This document outlines the baseline cybersecurity expectations typically applied in venture-stage due diligence for Series A and Series B software companies. It reflects recent changes in the threat landscape, including stronger expectations around SaaS identity controls, browser-based phishing and session theft, AI-assisted development, agentic AI systems, prompt injection, and AI-driven software supply chain risk. Minimum […]