2025 in Retrospect: SAFE One Steers the Industry Towards Autonomous Cyber Risk Management

Major changes in our platform based on customer feedback, driven by the need to scale programs with automation

Black Hat USA 2025

By Sweta Bhattacharya

2025 wasn’t just a milestone year for the SAFE One platform: it was the year the entire cyber risk management landscape shifted.  Every major shift in SAFE’s platform this year was driven by direct customer feedback, deeper market understanding, and the recognition that cyber risk programs cannot scale without automation. 

SAFE One matured into a more intuitive, more integrated, and more autonomous platform — pulling together risk, exposures, third parties, controls, telemetry, financial impact, and remediation into one unified system.

Here’s a recap of the top 10 milestones in 2025

1. Series C funding of $70 million; Mission Statement to Build  CyberAGI
2. Acquiring Balbix to Strengthen SAFE CTEM
3. Industry Validation: SAFE Recognized as the Autonomous Cyber Risk Management Leader
4. SAFE Launches the Industry’s First Fully Autonomous TPRM Platform
5. Early Access Launch of CTEM at BlackHat USA
6. Key Highlights and Product Enhancements
7. Strategic Partnerships
8. Autonomous Cyber Risk Quantification
9. Expanding SAFE’s Integration Footprint
10. SAFEOne Continues its foothold as the Unified Autonomous Cyber Risk Platform

1. Securing $70M Series C Funding and the Bold Vision of Cyber AGI

In one of the most challenging funding environments, SAFE secured $70M in Series C funding, led by Avataar Ventures. This investment accelerates SAFE’s leadership in cyber risk management and fuels continued innovation toward CyberAGI—an autonomous, agentic AI system designed to reason, prioritize, and orchestrate action across the entire cyber risk lifecycle. 

2. Acquiring Balbix to Strengthen SAFE CTEM

SAFE acquired Balbix, a recognized Leader in Continuous Threat Exposure Management (CTEM). SAFE and Balbix unveiled the ultimate Agentic-AI-powered cyber risk platform – one that links every exposure, control failure, and vulnerability to real business impact, a capability unmatched by any CTEM and CRQ vendor today. This positions SAFE squarely as a proactive security platform, advancing its three pillars – visibility, prioritization, and remediation – as highlighted by Forrester.

3. Industry Validation: SAFE Recognized as Autonmous Cyber Risk Management Leader

As SAFE advanced its capabilities, the industry took notice. 2025 saw some of the strongest analyst recognition in the company’s history:

• SAFE named a Leader in The Forrester Wave™: Cyber Risk Quantification Solutions, Q2 2025: “The SAFE One Platform is the most comprehensive CRQ-native risk management solution in the market.” Forrester recognized SAFE for its vision of Cyber Risk Singularity, noted use of genAI in the platform, and highlighted SAFE’s transparency CRQ modeling with FAIR-CAM.
• SAFE recognized in the 2025 Liminal Link™ Index as a Leader for Cybersecurity Risk Quantification
• Highlighted by Gartner as a vendor already enabling a decision-first approach with real-time telemetry and financial risk insight
• Named a Representative Vendor in Gartner’s 2025 Market Guide for Third-Party Risk Management (TPRM) Technology Solutions
• Named in Forrester’s Landscape Report for Third-Party Risk Management (Q3 2025)

This unprecedented multi-analyst validation solidified SAFE’s position as the category leader delivering the most comprehensive autonomous cyber risk management platform.

4. SAFE Launches the Industry’s First Fully Autonomous TPRM Platform

If there was one moment that defined 2025 for SAFE, it was this: TPRM became autonomous. SAFE TPRM is powered by 25+ specialized AI Agents which guide the complete lifecycle of TPRM operations, and customers experienced a thorough  transformation in scale, efficiency, and visibility.

“SAFE was the solution we needed to move beyond manual spreadsheets and truly modernize our third-party risk management. The ability to automate our vendor assessments and quantify our recommendations to leadership has been a game-changer for our team.”
— Mike Eisenman, Senior Manager (Security Assurance), Kyriba

5. Early Access Launch of SAFE CTEM at BlackHat USA

SAFE introduced the world’s first Autonomous CTEM platform at BlackHat USA 2025, bringing agentic AI into asset discovery, exposure analysis, vulnerability mapping, remediation prioritization, and mobilization. SAFE CTEM will provide:

• Cross-cloud, cross-environment asset intelligence
• Exposure prioritization
• Agentic remediation workflows
• AI-driven exposure mapping
• Business-impact scoring
  And more. 

6. Key Highlights for Product Enhancements

Document Parser AI Agent: SOC 2 reports, contracts, policy documents, and evidence are automatically parsed to extract controls, obligations, exceptions, and compliance indicators — dramatically accelerating assessments.

AI Auto-Answers, Pre-Fills & Reviews: AI agents fill in vendor questionnaires using uploaded evidence, review vendor answers, identify inconsistencies, and suggest improvements — reducing delays and lifting workload from both sides.

AI-Prompt Reporting: Teams generate audit-ready reports instantly by simply asking the SAFE X mobile app, reducing reporting cycles from days to seconds.

Regulatory Readiness with OOTB dashboards: SAFE introduced out-of-the-box regulatory dashboards, including HIPAA, NIST CSF 2.0, NIS2, DORA, and several global frameworks, that translate data, findings, and evidence directly into compliance views. TPRM teams can now see exactly how each vendor aligns to regulatory requirements without manual interpretation, accelerating assessments and supporting audit-ready reporting.

Shadow Third-Party & Fourth-Party Discovery: Integrated discovery layers now reveal every SaaS, AI, cloud, and infrastructure tool that touches your environment — including unmanaged, unapproved, or shadow tools. This creates a full map of dependencies and hidden risk paths previously invisible to teams.

Safe X, a More Intelligent AI-Led Command Layer: The Safe X cybersecurity assistant, integrating with 120+ APIs is quickly becoming a core navigation layer of the platform. SAFE deepened its conversational interface and users can now ask SafeX questions like:

1. “Show open findings for the finance business unit.”
2. “Is CVE-XXXX-XXXX present in our estate?”
3. “Which vendors contribute most to financial risk?”

Introducing the Finding Center: A centralized command center unifying findings across vulnerabilities, misconfigurations, assets, cloud posture, vendors, and controls — enabling faster triage and coordinated remediation.

Enhanced “See What Changed” Intelligence: SAFE now pinpoints exactly which findings, controls, and probabilities changed between any two risk calculations, creating transparency and auditability for every shift in risk.

AI-Powered Summaries Across Scenarios, Controls & Third Parties: Executives receive clear and immediate explanations of what’s driving risk. The platform automates synthesis that previously required hours of analyst work.

GenAI Risk Domain: SAFE introduced the world’s first GenAI financial risk quantification model, covering scenarios like prompt injection, training data poisoning, data corruption, model abuse, and LLM-driven attack vectors.

7. Strategic Partnerships that Strengthened SAFE’s Platform

2025 saw major alliances that expanded SAFE’s reach and influence:

• SAFE × Cisco: A strategic partnership combining SAFE’s risk intelligence with Cisco’s network and observability ecosystem — enabling more contextual, business-aligned security insights.
• SAFE’s ServiceNow Apps: SAFE became the leading CRQ solution embedded into ServiceNow IRM, CMDB, and risk workflows, bringing FAIR-based quantification directly into enterprise operational environments.
  • SAFE IRM Connector 
  • SAFE Asset Connector
  • SAFE TPRM Connector

8. Autonomous Cyber Risk Quantification

2025 also marked a leap forward for SAFE’s Cyber Risk Quantification capabilities. Improving the accuracy of risk models, expanding telemetry ingestion, and delivering new layers of AI-driven insights, SAFE matured CRQ into a real-time decision engine. (Gartner)

Enterprises now rely on SAFE to prioritize remediation, justify budgets, track risk burndown, and align business and security stakeholders with a quantifiable risk lens.

“The SAFE platform transforms how we measure, prioritize, and communicate risk. We now have continuous visibility that supports data-driven decision making.”
— Mark Tomallo, Chief Information Security Officer, Victoria’s Secret & Co.

9. Expanding SAFE’s Integration Footprint

These integrations make SAFE the most interconnected cyber risk platform in the enterprise ecosystem. Visit SAFE’s Integrations Marketplace to learn more. 

• Armis & Claroty xDome: Unified OT/IOT/CPS visibility for risk calculations.
• Rubrik: Backup configuration intelligence to strengthen ransomware loss modeling.
• PAN Cortex XDR: Deeper endpoint detection telemetry.
• Tanium Comply: Endpoint configuration and vulnerability data for improved coverage.
• Wiz (OCI Support): Full visibility into Oracle Cloud Infrastructure findings.
• AWS Security Hub: Real-time posture and misconfiguration telemetry.
• Tenable VM: Enhanced modeling of vulnerabilities and misconfigurations.
• Axonius: Asset metadata ingestion, including tags and custom fields.
• IronClad CLM: Automatic vendor discovery and contracts extraction.
• OneTrust: Automatic vendor discovery and sync SAFE Score back to OneTrust.
• ServiceNow ITSM: Streamlined remediation workflows.
• ServiceNow TPRM: Automated TPRM operations.
• Jira ITSM: Ticket synchronization for risk treatment and progress tracking.
• SMTP: Email-driven workflows to support vendor and stakeholder automation.

10. SAFE One Solidifies Its Position as the Unified Autonomous Cyber Risk Platform

In 2025, SAFE One matured into a single, unified platform that brings together TPRM, CRQ, and CTEM under a common autonomous, agentic AI foundation. SAFE One now operates as an end-to-end cyber risk management solution, setting a new benchmark for how enterprises manage strategic, ecosystem, and exposure risk at scale.

2025 laid the foundation; 2026 will accelerate the transformation

Across CRQ, TPRM, and CTEM, one message was clear in 2025: Agentic AI-native is the way ahead. SAFE’s journey in 2025 didn’t just push the industry forward — it changed expectations for what cyber risk platforms must become.

The next era of cyber risk management is autonomous. And SAFE is building it.

Try SAFE like you own it or watch SAFE CRQ in Action and SAFE TPRM in Action.
Ready to start your SAFE Journey? Schedule a 1:1 interaction with a SAFE expert.