The number of cybersecurity mergers and acquisitions deals in 2021 set a record pace. The first three quarters of the year saw 151 transactions in the industry, according to 451 Research. That’s up from 94 for the same period in 2020. That trend is likely to continue in 2022.
Many of the 2021 transactions CSO reported were in the identity and cloud security markets, especially toward the end of the year. This trend is likely to continue as these markets consolidate.
In all markets, larger firms are looking to expand their capabilities. Recorded Future’s acquisition of SecurityTrails is an early 2022 example, as it adds attack surface monitoring technology to Recorded Future’s offerings.
Last year saw some companies that are not primarily in the cybersecurity market buy security firms to better protect their data and customers. In November 2021, global retailer Schwarz Group bought cloud security firm XM Cyber to enhance the security of its digital offerings. This is likely to continue into 2022, as evidenced by Google Cloud’s acquisition of Siemplify. Google Cloud already offers a suite of security tools to its cloud platform customers. Siemplify enhances gives it enhanced security orchestration, automation and response (SOAR) capabilities.
Below are the deals that CSO has selected as the most significant of the year. (This list is updated periodically as new deals are announced.)
Proofpoint agrees to purchase Illusive
December 12: Proofpoint, Inc., has entered into an agreemant to acquire identity threat detection and response (ITDR) firm Illusive. The deal is expected to close in January 2023, and then the company will integrate Illusive's technology into its information protection platforms. “It’s currently far too easy for an attacker to turn one compromised identity into an organization-wide ransomware incident or data breach,” said Ryan Kalember, Proofpoint's executive vice president, cybersecurity strategy, in a press release. “The acquisition of Illusive reinforces Proofpoint’s commitment to innovation and growth, bringing market-defining technology to make threat actors’ jobs as difficult as possible.” Terms of the deal were not disclosed.
Veracode acquires DAST tool Crashtest Security
December 12: Veracode now owns the dynamic application security testing (DAST) toold Crashtest Security. The company intends to add the tool to its Continuous Software Security Platform. “Our customers have never been under greater pressure to secure their web applications in response to heightened risk," said Veracode Chief Product Officer Brian Roche in a press release. "They seek simple-to-use products that can be onboarded quickly and seamlessly. The Crashtest Security product offers just the solution—it is a highly innovative DAST tool and already has deep roots in the European market. This acquisition supports the growing demand for run-time scanning and allows customers to quickly and easily experience the latest developments in DAST.” Terms of the deal were not announced.
Security On-Demand merges with Booz Allen Hamilton Managed Threat Services
December 8: Security On-Demand has acquired Booz Allen Hamilton's Managed Threat Services (MTS) business. The combined company will operate under the DeepSeas brand and provide cyber threat detection and incident response services. “I am excited about the unique capabilities this combined team of experts brings to the market, as well as our plans to scale in a measured and meaningful way. We have the ability to deliver a deep, scalable cybersecurity platform in addition to the skills to help clients customize their security programs,” said Chris Esemplare, CEO of DeepSeas, in a press release. Terms of the deal were not disclosed.
AlgoSec acquires CNAPP vendor Prevasio
December 6: AlgoSec has acquired Prevasio and its SaaS cloud-native application protection platform (CNAPP), which includes an agentless cloud security posture management platform (CSPM). Prevasio intend to offer the Prevasio platform as a standalone product. “Applications are the lifeblood of organizations. As such, our customers have an urgent need to effectively secure the connectivity of those applications across cloud and hybrid estates to avoid unpleasant surprises. With Prevasio, organizations can now confidently secure their cloud-native applications to increase organizational agility and harden security posture,” said Yuval Baron, AlgoSec CEO, in a press release. Terms of the deal were not disclosed.
Palo Alto Networks to buy software supply chain security firm Cider Security
November 17: Palo Alto Networks has entered into an agreement to acquire Cider Security and its application security and software supply chain security technology for $195 million USD. The company expects the acquisition to help enable Palo Alto's Prisma Cloud platform and its approach to securing the entire application security lifecycle. "Any organization using public cloud has an application infrastructure with hundreds of tools and applications that can access their code and yet, they have limited visibility to their configuration or if they are secured," said Lee Klarich, chief product officer for Palo Alto Networks, in a press release. "Cider has made it possible to connect into infrastructure, analyze the tools, and identify the risks, as well as how to remediate them."
MSSP Thrive acquires UK firm Custard Technical Services
November 11: Thrive's purchase of Custard Technical Services, an IT support company, expands the US-based firm's presence in the UK. The acquisition also allows Thrive to offer its managed security and cloud services to Custard's customers. "Custard is a customer-centric, no-nonsense IT support and security company that has an excellent track record of providing a superb IT experience to clients of all sizes for over two decades," said Rob Stephenson, CEO of Thrive, in a press release. "We're excited to add Custard to our ever-expanding U.K. operations." Terms of the deal were not disclosed.
1Password steps toward passwordless authentication with Passage purchase
November 3: Password management solution provider 1Password has acquired Passage and its passkey passwordless authentication technology. The company plans to leverage the Passage team and its passkey technology to roll out a comprehensive solution for passwordless authentication in the first half of 2023. "When I look at the growing interest in passkeys, I can’t help asking myself: what will it take to make passwordless technology flourish? How will 1Password contribute?" said 1Password CEO Jeff Shiner in a blog post. "What’s changed is an emerging consensus around how to make that technology available to any developer, business, or individual that wants to use it – on any platform or device." Terms of the deal were not released.
HUMAN Security acquires clean.io to better protect the adverstising ecosystem
November 3: HUMAN Security, Inc., (formerly White Ops) has acquired clean.io and its technology to protect against malvertising and e-commerce fraud. HUMAN plans to add clean.io's products to its Human Defense Platform, broadening its ability to protect media companies. “By teaming up with clean.io, HUMAN is gaining significant talent with deep domain expertise along with increased signal across the internet, enhancing our collective protection capabilities for our customers across the entire digital ecosystem,” said HUMAN co-founder and CEO Tamer Hassan in a press release. Terms of the deal were not released.
The Purple Guys acquire managed service provider Golden Tech
October 18: Managed It services provider The Purple Guys has acquired Golden Tech. The deal allows the company to expand its IT and cybersecurity services within the Chicago and Indiana regions. “We are thrilled to announce this highly strategic acquisition of Golden Tech, which is complementary to our existing offerings and supports our broader growth strategy,” said Kevin Cook, CEO of The Purple Guys, in a press release. “Shawn and Steve Massa built an outstanding company with an impressive track record of growth, a loyal client base and a tenured team with deep experience supporting the SMB community. We are very excited to partner with the Golden Tech team. We look forward to building on the company’s historical success and driving continued growth in the broader Northwest Indiana and Chicagoland markets.” Terms of the deal were not disclosed.
Red Sift acquires attack surface management provider Hardenize
October 13: Red Sift has announced its acquisition of Hardenize. The company plans to integrate Hardenize's attack surface management (ASM) capabilities into its digital resilience solution. said Rahul Powar, CEO of Red Sift. “By acquiring Hardenize, an innovator in ASM, we extend our leading security products beyond protecting email; enabling enterprise customers to see their full attack surface, solve the issues at hand, and secure their valuable assets in an ever-evolving threat continuum," said Rahul Powar, CEO of Red Sift, in a press release. Terms of the deal were not disclosed.
Thoma Bravo to buy ForgeRock and take the company private
October 11: Software investment firm Thoma Bravo has entered into an agreement to acquire global digital identity firm ForgeRock for $2.3 billion USD, one of the largest M&A transactions in the cybersecurity space this year. “The transaction offers a unique opportunity to create value for all of our stakeholders and is a clear validation of our team’s outstanding work and the start of an exciting new chapter for ForgeRock, our customers, and our partner ecosystem," said ForgeRock CEO Fran Rosch in a press release. "We are confident that Thoma Bravo’s resources and insights will help us continue to drive innovation in our platform and deliver even more value for customers.”
Jamf to buy mobile detection and response vendor ZecOps
September 26: Apple enterprise management firm Jamf has signed an agreement to acquire ZecOps, Inc. Once completed, the deal will enhance the security capabilities of Jamf's platform. “We believe ZecOps has built a differentiated solution that meets a very important need for many organizations - the ability to thoroughly detect and investigate threats that target mobile users so they can confidently use these powerful devices for work," said Dean Hager, CEO, Jamf, in a press release. "This capability further propels our goal of continuing to bridge the gap between what Apple provides and the enterprise requires.” Terms of the deal were not disclosed.
CrowdStrike announces intent to acquire Reposify
September 20: CrowdStrike Holdings has agreed to purchase Reposify, Ltd., and its external attack surface management platform (EASM). The company expects to include the EASM technology into its Threat Intelligence product suite. “Fortifying security posture and reducing enterprise risk are top priorities for organizations. Traditional risk models take an inside-out approach, which doesn’t always account for how a threat actor may view the external attack surface. Reposify’s technology delivers an outside-in perspective of an organization’s global external risk, providing deep visibility into what connected devices are vulnerable and most likely to be targeted,” said George Kurtz, co-founder and CEO of CrowdStrike, in a press release.Terms of the deal were not disclosed.
SandboxAQ acquires encryption analysis firm Cryptosense
September 13: SandboxAQ has purchased Cryptosense, which the company expects to accelerate its deployment of its post-quantum cryptography solutions. SandboxAQ its product will provide a single 360-degree view of how encryption is used throughout the enterprise. "Rapid advances in quantum computing and AI challenge the effectiveness and performance of existing cryptography-based cybersecurity solutions. The combined leadership, talent, and expertise that SandboxAQ and Cryptosense bring to the marketplace accelerates the deployment of more effective cryptography solutions to protect the world against the security threats of today and tomorrow," said Jack D. Hidary, CEO of SandboxAQ, in a press release. Terms of the deal were not released.