Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

1 2 Page 2
Page 2 of 2

Synopsys agrees to acquire application software SaaS vendor WhiteHat Security

April 27: Synopsys, a provider of electronic design automation services and seminconductor IP, has entered an agreement to purchase WhiteHat Security for $330 million. The company will become part of Synopsys's Software Integrity Group, adding SaaS-based security testing solutions to its security software portfolio. "WhiteHat Security's DAST capabilities complement our strengths in static analysis, interactive analysis and software composition analysis, while their expertise in SaaS will accelerate our security testing SaaS capabilities," said Jason Schmitt, general manager of the Synopsys Software Integrity Group, in a press release.

OneIDLab and Tozny merge to form Tozny, Inc.

April 19: OneIDLab and Tozny are now one company, Tozny, Inc. The merger combines Tozny's integrated identity and access management (IAM), privileged access management (PAM), key management, and data encryption solutions with OneIDLab's secure remote access and decentralized identity token solutions. "Our customers are increasingly asking for a risk informed integrated solution that doesn't require a wholesale change in their IT infrastructure. Our integrated platform works with existing applications, and makes it much simpler for our customers to adopt and maintain a zero-trust posture that includes people, devices, applications and services," said Jonathan DeHart, co-founder and CEO of Tozny, Inc., in a press release.

Investment firm Thoma Bravo to acquire identity security firm Sailpoint for $6.9 billion

April 11: Sailpoint has entered into an agreement to be acquired by software investment firm Thoma Bravo. Once the deal is finalized, Sailpoint will become a privately held company. “Identity security is core to cyber security and businesses have realized that to fuel business growth and success, they must start with identity as the foundation for secure business transformation. We've experienced rapid growth and see a tremendous opportunity ahead of us to continue to set the pace in the identity security market as the category leader,” said Mark McClain, Sailpoint's CEO and founder, in a press release

Imprivata enhances its digital identity capabilities with SecureLink acquisition

April 11: Digital identity vendor Imprivata has purchased SecureLink and its access management and patient privacy monitoring capabilities. The acquisition will allow Imprivata to provide what it claims is the only single vendor platform to manage and secure all enterprise and third-party digital identities. “The importance of protecting digital identities has never been greater. The combined organization creates a holistic set of capabilities that enable the secure and efficient use of digital identities, while providing visibility and control of how they are used,” Patrick Tickle, CEO of SecureLink, said in a press release. Terms of the deal were not released.

London Stock Exchange Group to acquire Global Data Consortium

April 5: The London Stock Exchange Group (LSEG) has agreed to acquire Global Data Consortium (GDC), a provider of identity verification data. LSEG currently uses GDC's data to support know-your-customer (KYC) requirement. GDC will be part of LSEG's Data and Analytics division.  The acquisition of GDC, combined with our existing capabilities from GIACT and Qual-ID, will enable customers to verify digital identity and protect against fraud globally with a suite of real-time, accurate solutions,” said Phil Cotter, group head of customer and third-party risk solutions at LSEG, in a press release. Terms of the deal were not disclosed. 

European distributor Nuvias Group buys Netsafe

April 4: Nuvias Group has acquired Netsafe, a cybersecurity and networking distributor group, to expand its operations in Eastern Europe, specifically in Romania, Croatia, Slovenia and Bulgaria. “Nuvias sees significant promise and opportunity in the Eastern European market. With Netsafe we have a platform for considerable growth in this region. We have a very strong match in our philosophy and approach to specialist value-added distribution, making for a solid base for accelerated growth”, commented Simon England, CEO of the Nuvias Group, in a press release. Netsafe will continue to operate under its own brand. Terms of the sale were not released.

Perception Point adds web security with Hysolate acquisition

March 30: Email and cloud collaboration channel security firm Perception Point has purchased Hysolate and its web isolation platform. The combined companies will be able to offer protection against content-based attacks through isolation, detection, and remediation. "Coupling Hysolate’s innovative isolation technology and endpoint management capabilities with Perception Point’s proven prevention and remediation solution transforms Perception Point into a one-stop-shop for all content-based attacks, delivering significant added value to our rapidly growing customer base,” said Perception Point CEO Yoram Salinger in a press release. Terms of the deal were not disclosed.

Mitek buys KYC vendor HooYu 

March 23: Digital identity verification and fraud prevention firm Mitek has acquired HooYu, a UK-based provider of know-your-customer (KYC) technology, for £98 million. The company plans to integrate HooYu's technology into its own platform. "Having a single platform that easily orchestrates and configures a KYC journey to manage identities and identify bad actors is becoming a prerequisite for any business transacting digitally,” said HooYu CEO Keith Marsden in a press release. “Bringing together Mitek’s lead in identity, liveness and biometrics, with our orchestration, configuration and journey services simplifies identity management for financial institutions.” 

SentinelOne agrees to acquire Attivo Networks

March 15: SentinelOne has agreed to purchase identity security and lateral movement protection company Attivo Networks for $616.5 million. The company plans to use Attivo's technology to expand its Singularity XDR platform to allow detection and response to identity-based threats. “The shift to hybrid work and increased cloud adoption has established identity as the new perimeter, highlighting the importance of visibility into user activity. Identity threat detection and response (ITDR) is the missing link in holistic XDR and zero trust strategies,” said Nicholas Warner, COO, SentinelOne, in a press release. “Our Attivo acquisition is a natural platform progression for protecting organizations from threats at every stage of the attack lifecycle.

Cengage Group completes purchase of Infosec

March 1: Cengage Group has finalized its acquisition of cybersecurity education and training firm Infosec. The company's offerings will become part of Cengage's Workforce Skills business. “As demand for workforce skills training explodes, together we’ll be better positioned to deliver quality online learning for cybersecurity and other growing fields wherever students need – through academic institutions, employers or direct to consumer. With our ability to scale training across channels, we will help millions of learners gain the skills needed to move up in their careers and help close the cybersecurity skills gap,” said Cengage CEO Michael E. Hansen in a press release. Terms of the sale were not disclosed.

Cloudflare to enhance zero-trust capabilities with Area 1 purchase

February 23: Internet security firm Cloudflare has announced its intent to acquire Area 1 Security and its cloud-native anti-phishing technology. The $162 million deal is expected to not only extend Cloudflare's Advanced Email Security Suite, but also better position the company to deliver zero-trust solutions. “Email is the largest cyberattack vector on the internet, which makes integrated email security critical to any true zero-trust network. That’s why today we’re welcoming Area 1 Security to help make Cloudflare’s platform the clear leader in zero trust,” said Matthew Prince, co-founder and CEO of Cloudflare, in a press release.

Snyk enters cloud security market with Fugue acquisition

February 17: Developer security vendor Snyk has acquired Fugue and its cloud security and compliance products. The move gives Snyk a foothold in the cloud security market. The company plans to use Fugue's capabilities to extend the Snyk Developer Security Platform. “Together, we’ll collectively reimagine what cloud security can and should look like for today’s modern DevSecOps teams, ensuring more secure innovation can flourish worldwide,” said Snyk CEO Peter McKay in a press release. Terms of the deal were not released.

WhiteSource buys two SAST companies

February 15: WhiteSource, a provider of software composition analysis tools, has enhanced its static application security testing (SAST) capabilities with the acquisition of two companies: Xanitizer and DefenseCode. Xanitizer offers SAST detection technologies and DefenseCode offers SAST capabilities with support for multiple languages. Both companies will be folded into WhiteSource. Terms of the deals were not released.

Belden divests itself of Tripwire

February 9: Networking solutions provider Belden has announced an agreement to divest its Tripwire cybersecurity business for $350 million to HelpSystems. Belden paid $710 million for Tripware in 2015. Belden will act as Tripwire's exclusive reseller of its industrial security solutions. “This is an important transaction that will enable Belden and Tripwire to more effectively execute their strategic growth plans," said Belden CEO Roel Vestjens in a press release.

Tenable to acquire Cymptom

February 1: Tenable Holdings has announced its intent to acquire Cymptom, known for its attack path management technology. Once the deal closes during Q1 2020, Tenable plans to integrate Cymptom's agentless platform into its threat and vulnerability data. “Risk prioritization has become a cornerstone of modern cybersecurity. By correlating software vulnerabilities and misconfigurations with network and access data, Cymptom can immediately identify exploitable attack and breach pathways,” said Nico Popp, Tenable's chief product officer, in a press release. “Following closing of the deal, these compelling analytics will be integrated into Tenable.ep, Tenable’s Exposure Platform, and augment the prioritization, benchmarking, trending and other capabilities which are part of Lumin and available via Tenable.ep.” Terms of the deal were not disclosed.

Forescout expands healthcare security offerings with CyberMDX buy

February 1: Forescout Technologies, known for its active defense IoT and operational technology (OT) products, has acquired healthcare cybersecurity vendor CyberMDX. The purchase allows Forescout to expand its internet of medical things (IoMT) capabilities. “Cybersecurity for IoMT, much like cybersecurity for OT devices, requires specific expertise and technologies. We are pleased to have the CyberMDX team join Forescout as we continue delivering new capabilities on our market-leading platform and grow our R&D center,” said Forescout CEO Wael Mohamed in a press release. Terms of the deal were not released.

Datto acquires EDR vendor Infocyte

January 20: Datto Holding, which provides cloud-based software and security solutions for managed service providers, has announced its purchase of Infocyte. The company plans to integrate Infocyte's endpoint protection and response (EDR) into its own offerings. "The addition of the Infocyte team and technologies augments our capabilities within the critical protect, detect and respond stages outlined in the NIST organizational security framework,” said Tim Weller, CEO of Datto, in a press release. “Infocyte’s offerings are complementary to Datto RMM Ransomware Detection and SaaS Defense application security products in those same NIST stages." Terms of the sale were not released.

Threat intelligence firm Flashpoint buys Risk Based Security

January 12: Flashpoint has announced its acquisition of Risk Based Security (RBS), which offers vulnerability and data breach intelligence services. Flashpoint plans to integrate RBS's knowledgebase and technology into its platform. “This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues," said Flashpoint CEO Josh Lefkowitz in a press release. "This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Terms of the sale were not released.

Cerberus Cyber Sentinel acquires True Digital Security

January 5: Cybersecurity consultancy and managed service provider Cerberus Cyber Sentinel has purchased True Digital Security. That company, which provides cybersecurity operations and compliance services, will continue to operate as a wholly owned subsidiary of Cerberus. “True Digital is an exceptional cultural fit for the Cerberus family of companies. Together we will keep businesses safe as their managed compliance and cybersecurity, plus culture, provider (MCCP+),” said David Jemmett, CEO and founder of Cerberus Sentinel, in a press release. “This acquisition expands and complements our team of deeply experienced cybersecurity professionals and executives, bringing our clients best-of-breed technology, proven processes, and people.” Terms of the deal were not disclosed.

Recorded Future buys SecurityTrails

January 5: Security intelligence firm Recorded Future has acquired SecurityTrails, which is known for its attack surface monitoring technology, for $65 million. The company expects to enhance its threat landscape visibility tools by leveraging SecurityTrails technology to provide more insight to customers’ attack surface and shadow infrastructure. “By combining Recorded Future’s unsurpassed Intelligence Platform with SecurityTrails’ unrivaled view into an organization’s attack surface, we make life miserable for the adversary,” said Dr. Christopher Ahlberg, CEO and co-founder, Recorded Future, in a press release.

Corvus Insurance enters UK and other markets with Tarian Underwriting acquisition

January 5: U.S.-based commercial insurance provider has purchased Tarian Underwriting. Based in London, UK, Tarian is a cyber underwriting platform with a presence in the UK, U.S., Canada, Middle East and Australia. “By bringing Tarian into the Corvus fold, we are expanding our international footprint into Europe, Africa and Australia with an experienced and proven team of underwriters,” said Corvus founder and CEO Phil Edmundson in a press release. Terms of the deal were not disclosed.

Google Cloud acquires SOAR vendor Siemplify

January 4: Google Cloud announced that it has purchased Siemplify and its SOAR technology. The company plans to add Siemplify’s tools into its Chronicle security suite. “We plan to invest in SOAR capabilities with Siemplify’s cloud services as our foundation and the team’s talent leading the way. Our intention is to integrate Siemplify’s capabilities into Chronicle in ways that help enterprises modernize and automate their security operations,” said Sunil Potti, vice president and general manager for Google Cloud Security, in a blog post. Terms of the deal were not released.

Copyright © 2022 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
22 cybersecurity myths organizations need to stop believing in 2022