Dataminr

1.1 Identity, platform, and customer footprint

Dataminr describes itself as the global leader in AI-powered real-time event, threat, and risk intelligence, and the fetched company pages consistently position the business as an infrastructure-like intelligence platform rather than a consumer media or ad-tech product. The core offer is a multi-product stack spanning Dataminr Pulse for Corporate Security, First Alert for public-sector response, Dataminr for News, and Dataminr for Cyber Defense. The technical spine is unusually prominent in company materials: Dataminr says it performs trillions of daily computations across billions of public inputs from more than one million unique public data sources, uses more than 50 proprietary LLMs, and synthesizes text, images, video, sound, and sensor data in 150-plus languages across 220-plus countries and territories. That platform framing matters because later growth claims depend less on a single app and more on a common AI/data layer that can be repackaged across physical security, cyber, public sector, and newsroom workflows. Public customer proof is also strong by private-company standards. Current official pages say Dataminr is trusted by two-thirds of the Fortune 50, half of the Fortune 100, more than 100 U.S. government agencies, and 20-plus international governments; Dataminr for News is described as used by more than 1,500 newsrooms and 30,000-plus journalists. TechCrunch adds that the company serves more than 800 customers overall and names NATO and OpenAI among them. The location picture is directionally consistent but not perfectly clean: multiple third-party databases place the company in New York City, with 6 East 32nd Street and 135 Madison Avenue both appearing in public profiles. Together, the evidence supports a clear chapter-one identity: Dataminr is a late-stage New York intelligence software company with meaningful global distribution, strong public-sector relevance, and a customer base large enough to make later ARR and financing claims plausible.[CO001, CO002, CO003, CO004, CO005, CO006]

1.2 Founders, leadership, and governance visibility

Dataminr is still unmistakably founder-led. Official leadership materials identify Ted Bailey as founder, CEO, and chairman; Jeff Kinsey as co-founder and CTO; and Peter Bailey as president of corporate initiatives and a founding member focused on strategy, fundraising, and investor relations. The current executive bench is broader than the company’s older public profile, with Balaji Yelamanchili listed as president and COO, Tiffany Buchanan as CFO, Matthew Harrell as chief partner officer, Joel Tetreault as chief AI officer, and additional leaders across product, legal, people, public sector, and revenue. That functional spread is a positive signal for a company that now sells into security, cyber, government, and large-enterprise environments. Two governance caveats still matter. First, public founder attribution beyond Ted Bailey is not perfectly clean: official materials clearly name Jeff Kinsey and Peter Bailey as founding members, while TechCrunch, Wikipedia, and other third-party summaries also mention Sam Hendel. Second, the current COO story looks under-disclosed. Dataminr’s April 2024 and April 2025 releases presented Brian Gumbel as president and COO, yet the 2026 leadership page now lists Balaji Yelamanchili in that role without a fetched transition announcement. The June 2025 Tiffany Buchanan hire and the March 2025 elevation of Dave DeWalt to board vice chairman both suggest increasing institutionalization and capital-markets preparation, but official pages still do not publish a clean board roster, committee map, or current ownership structure. Third-party databases fill some of that gap, but they do not eliminate key-person dependence or cap-table opacity.[CO012, CO013, CO014, CO015, CO016, CO017]

1.3 Funding history, investor base, and financing structure

Dataminr’s last clean priced benchmark remains the March 2021 Series F, when the company announced a $475 million financing at a $4.1 billion valuation. Official and TechCrunch coverage align on that headline and on a marquee syndicate that included Eldridge, Valor Equity Partners, MSD Capital, Reinvent Capital, ArrowMark Partners, IVP, Eden Global, and Morgan Stanley Tactical Value funds. The 2021 round turned Dataminr into a well-capitalized late stage AI platform at a time when management was still openly discussing IPO ambitions. The more important current story is that 2025 funding came through hybrid instruments instead of a newly disclosed priced round. On March 19, 2025, Dataminr raised $85 million from NightDragon and HSBC through convertible financing plus credit, and TechCrunch reported that the instrument was explicitly pre-IPO, did not set a valuation, and would give investors a discount to a later IPO price or financing price. NightDragon also disclosed plans for an SPV that could add up to another $100 million of convertible exposure. Just over a month later, Fortress provided an additional $100 million of convertible financing. Fortress, Dataminr, and Private Equity Wire all frame this as a strategic growth investment, but it also signals financing-structure caution: the company added capital without resetting the 2021 valuation publicly, and public sources still do not disclose coupon terms, conversion mechanics, covenant packages, or priority relative to prior investors. Total capital raised is therefore only expressible as a range—roughly $1.0 billion to $1.24 billion—depending on which sources include secondaries, debt, and recent convertibles.[CO021, CO022, CO028, CO029, CO030, CO031]

1.4 Scale signals, milestones, and adverse diligence flags

On operating scale, the core picture is favorable. Official 2025 materials say Dataminr is approaching $200 million in ARR, and the company’s customer base now spans at least 800 organizations, including deep Fortune 50 penetration, more than 100 U.S. agencies, 20-plus international governments, and more than 1,500 newsrooms. The business also appears to have meaningful strategic anchoring inside public-sector and defense workflows: TechCrunch cites a five-year, $282 million U.S. Department of Defense contract and names NATO among customers. Product velocity also remained visible in 2024-2025 through ReGenAI, planned Context Agents, and a broader partner-network push. But the chapter-one downside flags are real. Public headcount signals are inconsistent—official disclosures moved from 900-plus employees in 2022 to roughly 800 in 2024, while third-party 2025-2026 datasets point to a range closer to the high-700s or low-800s. The company also cut around 20% of staff in late 2023, with management tying the move to macro pressure, efficiency, AI shifts, and a push toward profitability. In parallel, Dataminr remains exposed to a long-running surveillance criticism set: TechCrunch’s 2025 financing coverage cites prior reporting on law-enforcement use around protests, while its 2021 Series F story revisits controversy around data-sharing and potential downstream misuse by customers. Those issues do not negate Dataminr’s commercial traction, but they do matter for diligence because they intersect directly with go-to-market concentration, regulatory sensitivity, and reputational risk in the same public-sector markets that now support growth.[CO023, CO024, CO025, CO026, CO027, CO033]

1.5 Exhibits

2.1 Market Boundary, Included Spend, and Adjacent Categories

Dataminr should not be framed as a generic “AI company” or as a pure cyber vendor. The evidence is much more specific: the company sells real-time event, threat, and risk intelligence into at least six workflow families — corporate security, cyber defense, public sector/first alert, news, financial services, and supply-chain disruption monitoring. Those workflows overlap with open-source intelligence (OSINT), cyber threat intelligence (CTI), critical-event management, media-intelligence/newsgathering, and resilience software, but they do not map cleanly to any one analyst category. That matters because the buyer, budget line, and willingness to pay differ materially by workflow. A Fortune 50 corporate-security team buys earlier warning on physical threats, travel risk, and business disruption; a cyber team buys external detection and threat context that plugs into SIEM/SOAR/TIP systems; a newsroom buys speed and verification; a financial-services user buys earlier awareness of market-moving events; and a government buyer buys situational awareness or force-protection signals, often through procurement vehicles or channel partners. Included spend therefore means external real-time intelligence, not all security, all media monitoring, or all enterprise software. Excluded spend should include full SIEM budgets, broad ad-tech or brand-monitoring categories, and command-and-control systems where Dataminr does not own the core workflow. Partnerships with Control Risks, Altana, Carahsoft, AWS Marketplace, and SoftwareOne reinforce this narrower reading: Dataminr is frequently the alerting and context layer inside a larger operational stack rather than the entire system of record.[CM001, CM002, CM008, CM014, CM015, CM036]

2.2 TAM, SAM, SOM, and Contradictory Market-Size Lenses

Top-down market sizing is the chapter's biggest methodological trap. The adjacent market reports fetched for this run do not agree on scope or even on what the unit of analysis is. The Business Research Company and Future Market Insights put the threat-intelligence category in roughly the $13–16B range in 2025–2026. OSINT reports are wider still: Global Market Insights places the category at $15.9B in 2026, while Mordor Intelligence places it at $21.06B, and a much lower-quality Proficient Market Insights page publishes an implausible long-range OSINT forecast in the trillions. That spread is not a reason to average all numbers together. It is a reason to bound the market more tightly around what Dataminr actually monetizes. Dataminr's real market is narrower than “all OSINT” because not every OSINT use case buys a high-end, always-on, multi-modal alerting platform, and narrower than “all threat intelligence” because the company does not capture the entirety of internal-telemetry, endpoint, or SIEM spend. A practical SAM therefore sits inside cross-vertical real-time intelligence budgets for large enterprises, public-sector agencies, financial-risk teams, and premium news organizations. Near-$200M ARR is meaningful proof of demand, but it still implies low penetration versus any mid-teens-to-low-twenties-billion adjacent category estimate. In other words, the upside case depends more on vertical expansion, deeper enterprise wallet share, and partner distribution than on claiming the whole syndicated OSINT or CTI TAM.[CM009, CM016, CM017, CM018, CM019, CM020]

2.3 Buyer, User, Payer, and Spend Ownership by Segment

Dataminr's cross-vertical expansion is real, but budget ownership is fragmented. In corporate security, the usual buyer is a CSO, GSOC leader, resilience team, or duty-of-care function; the user is the security operator or analyst; and the payer is usually an enterprise security, crisis-management, or travel-risk budget. In cyber defense, the buyer shifts to the CISO organization, especially threat-intelligence, external attack-surface, digital-risk, or vulnerability teams, and Dataminr is explicitly positioned as a complement to existing SIEM, SOAR, and TIP investments. In government and emergency management, users include agency operators, first responders, or defense/security personnel, but purchase paths often run through Carahsoft, marketplace listings, or formal contracts rather than pure SaaS self-serve. In news, the user is the assignment editor, reporter, verification desk, or audience team, while the payer is the newsroom operations or tooling budget; that makes adoption more sensitive to macro media economics than in Fortune 50 security. Financial services is another multi-budget segment: Dataminr can sit with market-intelligence, compliance, operational-risk, ESG, or research teams. Supply-chain is the least proven as a core standalone budget owner; current evidence points more to partner-led distribution and API embedding than to Dataminr displacing existing logistics or ERP systems directly. The commercial implication is that Dataminr is not selling one product into one homogeneous budget. It is selling a shared intelligence substrate into several distinct procurement motions, each with different ACVs, proof requirements, and renewal risk.[CM003, CM004, CM005, CM006, CM007, CM023]

2.4 Adoption Drivers, Constraints, and Platform Dependencies

The strongest adoption drivers are also the reasons Dataminr spans multiple categories. Independent and company sources alike point to rising cyberattacks, geopolitical volatility, compliance pressure, and the need for faster real-time intelligence sharing as structural tailwinds. OSINT reports show growing private-sector adoption beyond government and defense, while Dataminr's own expansion messaging and partner activity indicate demand from corporate security, finance, supply-chain, and public-sector users. But the constraints are equally important. Government buyers face fragmented structures, mandates that can outpace funding, and procurement and privacy controls that lengthen sales cycles. Newsrooms face severe budget pressure: Reuters Institute documents almost 2,700 lost U.S. newsroom jobs in 2023 followed by further cuts in early 2024, which means even a valuable tool can be hard to fund broadly. Public-data dependence is another hard constraint, not a theoretical one. Knowlesys and Mordor both cite API restrictions, anti-scraping measures, privacy mandates, and adversarial data poisoning as factors that can reduce visibility or raise collection costs. Category crowding also matters: Flashpoint, ThreatConnect, and adjacent CTI/TIP vendors frame the buyer decision around not just early detection but analyst support, vulnerability context, workflow integration, and prioritization. Dataminr therefore benefits from real market tailwinds, but the investable question is whether those tailwinds overcome split budgets, data-access friction, and the need to prove workflow ROI separately in each vertical.[CM027, CM028, CM029, CM030, CM031, CM032]

2.5 Exhibits

3.1 Landscape and buyer jobs

Competition around Dataminr is broader than one peer set because buyers can solve the underlying problem in several different ways. Dataminr packages real-time external awareness for corporate security, cyber defense, public sector, and newsrooms, so it overlaps with threat-intelligence vendors, external-cybersecurity platforms, defense-intelligence incumbents, and adjacent media or consumer-intelligence tools. The common thread is not one product category but a buyer desire to know sooner and act faster. Dataminr’s own positioning matters here: it sells early warning from public data at large scale, then routes that intelligence into existing security, resilience, and newsroom workflows. That broad packaging expands the addressable budget, but it also exposes the company to more substitute routes than a narrow cyber-only vendor. In practice, many customers can multi-home: they can keep Dataminr for first alerting, use another platform for finished intelligence or takedowns, and still rely on internal systems for action and reporting. The competitive question is therefore less about who matches every feature and more about which vendors win each leg of the workflow and who becomes the durable system of record.[CP001, CP002, CP003, CP004, CP005, CP009]

3.2 Direct intelligence peers and public-private ownership signals

Recorded Future, Flashpoint, ZeroFox, and Babel Street are the clearest direct or near-direct competitors because they sell intelligence products to overlapping security and public-sector buyers. Recorded Future pairs a large-scale cyber-intelligence platform with geopolitical and disinformation framing, and its sale to Mastercard validates strategic value at a multi-billion-dollar level while preserving an ‘independent platform’ story. Flashpoint differentiates around primary-source collection from difficult-to-reach spaces, finished intelligence, geospatial analysis, and heavy analyst support. ZeroFox comes from an external-cybersecurity angle, bundling discovery, validation, and disruption across cyber, brand, executive, and physical risk, and its 2024 take-private transaction moved it from public-market scrutiny back to private-equity ownership. Babel Street is the most identity- and mission-centric of the group: it now frames itself around agentic risk intelligence, multilingual data, and risk domains including identity and vendor exposure. Together, these peers show that Dataminr is not just competing against another alert stream; it is competing against vendors that increasingly package collection, analysis, workflow, and ownership narratives into one enterprise sale.[CP010, CP011, CP012, CP013, CP014, CP015]

3.3 Government and defense workflow incumbents

Palantir and Janes matter because they compete at a different layer of the stack. Palantir’s official positioning is not primarily about being first to a public signal; it is about integrating data, decisions, and operations, with Gotham for defense decision-making, Foundry for enterprise operating workflows, and AIP for controlled AI execution on private networks. That is a deeper workflow claim than Dataminr’s external-awareness posture, and the Army Vantage reference underscores long-running operational embed inside government. Janes is similarly different from Dataminr, but for defense and intelligence buyers it can still be a substitute in key moments. Janes markets validated, machine-readable defense and security intelligence that feeds logistics, planning, wargaming, and strategic forecasting. Its human-expert validation and exclusive interviews give it a more curated, tradecraft-heavy posture than Dataminr’s automated public-data scanning. When a buyer needs a force-planning dataset or a defense-grade operational picture, Palantir and Janes have stronger workflow gravity than Dataminr; when a buyer needs the earliest possible public warning across a broad risk surface, Dataminr has the better starting point.[CP029, CP030, CP031, CP032, CP039, CP040]

3.4 Adjacent consumer-intelligence tools and substitute routes

Meltwater and Brandwatch are adjacent rather than direct cyber-intelligence peers, yet they compete for meaningful budget in communications, reputation, and market-intelligence workflows that can sit next to or partially replace Dataminr use cases. Meltwater brings media, social, and AI signals together for PR, communications, and marketing leaders, while Brandwatch combines consumer intelligence, search intelligence, social management, and media capabilities inside the Cision group. These vendors are less compelling substitutes for government or cyber-defense teams, but they can be very credible alternatives where the core job is narrative monitoring, sentiment shifts, brand risk, or consumer insight rather than threat investigation. The broader substitute threat is internal build and multi-tool assembly. Buyers with an existing SIEM, TIP, PR stack, social-listening tool, or analyst team may not need one platform to do everything. Dataminr’s own emphasis on integrating into existing workflows implies coexistence with these systems, which helps distribution but can also cap wallet share if another tool owns the decisive step in investigation, reporting, or action.[CP033, CP034, CP035, CP036, CP037, CP038]

3.5 Where Dataminr leads, where it lags, and the adverse moat case

Dataminr’s clearest lead remains the combination of public-data breadth, speed-to-detection, and packaging across multiple buyer groups. The company can credibly sell into corporate security, cyber defense, public sector, and newsrooms with one real-time awareness story, and its government footprint and newsroom reach reinforce that breadth. The lagging edges are just as clear. Rivals such as Flashpoint, Recorded Future, Babel Street, Palantir, and Janes market more explicit private-source access, analyst-written finished intelligence, or deeply embedded operational workflows. ZeroFox adds disruption and takedown capabilities that Dataminr does not foreground. That makes the strongest adverse view of Dataminr’s defensibility straightforward: if customers decide that first-alert speed is only one input, and the real value sits in exclusive access, curated intelligence, or system-of-record workflow control, Dataminr can be pushed down toward a signal layer instead of the owning platform. Flashpoint’s direct comparison page, while vendor-authored, is revealing because it attacks Dataminr exactly on that axis. As more peers wrap agentic AI around their own proprietary data and workflows, Dataminr’s moat looks durable only if it can keep converting alerting superiority into the decision layer, not just the detection layer.[CP020, CP043, CP044, CP045, CP046, CP047]

4.1 Capital structure and adequacy

Dataminr’s public financial story is anchored by a well-known 2021 priced equity round and two far more tactical 2025 instruments. In March 2021 the company raised $475 million at a $4.1 billion valuation, with management framing that capital as fuel for enterprise growth, international expansion, and public-sector scale-up. By contrast, March 2025 brought an $85 million combination of convertible financing and credit from NightDragon and HSBC, followed just over a month later by a separate $100 million convertible financing from Fortress. TechCrunch explicitly described the March round as pre-IPO convertible financing that did not set a new valuation, while Private Equity Wire framed the Fortress deal as a pre-IPO dilution-management tool. Those facts matter more than the headline dollars: Dataminr appears able to raise capital, but it is choosing bridge-style instruments rather than repricing common equity. Public databases also diverge on lifetime capital raised, so the safest expression is an approximate public tally of about $1.2 billion-plus. What remains missing is the crucial underwriting layer beneath the fundraising headlines: cash on hand, current burn, covenant burden, and whether the 2025 financings were opportunistic or necessary.[CI001, CI002, CI004, CI006, CI024, CI033]

4.2 Revenue model and scale signals

Public evidence supports a strong topline trajectory, but it is strongest on aggregate scale and weakest on monetization detail. Dataminr’s official 2025 releases say the company is approaching $200 million in ARR, while TechCrunch reported more than 800 customers, 1,500 newsrooms, and a five-year $282 million Department of Defense contract. Official pages separately confirm more than 100 U.S. government agencies, 20-plus international governments, and more than 1,500 newsrooms, which together point to a diversified customer base across enterprise, public sector, and media. The product footprint also suggests multiple monetizable surfaces: corporate security and event-risk intelligence for enterprises, mission-oriented government deployments, newsroom subscriptions, and a partner/API motion for embedded use cases. What Dataminr does not reveal publicly is equally important: no list pricing, no disclosed ACVs, no segment ARR split, and no indication of how much revenue comes from recurring software versus services and deployments. That means revenue quality must be inferred from who buys the product and how mission-critical it appears, not from disclosed SaaS economics.[CI008, CI009, CI010, CI012, CI013, CI014]

4.3 Unit economics and disclosure gaps

Dataminr looks operationally like an asset-light software and data platform, but public disclosure is too sparse to support a true unit-economics underwrite. The strongest public datapoints are the ARR signal and rough headcount range from GetLatka and Tracxn; together they imply about $0.24 million to $0.26 million of ARR per employee, which is respectable for a private enterprise software company but not enough to judge efficiency on its own. The 2023 layoff of roughly 20% of staff and the memo’s promise of multiple years of runway imply management has already pushed on cost structure, yet the company still does not disclose gross margin, services intensity, burn, cash, or retention. IncFact’s broad $100 million to $500 million revenue estimate underscores how approximate outside databases remain for a private issuer. In practice, investors cannot tell whether Dataminr’s near-$200 million ARR is largely software-like recurring revenue, labor-heavy implementation revenue, or some hybrid. That missing layer is why the public picture supports conviction on demand, but not yet on margin path or sales efficiency.[CI017, CI018, CI021, CI025, CI026, CI027]

4.4 Financial verdict

The financial read-through is mixed but directionally understandable. On the positive side, Dataminr has credible scale signals: near-$200 million ARR, deep government penetration, blue-chip enterprise logos, major newsroom adoption, and evidence that customers use the platform for high-stakes workflows where response speed matters. Those are the right ingredients for durable subscription and contract revenue. On the cautionary side, Dataminr is still behaving like a company that wants optionality before any public-market event: it cut staff materially in 2023, then raised two back-to-back convertibles in 2025 without publishing a new valuation. That does not prove distress, but it does suggest valuation sensitivity and a desire to fund AI product expansion without resetting the common-equity mark. Because public disclosures omit gross margin, burn, NRR, CAC, and customer concentration, the investable conclusion is not that Dataminr lacks traction; it is that public evidence supports commercial momentum but does not yet support high-confidence underwriting of revenue quality, margin durability, or the company’s true next-round dependency.[CI008, CI033, CI035, CI036, CI037, CI038]

4.5 Exhibits

5.1 Platform architecture and data strategy

Dataminr consistently describes the product as a layered AI platform rather than a narrow alerting application. The public architecture starts with broad public-data ingestion across text, image, video, audio, and sensor signals, then applies Multi-Modal Fusion AI to discover candidate events, risks, and threats at scale. That detection layer is followed by description and context layers: ReGenAI turns fast-moving detections into continuously rewritten Live Briefs, while Intel Agents and other agentic workflows add the surrounding context, prioritization, and next-best-action logic that customers need to decide quickly. The company's own technical writing is useful here because it goes beyond generic marketing and explains crossmodal attention between image and text embeddings, plus the use of computer vision, natural-language understanding, audio, and anomaly-detection models. Dataminr also makes unusually aggressive scale claims for a private vendor, including more than 1 million sources, more than 50 proprietary LLMs, and 43+ terabytes of daily data processed. Those numbers help explain why the product can serve physical, cyber, and news workflows from one platform, but they are still mostly management or partner statements rather than independently benchmarked technical disclosures.[CE001, CE004, CE005, CE006, CE007, CE008]

5.2 Modules and customer workflows

The marketed product map now spans four visible top-level buyer surfaces plus newer cyber-specialized modules. On the enterprise side, Dataminr for Corporate Security is framed around employee safety, asset protection, and operational resilience, with adjacent use cases in executive protection, supply-chain monitoring, financial-services operations, and route or site awareness. In public sector, First Alert remains the situational-awareness surface for emergency management, diplomatic security, law enforcement, and force-protection workflows. In media, Dataminr for News packages the same real-time discovery engine for newsroom verification and breaking-news discovery. Cyber is where the product family has become more modular: Pulse for Cyber Risk handles cyber-physical convergence and digital-risk use cases, Agentic TIP aims to operationalize intelligence across the full lifecycle, CTTI tailors external signals to a customer's own environment, and Investigation Insights overlays that context across hundreds of connected tools. The common thread is workflow compression. Dataminr is not merely promising alerts; it is promising fewer pivots, fewer manual enrichment steps, and faster movement from signal to decision. That is strategically important because it makes the moat claim about product integration and operational relevance, not just about raw data collection.[CE003, CE009, CE011, CE012, CE013, CE014]

5.3 Integrations, deployment, and trust controls

Dataminr's go-to-market increasingly depends on being embedded inside existing customer systems rather than forcing customers into a standalone console. Official sources and partner listings show API and marketplace distribution through AWS, Carahsoft, Splunk, Esri, and Genetec, while Investigation Insights and CTTI are explicitly marketed as no-rip-and-replace overlays that sit on top of SIEM, EDR, ticketing, browser, and other analyst tools. The November 2025 Developer Portal and enhanced SDK matter because they turn that integration motion into a product surface of its own, with docs, code samples, SDKs, and integration patterns meant to shorten partner build cycles. Esri and Genetec deepen the physical-world and geospatial story; Splunk validates the cyber-workflow story; AWS and Carahsoft add distribution credibility. On trust and compliance, the strongest public signal is Dataminr's ISO/IEC 42001 certification layered on top of ISO/IEC 27001 and 27701, which is useful evidence that the company is formalizing AI governance rather than shipping agentic features without controls. Still, the public material is better at describing what integrations exist than how they are operated under load: rate limits, support obligations, uptime commitments, and authentication depth remain under-disclosed.[CE017, CE024, CE025, CE026, CE027, CE028]

5.4 Differentiation, limitations, and underwriting risks

The clearest public product differentiation is that Dataminr combines three layers that are often sold separately elsewhere: broad event detection, live generative description, and workflow-embedded context. The cyber pages sharpen that pitch by attacking legacy threat-intelligence platforms as too slow, generic, and manual, then positioning Agentic TIP, CTTI, and Investigation Insights as the operating system for intelligence inside existing stacks. That is directionally credible, and third-party partner surfaces do show real integration work. But there are real technical underwriting caveats. First, much of the performance story remains self-reported: fastest detection, 99.5% ReGenAI accuracy, reduced false positives, and major workflow compression are all plausible, yet the public record does not provide enough benchmark methodology to test them independently. Second, the platform is structurally dependent on continued access to public data, partner ecosystems, and customer-connected tools; diversification helps, but changes in source access, API terms, or ecosystem incentives can still erode product coverage or delivery quality. Third, the public developer footprint is still modest relative to the ambition of the platform. The GitHub and research signals show there is real technical substance, but not enough public surface to fully diligence supportability, explainability, or long-run switching costs without direct technical diligence.[CE036, CE041, CE042, CE043, CE044, CE045]

5.5 Exhibits

6.1 Customer segments and public footprint

Dataminr's public customer story is broad and unusually visible for a private company, but the visible metrics mix several different denominators. Official pages consistently say the platform is trusted by more than 100 U.S. government agencies, 20+ international governments, two-thirds of the Fortune 50, half of the Fortune 100, and more than 1,500 newsrooms; press releases add 30,000+ journalists and nearly 200 public-sector and social-good organizations using First Alert. TechCrunch adds a separate topline of 800+ customers overall. Those figures should not be added together: 800+ appears to be organization count, 145,000 public- sector users is user count, and 30,000 journalists is seat or end-user count within the newsroom segment. Still, the segment mix is clear. Dataminr sells into enterprise security, public-sector and defense workflows, NGO and humanitarian use cases, and newsroom operations, with additional packaging for financial-services teams and executive-protection programs. The breadth signal is strong; the monetization split behind that breadth remains opaque because Dataminr does not publish segment ARR, paying account counts, or ACV by customer class.[CU001, CU002, CU003, CU004, CU005, CU023]

6.2 Named reference customers and proof quality

The quality of Dataminr's public customer proof varies sharply by segment. News and public sector are best supported. The Associated Press is the cleanest newsroom proof because Dataminr publishes a named case study with AP's Vice President of Global Safety, Risk and Resilience describing centralized risk monitoring and a reduction in manual scraping, and AP separately shows Dataminr embedded into AP Storytelling. NATO is the strongest named defense proof because Dataminr and PRNewswire both describe an expanded First Alert deployment. HP is the strongest named enterprise corporate-security proof because Dataminr publishes a detailed executive-protection page and a named HP leader quote about mobile alerts and itinerary-based monitoring. Oklahoma emergency management gives Dataminr a concrete state-level public-safety proof point. By contrast, OpenAI is only publicly evidenced through a TechCrunch line and a Dataminr spokesperson quote, while FEMA is supported only by a historical privacy-review file title rather than a readable current deployment record. That asymmetry is the key customer- proof takeaway: Dataminr has enough named references to prove real use, but not enough deep, independently quantified references to prove revenue weight or renewal quality across the full base.[CU007, CU008, CU009, CU012, CU013, CU017]

6.3 Deployment patterns and channel access

Dataminr's strongest public evidence shows the product being embedded inside operating workflows rather than used as a casual dashboard. AP uses the product to protect journalists in conflict zones and Dataminr alerts now appear directly inside AP Storytelling. HP uses it for executive travel and event protection, with tailored alerts tied to executive itineraries. Oklahoma emergency management uses First Alert in incident response. Public-sector organizations can buy through Carahsoft's NASPO pathways and through AWS Marketplace, while Esri says existing First Alert customers are being migrated to ArcGIS Basemaps. Financial- services pages show Dataminr also selling market-moving event intelligence into investment and risk workflows, and the executive-protection materials show a travel-and-physical-security deployment pattern that differs from media and emergency-response use. The important analytic distinction is between workflow embedding and procurement access. AP, HP, NATO, and Oklahoma demonstrate operational use. Carahsoft, AWS, SoftwareOne, and the partner network prove route to market and procurement ease, but they do not by themselves prove end-customer spend, retention, or adoption depth.[CU010, CU011, CU015, CU016, CU019, CU020]

6.4 Durability and expansion visibility

Dataminr's public customer evidence implies stickiness but stops short of proving it. The use cases that are visible—executive protection, emergency management, force protection, newsroom alerting, crisis communications, and market-moving intelligence—are inherently high-consequence workflows where switching costs can be meaningful once alerts are integrated into daily operating procedures. There are several expansion proxies: NATO is described as an expanded partnership, AP has progressed from risk-monitoring use toward newsroom workflow embedding, and Esri describes a transition of existing First Alert customers to a richer map experience. TechCrunch also reports a five-year, $282 million Department of Defense contract, which at minimum suggests one large multi-year federal relationship. But none of these public signals answer the core durability questions an investor actually needs: Dataminr does not publish NRR, GRR, churn, contract terms, seat counts for named accounts, or top-customer concentration. Public evidence therefore supports mission-criticality and likely renewal potential, but not underwritten renewal economics.[CU013, CU014, CU018, CU024, CU029, CU032]

6.5 Adverse lens, proof gaps, and concentration risk

The main weakness in Dataminr's customer chapter is the gap between headline breadth and verified depth. The company can credibly cite scale, but a meaningful share of enterprise proof still comes from anonymous customer testimonials such as a major automaker, a rideshare platform, a global nonprofit, and a financial-services organization. Featuredcustomers lists a much larger inventory of named logos, but many of those direct first-party case-study pages were not accessible during this run, so they should be treated as leads rather than fully validated current deployments. Public-sector proof is also not frictionless: The Intercept and an ACLU coalition letter both show Dataminr's police and protest-monitoring history remains a live reputational and procurement issue. That does not negate adoption—if anything it confirms real governmental use—but it complicates the clean narrative around public-sector customer quality. The biggest remaining diligence asks are top-customer concentration, federal mix, newsroom monetization, and whether flagship named accounts like AP, NATO, HP, and any OpenAI deployment represent large recurring contracts or simply highly visible reference logos.[CU006, CU026, CU028, CU029, CU030, CU031]

7.1 Privacy, Platform, and Regulatory Risks

Dataminr’s highest-severity underwriting risk is that a core part of its differentiated public-sector value proposition sits on politically sensitive ground. The evidentiary base here is unusually strong for a private company: FOIA-driven reporting from The Intercept, a Brennan Center document review, StateScoop’s procurement follow-up, Houston’s council vote, and Dataminr’s own privacy and legal pages all point in the same direction. Dataminr’s edge is not simply that it reads public posts; it is that it can ingest public signals at a speed, breadth, and productized level that ordinary users and most agencies cannot replicate. That is why X/Twitter firehose access matters, why police departments buy the product, and why critics frame the same feature as outsourced surveillance rather than neutral alerting. The resulting risk is twofold. First, platform risk: if X materially changes price, access, or permitted use, Dataminr’s public-sector and protest-monitoring workflows could lose an input that multiple sources still describe as central. Second, backlash risk: reporters and civil-liberties advocates have already documented protest tracking, false positives, and bias allegations. There is no clear evidence in the public record of formal enforcement against Dataminr itself, but federal privacy review documents, DFARS privacy obligations, and repeated procurement disclosures show this is not a theoretical policy debate. The mitigant is that Dataminr publicly positions First Alert as privacy-protective and can point to public-data sourcing plus legal controls; the residual exposure is that buyers, platforms, or legislators may judge the real-world effect more harshly than the company’s framing.[CR001, CR002, CR003, CR004, CR005, CR006]

7.2 Capital Structure and Customer Concentration Risks

The second major underwriting risk is financial and structural rather than narrative. Dataminr’s 2025 funding sequence is telling: after a 2023 workforce reduction designed to create runway, the company raised an $85 million hybrid of convertible financing and credit, added an SPV for still more convertible capacity, and then closed a separate $100 million convertible from Fortress a month later. That is not proof of distress—official sources still show demand, ARR scale, and broad customer adoption—but it is strong evidence that management preferred bridge-style capital to a fresh priced round. In a private company that still does not disclose cash, burn, margin, retention, or customer concentration, that choice should be read as valuation sensitivity and financing-structure pressure until proven otherwise. Public sources also show a meaningful government footprint: 100-plus U.S. agencies, 20-plus international governments, a reported five-year DoD contract, an active DISA award, and broad procurement-vehicle coverage. Those facts are positive for demand, but they also mean contract renewal, political scrutiny, or budget shifts could transmit quickly into ARR. The public evidence is strongest on scale and weakest on mix. Underwriters can see enough to know government is important; they cannot yet see enough to know whether Dataminr is comfortably diversified across enterprise, defense, public safety, and news. That is why the most useful diligence is not another market-sizing slide but a contract ledger, renewal calendar, and full disclosure of the 2025 convertibles’ economics.[CR018, CR019, CR020, CR021, CR024, CR025]

7.3 Competition, AI, and Execution Risks

Dataminr is not defending a static niche. The competitive field around real-time threat, risk, and intelligence workflows is getting better capitalized and more platform-like, not weaker. Recorded Future is moving under Mastercard with explicit scale support; ZeroFox has fresh private-equity backing; Flashpoint markets AI-enabled threat workflows; and Palantir continues to sell an AI platform into adjacent mission-critical decision environments. Dataminr’s answer is to deepen product ambition, not to narrow it. The company’s agentic roadmap shows autonomous context generation now, client-tailored context next, and predictive intelligence in 2026. That roadmap may support expansion, but it also raises the operational stakes of model error. Adverse reporting already documents false positives in protest-monitoring contexts, while public sources still do not disclose precision, recall, appeal rights, or kill-switch processes for the products that matter most in government and security workflows. Dataminr has real mitigants here: ISO 42001 plus prior ISO 27001/27701 suggest the company takes governance more seriously than many private AI vendors, and the recent CFO/COO hires show management knows it must professionalize for the next stage. The residual risk is that Dataminr is scaling product scope, channel complexity, and public-sector sales all at once, after a major layoff and while its executive bench is still being built out. That combination is survivable, but it is not low-risk execution.[CR031, CR034, CR035, CR036, CR037, CR038]

7.4 Residual Exposure, Monitoring, and Kill Criteria

The key investment question is not whether Dataminr faces risk; it is which risks are severe enough to break the underwriting case and which are manageable with the right diligence. The strongest adverse evidence in this chapter is not generic startup noise. It is specific: documented police use around protected protests, documented reliance on privileged platform access, documented false positives, documented use of convertibles rather than repricing equity, and documented government footprint without disclosed segment concentration. The company’s strongest mitigants are also concrete: broad enterprise adoption, active government demand, formal AI-management certifications, and fresh executive hires built for scale and public-market discipline. On balance, the highest residual exposures are the ones public sources cannot close: how dependent Dataminr really is on X for differentiated signal quality; whether public-sector contracts dominate the economics more than management implies; what the 2025 convertibles actually cost; and how model-quality controls behave in the highest-stakes workflows. Those are the issues that should drive diligence sequencing. If management cannot provide hard answers on dependency, concentration, model quality, and capital-structure terms, then the risk chapter should not be read as “watch items”; it should be read as evidence that the current underwriting case is still incomplete.[CR002, CR008, CR048, CR025, CR026, CR028]

7.5 Exhibits

8.1 The 2021 mark still frames the conversation, but not the clearing price

Dataminr’s valuation story is unusually easy to headline and unusually hard to underwrite. The headline is familiar: the company last raised a priced equity round in March 2021, when it closed a $475 million Series F at a $4.1 billion valuation. The underwriting problem is what that mark means in May 2026 after four more years of market repricing and no new disclosed priced round. Public evidence still supports a serious company—Dataminr says it is approaching $200 million of ARR, it has deep enterprise and government penetration, and the 2021 and 2025 disclosures together show the customer proof has not disappeared. But the stale mark now implies about 20.5x ARR, which is a premium multiple that has to be defended by current price discovery, not by historical fundraising memory. The right investment stance is therefore price-sensitive rather than company-quality-sensitive: the business can be strong while the untouched 2021 price is still too rich for fresh capital.[CV001, CV007, CV008, CV013, CV014, CV015]

8.2 The real 2025 signal is bridge-style financing, not valuation affirmation

The strongest reason to treat the 2021 mark skeptically is not abstract multiple compression; it is the specific structure Dataminr used in 2025. In March the company raised $85 million through a combination of convertible financing and credit, and TechCrunch reported that the instrument was pre-IPO financing that explicitly did not set a valuation while promising investors a discount to an IPO price or subsequent round. A month later Dataminr announced a second $100 million convertible financing from Fortress. Private Equity Wire made the subtext plain: convertible debt is favored because it raises capital while minimizing equity dilution ahead of a potential IPO. None of that proves distress, and the company’s customer base and ARR claim suggest real operating scale. But it does mean public markets have not been asked to clear common equity since 2021. Combined with the 2023 layoff, the sequence reads as a yellow flag on stale marks: Dataminr found capital, but it found it in structures designed to postpone a hard repricing.[CV002, CV003, CV004, CV005, CV006, CV009]

8.3 Comparable context supports a scaled company, but not a 20x ARR private entry

The closest supportable strategic comparable is Recorded Future, which Mastercard bought for $2.65 billion. Payments Dive also reported approximately $300 million of annual revenue, implying an acquisition multiple of roughly 8.8x revenue—healthy, but nowhere near Dataminr’s stale 20.5x ARR mark. ZeroFox offers a different lesson: it went private at $1.14 per share after reporting $188.4 million of ARR and positive free cash flow, reminding investors that public cyber-adjacent markets do not always reward scale with premium valuations. Meltwater’s take-private, while more media-intelligence than threat-intelligence, reinforces the point that information vendors can migrate to private ownership when public support is weak. Palantir is the obvious public multiple context, but at roughly 62.7x trailing sales and more than $319 billion of market cap in May 2026 it is an AI-market exception, not a sane base comp. Flashpoint, Babel Street, and Janes further suggest that exclusivity of collection, mission-grade workflow depth, and validated defense intelligence matter as much as early warning alone.[CV016, CV017, CV018, CV019, CV020, CV021]

8.4 Bull / base / bear framing implies disciplined entry far below the stale headline

The scenario math is straightforward once the comp set is anchored. A Recorded-Future-like outcome gets Dataminr to roughly $1.8 billion. A reasonable premium for stronger cross-functional positioning, deeper government penetration, and a still-private scarcity story can support a base-case range of about $2.0-$2.6 billion, or 10x-13x ARR. That is materially above ZeroFox-style public stress and below the untouched 2021 headline. The bull case reaches roughly $3.2-$4.1 billion only if three things happen together: Dataminr keeps compounding well above $200 million ARR, the IPO window reopens on attractive terms, and buyers start treating the company as a scarce AI-enabled intelligence asset rather than as another structured-capital late-stage private company. The bear case sits around $1.2-$1.8 billion if no priced round appears, structured capital compounds preference uncertainty, and strategic or secondary-style buyers set the tone. That framing leads to one conclusion: do not underwrite new money off the 2021 headline alone.[CV035, CV036, CV037, CV038, CV039, CV042]

8.5 IPO-path assumptions and final diligence asks

The only credible path back toward the stale 2021 mark is an IPO or near-IPO repricing that resolves the questions the convertibles currently dodge. Investors need the exact economics of the March and April 2025 instruments—coupon, maturity, conversion discount, security package, and any covenant constraints. They also need a clear view of the preference and dilution stack created by the 2021 Series F and any later structured capital. Most importantly, Dataminr would need to disclose the operating metrics that convert a $200 million ARR story into a premium multiple story: segment mix, gross margin, retention, sales efficiency, and free-cash-flow conversion. Until those are visible, the right recommendation is Track with medium confidence and a stretched valuation stance at $4.1 billion. Public evidence supports staying close to the company, but it does not support paying a 2021-clearing price in 2026. A genuine priced round, IPO filing, or disclosed metrics strong enough to justify a 15x-plus ARR outcome would move the call; absent that, price discipline is the whole job.[CV040, CV045, CV046, CV047, CV048, CV049]

8.6 Exhibits