises cannot defer.
AI-Driven Threats Are Rewriting Enterprise Risk
The investment logic behind this pipeline becomes clearer when set against what enterprise security teams actually face. Google Threat Intelligence Group, reporting in May 2026, documented a shift from early AI experimentation by adversaries toward industrial-scale deployment. Threat actors now use generative models across vulnerability discovery, exploit generation, defense evasion, and autonomous malware operations. Google said it identified, for the first time, a threat actor using a zero-day exploit it believes was developed with AI support.
Verizon’s 2026 Data Breach Investigations Report found that vulnerability exploitation became the most common initial access vector for breaches, reaching 31% of cases in its reporting dataset. IBM’s 2025 Cost of a Data Breach Report set the global average breach cost at $4.4 million and flagged an “AI oversight gap,” warning that ungoverned AI systems carry both higher breach probability and higher remediation cost when breached.
Gartner forecasts global end-user spending on information security will reach $244 billion in 2026 and $322 billion by 2029, at a 10% constant-currency compound annual growth rate. Security budgets have historically resisted discretionary cuts because the consequences of underinvestment are visible, measurable, and expensive. That resilience gives public-market investors a more durable revenue thesis than most software categories can offer.
The IPO Window Is Opening, But the Bar Has Moved
The cybersecurity IPO market already has recent proof points. Netskope raised $908.2 million in its Nasdaq debut in September 2025, with shares rising more than 18% on the first day and the company reaching a value of roughly $8.6 billion at listing, according to Reuters and SecurityWeek. SailPoint returned to public markets in 2025, targeting a valuation of up to $12.57 billion. Rubrik’s 2024 listing arrived before either of those deals and began resetting what investors expected cybersecurity companies to be worth in the public markets.
Cybersecurity startup funding also recovered strongly. Crunchbase reported the sector attracted $18 billion in investment in 2025, up roughly 26% from 2024 and the strongest annual total in three years. Large AI-focused cybersecurity rounds contributed meaningfully to that figure.
None of this makes the public-market path automatic. Investors in 2026 expect demonstrable annual recurring revenue, efficient customer acquisition costs, high gross margins, strong net revenue retention, a credible path to profitability, and durable differentiation against platform competitors including Microsoft, Palo Alto Networks, and CrowdStrike, all of which continue expanding their security portfolios. Companies that clear the full bar will find receptive conditions. Those that cannot will wait, or exit a different way.
Armis Shows Why IPO Candidates May Still Choose M&A
PitchBook flagged Armis as an IPO candidate with a 90% probability, a $6.1 billion last known valuation, and $1.45 billion in capital raised. ServiceNow announced a $7.75 billion all-cash acquisition of Armis on December 23, 2025, one day before PitchBook published its IPO predictions. ServiceNow completed the deal on April 20, 2026, citing Armis’s cyber exposure management capabilities across IT, operational technology, IoT, medical devices, and critical infrastructure as central to its AI-era security and risk strategy.
The Armis outcome demonstrates something worth keeping in view when reading any IPO watchlist: high IPO probability and a strategic acquisition are not mutually exclusive outcomes, they are sequential possibilities. Large platform companies, including Google with its planned $32 billion Wiz acquisition, ServiceNow, Cisco, and others, have shown they will pay at or above IPO-level valuations for the right capabilities. For any of the companies on PitchBook’s list, the deciding factor is not simply whether public markets want them, but whether a strategic buyer arrives first with a number that makes the IPO risk-adjusted return look less compelling.
Cybersecurity’s public-market pipeline is more active than at any point in the past three years, and the companies best positioned to benefit share a common trait: they solve specific, expensive operational problems that enterprises cannot defer regardless of economic conditions. Vega’s $120 million raise confirms that the same logic now drives earlier-stage capital allocation. Whether the nine companies on PitchBook’s list reach public markets or follow Armis through a strategic exit, investors have made one judgment clear: durable security infrastructure commands durable valuations.
The post Cybersecurity’s IPO Race Just Got Real. One Frontrunner Already Sold for $7.75B appeared first on .
Add to favorites
0 Comments