Last week’s mega deal of Google acquiring CNAPP provider Wiz for $32 billion has some lamenting the future of IPOs in the cybersecurity space. Wiz was on a high growth trajectory, and given that Wiz had previously rebuffed Google’s interest in the summer of 2024, many assumed Wiz was on target for a 2025 IPO, the success of which was meant to serve as a bellwether for the overall health of the cybersecurity market. With Wiz no longer an IPO candidate, has momentum for cybersecurity IPOs stalled?

In the short term, the answer is yes, but that is more to do with the health of the overall tech IPO market, not just cybersecurity. Genesys, a provider of AI-driven call center software, recently postponed its planned spring 2025 IPO, citing market uncertainty, with plans to revisit an IPO in the second half of 2025. And despite last year’s uneven macroeconomic environment, there were still over 220 IPOs in the US stock markets last year, up from 150 in 2023. While approximately 10% of the 2024 IPOs were of the SPAC (special-purpose acquisition company) variety, there were still several significant tech IPOs in 2024, including Reddit, OneStream, Ingram Micro, and ServiceTitan, to name a few. Rubrik’s April 2024 IPO also marked the first cybersecurity-related IPO in two years.

While the cybersecurity IPO market may be muted right now, there are still several possible cybersecurity IPO candidates for 2025. While there is a lot of discussion on tariffs and the current market volatility hindering IPOs, indexes such as the Cboe’s VIX Index (which analyzes S&P 500 index options to derive a forward-looking projection of volatility) have not moved as much as the overall market indices. Some have suggested that this is because much of current volatility is derived from policy decisions (like tariffs), meaning they can be quickly reversed and are also not tied as directly to structural economic factors.

Despite this current uncertainty, the resilience of the US stock market, and the fact that there are still several cybersecurity companies seeking a liquidity event, mean that cybersecurity IPOs could still happen in 2025, especially in the second half of the year. The current tech IPO bellwether is AI darling CoreWeave. Despite a tepid initial trading day, CoreWeave has since rebounded and its shares are up.

This current (but by no means comprehensive) list of potential cybersecurity IPO candidates for the fall of 2025 can be put into two distinct categories:

Category one: venture-backed, with $500 million or more in VC funding and high annual recurring revenue (ARR) growth of over 40%

  • Netskope: In October 2024, Netskope CEO Sanjay Beri indicated plans to proceed with an IPO in the second half of 2025, depending on market conditions and investor appetite. Netskope has raised over $1 billion in venture capital, reported over $500 million in ARR, and competes in the high demand Zero Trust edge network security segment. While Netskope has not filed an S-1 form with the SEC yet, it is a vendor to watch in 2025 as a strong contender for an IPO.
  • Snyk: Like Netskope, application security developer Snyk has raised over $1 billion in venture capital, hit $300 million in ARR last year, and is growing ARR 40% annually. While Snyk has not filed an S-1 with the SEC, it is long rumored to be an IPO candidate and fits the criteria for this category. Application security remains a high growth area.
  • OneTrust: This privacy management company has raised over $1 billion and is exceeding $500 million in ARR. While the firm has been mum on any IPO plans, it meets the size, valuation, and growth metrics for an IPO.
  • Armis has not reached the $500 million ARR milestone yet but is growing rapidly and has raised over $800 million in venture capital. According to Bloomberg, it is looking at 2026 for an IPO, so continued success and growth in 2025 will position the company for an IPO next year.
  • Illumio: Illumio has raised more than $500 million in funding from a mix of VC firms and private equity firms, is growing fast, and had a $2 billion-plus valuation during their last funding round in 2021. That funding round was led by private equity investor firm Thoma Bravo, who has a good track record of taking cybersecurity companies into the public markets. Illumio was a Leader in The Forrester Wave™: Microsegmentation Solutions, Q3 2024, last year and competes in the high-demand cloud security and Zero Trust segments.

Category two: established cybersecurity firm owned by private equity (PE) firms for two or more years and seeking exit

This category already has a successful 2025 IPO: identity management and governance vendor SailPoint, which PE investor Thoma Bravo took public in February, raising $1.4 billion in the IPO at a $12 billion valuation. Some other IPO candidates in this category include:

  • Proofpoint: Email and data security vendor Proofpoint was taken private by Thoma Bravo for $12 billion in 2021. Last fall, Proofpoint indicated plans to return to public markets within 12 to 18 months. Thoma Bravo has held Proofpoint for five years; this would be a good IPO candidate once market conditions improve.
  • Delinea: Last week, the PE owner of privileged identity management vendor Delinea indicated that it’s considering IPO plans. TPG has owned Delinea since 2021 when it merged Thycotic and Centrify and renamed the new entity Delinea. With Delinea’s ARR at almost $400 million, it fits the criteria, especially if the PE owner is looking to exit this investment in 2025.

While macroeconomic factors or geopolitical events could affect the public market’s appetite for tech IPOs, this post has hopefully shown that there are plenty of well-funded and capitalized cybersecurity companies capable of going public in the next 12 months based on market conditions. And seeing as all these companies are growing and investing in their product offerings, security professionals should view pending cybersecurity IPOs as a positive validation of the overall cybersecurity market and their supplier’s position within that market.