The cyber investor circuit is the running body of newsletters, blogs, market maps, and M&A reports that venture firms, boutique investment banks, and independent analysts publish about the cybersecurity market. There is a lot of it, it is mostly free, and almost none of it is written for you if you run an MSP or MSSP. It is written for the founder raising a Series A, the VC deciding what to fund, and the CISO deciding what to buy. The person who has to decide which security vendors to resell, when to sell the business, and what multiple to expect is an afterthought in nearly every one of these publications.
So this is the circuit read from that chair. I graded each source on one question: does reading it make you money or save you a bad decision, or is it just VCs talking to VCs. The grades below are my operator judgment, not a data output, and I have marked them that way throughout. The facts about each publication (who writes it, how often, what it costs, what it covers) are verified. The letter next to each one is my read on how much it helps an owner, and reasonable people will move a grade up or down depending on their business.
I read the circuit this way because it is the seat I sit in. I moved more than $7bn of transactions across investment banking and private equity, sat on a board through a $300M-plus exit, and now I run growth for MSPs and cyber firms. When I open one of these newsletters I am not looking for a thesis to fund. I am looking for a vendor stability signal, a deal comp, or a demand trend I can act on. That is the filter this whole guide runs through.
| Publication | Behind it | Cadence / cost | Grade | Why it earns the grade |
|---|---|---|---|---|
| Return on Security | Mike Privette (former CISO) | Weekly / free | A | Fastest free read on which vendors just raised or got acquired |
| Altitude Cyber Market Reviews | Dino Boukouris (ex-Momentum Cyber) | Monthly / free | A | The closest thing to a monthly cyber M&A ticker |
| SecurityWeek M&A Roundup | Trade newsroom | Monthly / free | A | Deal-by-deal, journalistic, no bank or broker sales motive |
| Momentum Cyber (Almanac, CYBERscape) | Boutique cyber bank | Annual / free (gated) | A | Best aggregate state-of-the-industry data, read past the packaging |
| Software Analyst (SACR) | Francis Odum | Regular / free tier | A | Clearest narrative on which platforms are consolidating your stack |
| CT Acquisitions MSSP Multiples 2026 | Unsigned, M&A advisory firm | One-off (2026) / free | A, with a caveat | Only source built on MSSP size-band multiples; verify the numbers elsewhere |
| Aventis Advisors MSP Multiples | Filip Drazdou | Evergreen, updated / free core | A | Named-author counterweight to CT Acquisitions on MSP multiples |
| Strategy of Security | Cole Grolmus | Weekly to biweekly / free + paid | B | Best on how the vendors you resell actually make money |
| Venture in Security | Ross Haleliuk | Several posts a month / free + paid | B | Sharp on vendor and channel psychology, but written for founders |
| Latio Pulse | James Berthoty | Several posts a month / free | B | Independent tool selection, practitioner rather than investor angle |
| Pinpoint Cyber Funding Data | Recruiting firm (unbylined) | Quarterly / free + paid | B | Useful cross-check data, but it is a recruiter's lead-gen content |
| Team8 CISO Village Survey | Team8 (unbylined) | Annual / free | B | Strong demand-side signal, but a buyer survey, not investor behavior |
| YL Ventures News & Insights | Cyber-exclusive VC firm | Sporadic / free | C | Real firm, but no recurring publication worth subscribing to today |
The fastest way to track vendor funding and M&A
This is the category that earns a place in your inbox, because it answers the two questions that touch your P&L directly: which vendors just got flush with cash and will push hard on channel deals, and which just got acquired and whose roadmap you should stop trusting.
Return on Security, Mike Privette
Return on Security is Mike Privette's free weekly briefing on the cyber market, and the flagship "Security, Funded" issue was at #251 in early July 2026, so the weekly cadence is years deep. Privette is a former CISO turned market analyst. For an owner, the weekly deal-flow digest is the single fastest way to see funding rounds and acquisitions without wading through press releases; read it for vendor stability signal. Where it falls short for you: it does not cover MSP or MSSP economics, so it tells you a vendor raised a new round, not what that means for your margin on their product. Free, weekly, real practitioner credibility, and the one I would put in your inbox first. Grade A, my operator read.
Altitude Cyber, Dino Boukouris
Altitude Cyber is a strategic advisory firm for cyber founders and boards, and Dino Boukouris publishes a monthly Altitude Cyber Market Review, free, on LinkedIn and the firm's site. His credential matters: he was a Managing Director and co-founder at Momentum Cyber, so he has direct continuity with the bank whose Almanac shows up below. The February 2026 edition alone reported 108 transactions totaling $1.7B in disclosed deal value. This is the closest thing on the whole list to a monthly cyber M&A ticker, deal count and deal value month over month. If you are building toward an exit or just want to know what normal deal velocity looks like in cyber-adjacent services, it is the cleanest free trendline available, from a named dealmaker with a specific track record. Grade A, my operator read.
SecurityWeek, Cybersecurity M&A Roundup
SecurityWeek's monthly M&A roundup is a trade publication's deal-by-deal tracker, running consecutive monthly editions through 2026: 34 deals in January, 42 in February, 38 in March, 33 in April, 26 in May. Free and consistent, it lists every disclosed cyber transaction with buyer, target, and terms where available (CrowdStrike buying SGNL for $740M and Seraphic for $420M, Akamai taking LayerX for around $205M, Google closing Wiz at $32B all show up in 2026). I grade it an A alongside the bank sources precisely because it is not a bank or a recruiter; it is journalism with no transaction pipeline of its own to feed, the most independent source on this list. Use it to spot which strategics and PE firms are buying and at what size, as a read on which vendors are consolidating and as a rough comp set if you ever explore a sale. The private-equity buyers moving through cybersecurity show up here first. Grade A, my operator read.
Pinpoint Search Group, Cyber Funding Data
Pinpoint Search Group is an executive search firm for cyber go-to-market talent, not a bank or a VC, but it publishes a tracked funding dataset: 2,684 transactions and $326B in monitored capital across 54 segments, current through mid-2026, cited by the WSJ, Bloomberg, Fortune, and TechCrunch per the firm. Quarterly industry reports are free; per-deal data sits behind an undisclosed paid tier. Its real value is as a cross-check: when Pinpoint, Altitude Cyber, and Momentum all show the same deal-volume trend, that agreement is a stronger signal than any one alone, and the 54-segment cut is more granular than most. The mark against it, and why it lands a B: it is a recruiting firm's lead-gen content, the reports are unbylined, and most pricing is withheld, a credibility notch below sources where a named principal stands behind the numbers. Grade B, my operator read.
The once-a-year state-of-the-industry reads
These are not inbox subscriptions. They are documents you pull up deliberately, once or twice a year, to sanity-check where the category is heading before a planning cycle or a big vendor decision.
Momentum Cyber (and a correction worth making)
Momentum Cyber calls itself the only investment bank exclusively focused on cybersecurity, and it publishes the annual Cybersecurity Almanac, the CYBERscape ecosystem map (version 4.0), and an annual M&A Update Report; one recent Almanac cited $119B in strategic activity. Free, gated behind a contact form in the usual sell-side-bank fashion. A correction, because I have seen this stated wrong: Momentum Cyber has not been absorbed into Houlihan Lokey. Individual Momentum alumni have joined Houlihan Lokey's technology group, but Momentum remains an independent boutique bank publishing its own reports, while Houlihan Lokey separately runs its own quarterly cybersecurity market updates through its in-house team. Treat those as two distinct, competing report series, not one. The Almanac and CYBERscape are the best whole-industry documents available and pair directly with a cybersecurity market map. Honest caveat: this is written to win enterprise sell-side mandates, so it is enterprise-vendor data, not MSP data. Read the numbers, discount the packaging. Grade A for the underlying data, my operator read.
Team8, CISO Village Survey
Team8 is a venture-creation fund spanning cyber, infrastructure, fintech, and digital health, and it publishes a free annual CISO Village Survey of enterprise security leaders. The 2025 edition surveyed over 110 leaders, found 52 percent reporting budget increases (down from 70 percent the year before), and flagged AI agent security and unpatched critical vulnerabilities as the two live pain points. This is demand-side data, not investor data, and that is exactly why it helps you: it tells you what enterprise CISOs are worried about and spending on, a leading indicator for what your MSSP clients will ask for in twelve months. I pull the same thread in the blind spot buried in the CISO survey data. It lands a B only because it reads buyers, not investors, so it sits slightly off the investor-circuit angle. Grade B, my operator read.
The analysts who explain the vendors you resell
This group does not track deals. It explains how the platforms in your stack actually make money and which ones are about to eat the others. That is competitive intel you can use the next time a client asks whether to consolidate onto one vendor.
Software Analyst Cyber Research (SACR), Francis Odum
Software Analyst Cyber Research is Francis Odum's Substack, built for cyber leaders, operators, and investors, with a following reported at 60,000-plus. Odum is a cyber researcher and advisor to security companies; free tier plus subscription. His 2026 outlook predicted M&A could reach $96B on platform consolidation and PE, and he runs deep public-company analysis (CrowdStrike, Palo Alto, Zscaler, Okta). For an owner, this is the clearest narrative available on which platforms are consolidating the market you resell into, directly useful when you decide which two or three vendors to standardize your stack around instead of chasing every point solution. Large, credible following, real relevance to a decision you actually have to make. Grade A, my operator read.
Strategy of Security, Cole Grolmus
Strategy of Security is Cole Grolmus's research platform, tagline "research, analysis, and market intelligence you can take action on," with recent pieces on 1Password, DTEX, and SailPoint suggesting a steady weekly-to-biweekly rhythm. Free articles with a paid tier. The public-company deep dives are the best available primer on how the platforms you sell make money and where they are vulnerable, genuinely useful when a client is weighing vendor consolidation. It lands a B for one reason: it is written for investors evaluating these companies as assets, not for MSPs evaluating them as products to resell, so the business-model insight is yours to translate to your own selling motion. Still the best single source here for understanding vendor economics. Grade B, my operator read.
Venture in Security, Ross Haleliuk
Venture in Security is Ross Haleliuk's long-form essay newsletter on cyber entrepreneurship, GTM, and venture strategy (note the bare domain; the www version does not resolve). Haleliuk is also active in angel investing; free with an optional paid tier, several posts a month. This is where you learn how vendors think about their own channel and buyer psychology, useful when you are negotiating with the vendors you resell, and a good early read on which product categories are about to get crowded (a signal for what not to build a service line around). The reason it is a B: it is written for founders and investors deciding what to build and fund, not for MSPs deciding what to resell or when to sell. Sharp thinking, and the translation to your business is on you. Grade B, my operator read.
Latio Pulse, James Berthoty
Latio Pulse is James Berthoty's newsletter with a companion cloud security tool-comparison resource. Berthoty is a security engineer turned analyst, over 4,000 subscribers, and he states plainly that the work is not pay-to-play and not vendor-sponsored; free, several posts a month. I include it honestly off-angle: it is not an investor-circuit source but a practitioner's independent tool-selection resource, useful for choosing what to deploy for clients rather than for reading deal flow. The trust level is high precisely because there is no sponsorship behind it, so if you read one practitioner source alongside the investor material, make it this. Grade B, my operator read, doing a different job than the rest of this list.
The only reports built for MSP and MSSP economics
Everything above is written about enterprise cyber vendors, their investors, or their buyers. These two are the exception: they are built around the size of business you actually run, and they are the documents to open when you are thinking about a sale. Read both, because they come from different data and disagree slightly, and that gap is itself useful.
CT Acquisitions, MSSP Multiples 2026
CT Acquisitions is an M&A advisory firm on a buyer-paid model, and its MSSP and Cybersecurity Services M&A Multiples Report 2026 is the only source on this list built around MSSP size-band multiples rather than enterprise vendors. It breaks multiples out by revenue band (sub-$1M through $25M-plus) and sub-segment (pure-play MSSP, MDR/XDR, SOC-as-a-service, compliance, pen-testing, vCISO, MSP-plus-security, PE platforms), names 18 valuation drivers, and cites MSSP Alert, CyberRisk Alliance, and Service Leadership Index data. Free, dated July 2026. Two honest caveats: these are advisory-firm synthesis estimates, not audited transaction data, so treat the multiples as a directional benchmark; and the piece is unsigned, from a firm that earns fees on the same transactions it benchmarks, so it has a built-in interest in the numbers. Neither makes it useless. It is the most directly useful document on this list for an owner thinking about a sale, and I lean on the same size-band logic in the anatomy of the median MSP deal and the cyber-insurance valuation floor. Read it, then verify the numbers against the next entry before you put them in front of a banker. Grade A for MSP relevance, with a disclosed conflict-of-interest caveat, my operator read.
Aventis Advisors, MSP Valuation Multiples
Aventis Advisors is a tech-focused M&A firm, and Filip Drazdou, a director there, is the named author on its MSP valuation analysis (published January 2025, referencing H2 2024 data). The core article is free; the full report is gated behind a form. It puts the median private MSP transaction at 8.9x EV/EBITDA on a $38.5M median deal size, plots a size-based discount curve (sub-$5M MSPs around 5.0x, $500M-plus firms around 11.2x), and sizes the market at $312B in 2023 heading toward $658B by 2030. This is the best counterweight to CT Acquisitions: a named author, a different data source, and a discount curve you can plot your own business against directly. Use the two together. They disagree slightly at the low end, and that disagreement tells you how much uncertainty sits in any single multiple you are quoted. When you are ready to think about the sale process itself, the MSP exit lifecycle lays out the stages. Grade A, my operator read.
The ones that do not earn a subscription
Some names carry real weight in the market but do not run a publication worth your time in 2026. I am naming them so you do not go looking, and so you know they were checked rather than missed.
YL Ventures
YL Ventures is a cyber-exclusive VC with $800M under management and offices in Silicon Valley and Tel Aviv. Real firm, real credibility. But its News & Insights section has no dedicated newsletter, podcast, or structured content program; what is there is portfolio-company announcements and the occasional thought piece on no fixed rhythm. Worth a one-time read of the portfolio page to see which categories they are betting on (their bets tend to surface as products you get pitched twelve to eighteen months later), but nothing ongoing to subscribe to. I include it mainly to correct the premise that YL runs an active CISO-circuit publication; the 2026 evidence does not support that. For firms worth watching by deal activity rather than content, the most active cybersecurity VCs and the operator-turned-VC crowd are the better maps. Grade C, my operator read.
Cyberstarts and NightDragon come up on every list of cyber VCs, but as of July 2026 neither runs a recurring, analysis-grade publication: their sites carry portfolio pages and announcements, not a read worth subscribing to.
How often to actually check any of this
The failure mode is subscribing to all of them and reading none. Here is the cadence I would run. Weekly: Return on Security, five minutes, for the funding-and-M&A pulse. Monthly: the Altitude Cyber Market Review and SecurityWeek's roundup, for the trendline and the deal-by-deal detail. Everything else is pull, not push. Open Momentum's Almanac and CYBERscape, Team8's CISO Village Survey, and the two MSP-multiples reports when you are actually planning an exit or a major vendor decision.
The through-line is the same across the whole list: almost none of it is written for you, so all of it is a translation exercise, except the two valuation reports that are MSSP-specific by design. The pieces I have written from this same operator chair, on the median MSP deal, the exit lifecycle, and the insurance-driven valuation floor, are where I do that translation in full. If you run an MSP or MSSP and want a second read on where your business sits against these numbers before you talk to a buyer, that is the work I do, and you can reach me through the site.
Frequently asked questions
SecurityWeek's monthly Cybersecurity M&A Roundup. It is deal-by-deal, free, monthly, and independent of any bank or broker's own transaction pipeline, which makes it the most neutral source on the circuit. Return on Security is the fastest weekly read for funding rounds, and Altitude Cyber's monthly review is the cleanest deal-volume trendline, but for a plain, complete list of who bought whom at what size, SecurityWeek is the one to start with.
No. Momentum Cyber remains an independent cybersecurity-focused investment bank publishing its own Cybersecurity Almanac, CYBERscape map, and M&A reports. Some individual Momentum Cyber alumni have since joined Houlihan Lokey's technology group, and Houlihan Lokey separately publishes its own quarterly cybersecurity market updates through its in-house team, but the two firms and their report series are distinct as of July 2026. Treat them as competing sources, not one.
Two sources are built around MSP and MSSP size bands rather than enterprise vendors: CT Acquisitions' MSSP and Cybersecurity Services M&A Multiples Report 2026, and Aventis Advisors' MSP Valuation Multiples analysis. Read both. They draw on different data and disagree slightly at the low end, and that gap tells you how much uncertainty sits inside any single multiple you get quoted. Use them as a benchmark, not a printed comp, and remember CT Acquisitions' figures are advisory-firm synthesis estimates rather than audited transaction data.
Almost none. Every source on the circuit is written primarily for enterprise cybersecurity vendors, their investors, or their enterprise buyers, so the MSP-relevant read is always a translation exercise. The two exceptions are the M&A-multiples reports from CT Acquisitions and Aventis Advisors, which are MSP and MSSP specific by design. For funding, M&A, and market-structure material, expect to do the translation from enterprise-vendor context to your own business yourself.
Named individual authors: Mike Privette (Return on Security), Ross Haleliuk (Venture in Security), Cole Grolmus (Strategy of Security), Dino Boukouris (Altitude Cyber), Filip Drazdou (the Aventis Advisors MSP piece), Francis Odum (Software Analyst), and James Berthoty (Latio Pulse). Published under a firm brand without an individual byline: Momentum Cyber, Pinpoint Search Group, Team8, and CT Acquisitions. A named author who puts their reputation behind the numbers is worth a notch of extra trust, especially on valuation data.
Cyberstarts and NightDragon both lack an active, recurring publishing program as of July 2026, confirmed by direct site check. They are well-known cyber VCs, but there is no newsletter or report cadence to subscribe to; read their portfolio pages once to see where they are placing bets, and leave it there. YL Ventures is in the same bucket: a real, credible firm, but no ongoing publication that justifies a subscription today.
Weekly: Return on Security, five minutes, for the funding and M&A pulse. Monthly: the Altitude Cyber Market Review and SecurityWeek's M&A roundup, for the deal trendline and the deal-by-deal detail. Quarterly or annually, and only when you are planning an exit or a major vendor decision: Momentum Cyber's Almanac and CYBERscape, Team8's CISO Village Survey, and the two MSP-multiples reports from CT Acquisitions and Aventis Advisors. The mistake is subscribing to everything and reading nothing.