• United States



by CSO Staff

Top cybersecurity M&A deals for 2022

Dec 23, 202231 mins
Data and Information Security

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

big data merger and acquisition big business smb
Credit: Thinkstock

The number of cybersecurity mergers and acquisitions deals in 2021 set a record pace. The first three quarters of the year saw 151 transactions in the industry, according to 451 Research. That’s up from 94 for the same period in 2020. That trend is likely to continue in 2022.

Many of the 2021 transactions CSO reported were in the identity and cloud security markets, especially toward the end of the year. This trend is likely to continue as these markets consolidate.

In all markets, larger firms are looking to expand their capabilities. Recorded Future’s acquisition of SecurityTrails is an early 2022 example, as it adds attack surface monitoring technology to Recorded Future’s offerings.

Last year saw some companies that are not primarily in the cybersecurity market buy security firms to better protect their data and customers. In November 2021, global retailer Schwarz Group bought cloud security firm XM Cyber to enhance the security of its digital offerings. This is likely to continue into 2022, as evidenced by Google Cloud’s acquisition of Siemplify. Google Cloud already offers a suite of security tools to its cloud platform customers. Siemplify enhances gives it enhanced security orchestration, automation and response (SOAR) capabilities.

Below are the deals that CSO has selected as the most significant of the year. (This list is updated periodically as new deals are announced.)

Proofpoint agrees to purchase Illusive

December 12: Proofpoint, Inc., has entered into an agreemant to acquire identity threat detection and response (ITDR) firm Illusive. The deal is expected to close in January 2023, and then the company will integrate Illusive’s technology into its information protection platforms. “It’s currently far too easy for an attacker to turn one compromised identity into an organization-wide ransomware incident or data breach,” said Ryan Kalember, Proofpoint’s executive vice president, cybersecurity strategy, in a press release. “The acquisition of Illusive reinforces Proofpoint’s commitment to innovation and growth, bringing market-defining technology to make threat actors’ jobs as difficult as possible.” Terms of the deal were not disclosed.

Veracode acquires DAST tool Crashtest Security

December 12: Veracode now owns the dynamic application security testing (DAST) toold Crashtest Security. The company intends to add the tool to its Continuous Software Security Platform. “Our customers have never been under greater pressure to secure their web applications in response to heightened risk,” said Veracode Chief Product Officer Brian Roche in a press release. “They seek simple-to-use products that can be onboarded quickly and seamlessly. The Crashtest Security product offers just the solution—it is a highly innovative DAST tool and already has deep roots in the European market. This acquisition supports the growing demand for run-time scanning and allows customers to quickly and easily experience the latest developments in DAST.” Terms of the deal were not announced.

Security On-Demand merges with Booz Allen Hamilton Managed Threat Services

December 8: Security On-Demand has acquired Booz Allen Hamilton’s Managed Threat Services (MTS) business. The combined company will operate under the DeepSeas brand and provide cyber threat detection and incident response services. “I am excited about the unique capabilities this combined team of experts brings to the market, as well as our plans to scale in a measured and meaningful way. We have the ability to deliver a deep, scalable cybersecurity platform in addition to the skills to help clients customize their security programs,” said Chris Esemplare, CEO of DeepSeas, in a press release. Terms of the deal were not disclosed.

AlgoSec acquires CNAPP vendor Prevasio

December 6: AlgoSec has acquired Prevasio and its SaaS cloud-native application protection platform (CNAPP), which includes an agentless cloud security posture management platform (CSPM). Prevasio intend to offer the Prevasio platform as a standalone product. “Applications are the lifeblood of organizations. As such, our customers have an urgent need to effectively secure the connectivity of those applications across cloud and hybrid estates to avoid unpleasant surprises. With Prevasio, organizations can now confidently secure their cloud-native applications to increase organizational agility and harden security posture,” said Yuval Baron, AlgoSec CEO, in a press release. Terms of the deal were not disclosed.

Palo Alto Networks to buy software supply chain security firm Cider Security

November 17: Palo Alto Networks has entered into an agreement to acquire Cider Security and its application security and software supply chain security technology for $195 million USD. The company expects the acquisition to help enable Palo Alto’s Prisma Cloud platform and its approach to securing the entire application security lifecycle. “Any organization using public cloud has an application infrastructure with hundreds of tools and applications that can access their code and yet, they have limited visibility to their configuration or if they are secured,” said Lee Klarich, chief product officer for Palo Alto Networks, in a press release. “Cider has made it possible to connect into infrastructure, analyze the tools, and identify the risks, as well as how to remediate them.”

MSSP Thrive acquires UK firm Custard Technical Services

November 11: Thrive’s purchase of Custard Technical Services, an IT support company, expands the US-based firm’s presence in the UK. The acquisition also allows Thrive to offer its managed security and cloud services to Custard’s customers. “Custard is a customer-centric, no-nonsense IT support and security company that has an excellent track record of providing a superb IT experience to clients of all sizes for over two decades,” said Rob Stephenson, CEO of Thrive, in a press release. “We’re excited to add Custard to our ever-expanding U.K. operations.” Terms of the deal were not disclosed.

1Password steps toward passwordless authentication with Passage purchase

November 3: Password management solution provider 1Password has acquired Passage and its passkey passwordless authentication technology. The company plans to leverage the Passage team and its passkey technology to roll out a comprehensive solution for passwordless authentication in the first half of 2023. “When I look at the growing interest in passkeys, I can’t help asking myself: what will it take to make passwordless technology flourish? How will 1Password contribute?” said 1Password CEO Jeff Shiner in a blog post. “What’s changed is an emerging consensus around how to make that technology available to any developer, business, or individual that wants to use it – on any platform or device.” Terms of the deal were not released.

HUMAN Security acquires to better protect the adverstising ecosystem

November 3: HUMAN Security, Inc., (formerly White Ops) has acquired and its technology to protect against malvertising and e-commerce fraud. HUMAN plans to add’s products to its Human Defense Platform, broadening its ability to protect media companies. “By teaming up with, HUMAN is gaining significant talent with deep domain expertise along with increased signal across the internet, enhancing our collective protection capabilities for our customers across the entire digital ecosystem,” said HUMAN co-founder and CEO Tamer Hassan in a press release. Terms of the deal were not released.

The Purple Guys acquire managed service provider Golden Tech

October 18: Managed It services provider The Purple Guys has acquired Golden Tech. The deal allows the company to expand its IT and cybersecurity services within the Chicago and Indiana regions. “We are thrilled to announce this highly strategic acquisition of Golden Tech, which is complementary to our existing offerings and supports our broader growth strategy,” said Kevin Cook, CEO of The Purple Guys, in a press release. “Shawn and Steve Massa built an outstanding company with an impressive track record of growth, a loyal client base and a tenured team with deep experience supporting the SMB community. We are very excited to partner with the Golden Tech team. We look forward to building on the company’s historical success and driving continued growth in the broader Northwest Indiana and Chicagoland markets.” Terms of the deal were not disclosed.

Red Sift acquires attack surface management provider Hardenize

October 13: Red Sift has announced its acquisition of Hardenize. The company plans to integrate Hardenize’s attack surface management (ASM) capabilities into its digital resilience solution. said Rahul Powar, CEO of Red Sift. “By acquiring Hardenize, an innovator in ASM, we extend our leading security products beyond protecting email; enabling enterprise customers to see their full attack surface, solve the issues at hand, and secure their valuable assets in an ever-evolving threat continuum,” said Rahul Powar, CEO of Red Sift, in a press release. Terms of the deal were not disclosed.

Thoma Bravo to buy ForgeRock and take the company private

October 11: Software investment firm Thoma Bravo has entered into an agreement to acquire global digital identity firm ForgeRock for $2.3 billion USD, one of the largest M&A transactions in the cybersecurity space this year. “The transaction offers a unique opportunity to create value for all of our stakeholders and is a clear validation of our team’s outstanding work and the start of an exciting new chapter for ForgeRock, our customers, and our partner ecosystem,” said ForgeRock CEO Fran Rosch in a press release. “We are confident that Thoma Bravo’s resources and insights will help us continue to drive innovation in our platform and deliver even more value for customers.”

Jamf to buy mobile detection and response vendor ZecOps

September 26: Apple enterprise management firm Jamf has signed an agreement to acquire ZecOps, Inc. Once completed, the deal will enhance the security capabilities of Jamf’s platform. “We believe ZecOps has built a differentiated solution that meets a very important need for many organizations – the ability to thoroughly detect and investigate threats that target mobile users so they can confidently use these powerful devices for work,” said Dean Hager, CEO, Jamf, in a press release. “This capability further propels our goal of continuing to bridge the gap between what Apple provides and the enterprise requires.” Terms of the deal were not disclosed.

CrowdStrike announces intent to acquire Reposify

September 20: CrowdStrike Holdings has agreed to purchase Reposify, Ltd., and its external attack surface management platform (EASM). The company expects to include the EASM technology into its Threat Intelligence product suite. “Fortifying security posture and reducing enterprise risk are top priorities for organizations. Traditional risk models take an inside-out approach, which doesn’t always account for how a threat actor may view the external attack surface. Reposify’s technology delivers an outside-in perspective of an organization’s global external risk, providing deep visibility into what connected devices are vulnerable and most likely to be targeted,” said George Kurtz, co-founder and CEO of CrowdStrike, in a press release.Terms of the deal were not disclosed.

SandboxAQ acquires encryption analysis firm Cryptosense

September 13: SandboxAQ has purchased Cryptosense, which the company expects to accelerate its deployment of its post-quantum cryptography solutions. SandboxAQ its product will provide a single 360-degree view of how encryption is used throughout the enterprise. “Rapid advances in quantum computing and AI challenge the effectiveness and performance of existing cryptography-based cybersecurity solutions. The combined leadership, talent, and expertise that SandboxAQ and Cryptosense bring to the marketplace accelerates the deployment of more effective cryptography solutions to protect the world against the security threats of today and tomorrow,” said Jack D. Hidary, CEO of SandboxAQ, in a press release. Terms of the deal were not released.

KKR completes purchase of Barracuda Networks

August 16: Investment firm KKR has completed its acquisition of cloud security firm Barracuda Networks from software investment firm Thoma Bravo. Barracuda’s customers are primarily small- and medium-sized businesses looking to protect their email, networks, applications, and data. “We’re ready to deliver on our next phase of growth with KKR and remain dedicated to investing in our team and product portfolio to provide innovative cybersecurity solutions for our customers and partners,” said Hatem Naguib, CEO of Barracuda, in a press release. “We‘re grateful to Thoma Bravo for their valuable strategic and operational support over the last four years.” Terms of the deal were not disclosed.

DNSFilter acquires firewall, VPN vendor Guardian

August 10: DNSFilter has acquired Guardian and its firewall plus VPN platform. Combined with DNSFilter’s Domain Name Service layer security, this platform will allow the firm to offer a secure web gateway (SWG). “Secure web gateway plays a critical role in modern security strategies, enabling organizations to better secure access to the service edge,” said Ken Carnesi, CEO and co-founder, DNSFilter, in a press release. “But the technology is tired – incumbents have not kept pace with the evolving threat landscape or customer needs around service and support. Combining best-in-class Domain Name System (DNS) layer security with firewall + VPN presents a massive business opportunity and alleviates the pain points customers face with legacy SWG technology.” Terms of the deal were not disclosed.

Flashpoint buys OSINT firm Echosec Systems

August 4: Actionable intelligence vendor Flashpoint has acquired Echosec Systems, which provide open-source intelligence (OSINT) for national security, public safety, and enterprise customers. “Intelligence practitioners require a converged, user-focused solution that includes insights derived from both open and closed intelligence sources,” said Flashpoint President Donald Saelinger in a press release. “Integrating Echosec’s worldwide social media collections, intuitive interface, and industry expertise into Flashpoint will deliver unparalleled value to our customers, to help them best identify and mitigate all types of risk.” Terms of the deal were not disclosed.

Thoma Bravo to buy Ping Identity

August 3: Private equity firm Thoma Bravo announced plans to buy identity and access management (IAM) provider Ping Identity for $2.8 billion. “Ping Identity’s unique capabilities and strong position in enterprise identity security make it a great platform to deliver customer outcomes, expand into new use cases and support digital transformations,” said Thoma Bravo partner Seth Boro. 

HUMAN Security and PerimeterX merge to better fight fraud, account abuse

July 27: HUMAN Security (formerly White Ops) and PerimeterX have announced that they are merging. The combined company will operate under the HUMAN brand, integrating PerimeterX’s identity and fraud detection and prevention technology into the HUMAN Defense Platform, enhancing its bot protection and anti-fraud capabilities. “Together, we will deliver on our shared purpose of disrupting the economics of cybercrime, and we will offer enhanced protection for our combined global customers with an unparalleled modern defense strategy,” said HUMAN co-founder and CEO Tamer Hassan, who will remain CEO of the combined company, in a press release.

Riskonnect buys Castellan Solutions from Resurgens

July 12: Risk management software provider Riskonnect has acquired Castellan Solutions from private equity firm Resurgens Technology Partners. Riskonnect intends to integrate Castellan’s business continuity and enterprise resilience software into its platform under the Riskonnect brand. “Integrated risk management is increasingly becoming mission-critical to all types and sizes of businesses, and Castellan’s product suite enables customers to build organizational readiness and response capabilities to minimize disruptions,” said Resurgens Managing Director Fred Sturgis in a press release. Terms of the deal were not disclosed. 

Cipherloc rebrands as SideChannel after completing acquisition

July 5: Encryption technology company Cipherloc has completed its acquisition of cybersecurity services firm SideChannel. It also announce that the combined company will be renamed SideChannel. “We are moving ahead swiftly on the integration process to take advantage of opportunities in our fast-growing addressable markets, which are expected to reach $500 billion by 2030,” said newly appointed SideChannel CEO Brian Haugli in a press release. “As a combined entity, we believe SideChannel is uniquely positioned to offer a centralized solution tailored to the needs of the middle market. Our clients can secure critical cybersecurity services and software from the industry’s most experienced CISOs on a long-term basis in a manner that works for their budgets.”

Infinigate announces plan to acquire Nuvias Group’s cybersecurity and secure networking business

July 5: Infinigate, a European value-added dealer (VAD) of cybersecurity solutions, intends to acquire the cybersecurity and secure networking business of Nuvias Group. Once completed, the deal will significantly expand Infinigate’s presence across Europe, particularly in the UK, France, Benelux, and Nordics territories. Klaus Schlichtherle, CEO of Infinigate Group, said in a press release: “Infinigate will become even more relevant and powerful. We will have a stronger geographical footprint, especially in the core markets in Europe – where we will have a strong position in 18 countries. Our complementary vendor portfolios will create a huge opportunity for growth.” Terms of the deal were not disclosed.

Thrive acquires managed services provider Edge Technology Group

June 30: Thrive has acquired Edge Technology Group, expanding the IT and security managed services it provides to alternative investment managers and its geographic reach. The deal gives Thrive offices and data centers in the UK, Australia, Singapore, Hong Kong, and tthe Philippines. “Edge Technology Group is the leading financial industry MSP in the world,” said Rob Stephenson, Thrive’s CEO, in a press release. “Their talented engineering and account management teams will now have access to the Thrive Automation Platform and our 24x7x365 comprehensive suite of cybersecurity SOC services to enhance the Edge client experience.” Terms of the deal were not disclosed.

XM Cyber buys continuous controls monitoring firm Cyber Observer

June 27: Hybrid cloud security vendor XM Cyber has acquired Cyber Observer. The company will integrate Cyber Observer’s continuous controls monitoring and cloud security posture management platform into its own. “Even as awareness of cybersecurity risk continues to grow, attackers are thriving and routinely exploiting attack paths that can be used to move laterally through an enterprise network,” said Noam Erez, co-founder and CEO, XM Cyber, in a press release. “Our goal is to give security teams the ability to easily understand and correct their security posture on a continuous basis, including weaknesses, exposures and compensating security controls across the full internal and external attack surface covering on-prem, cloud and SaaS systems.” Terms of the transaction were not disclosed. 

Johnson Controls brings zero trust to connected buildings via Tempered Networks acquisition

June 23: Johnson Controls has acquired zero-trust security firm Tempered Networks. The company plans to integrate Tempered Networks’ Airwall technology into its OpenBlue smart building platform, providing a zero-trust approach to connected building systems. “When it comes to buildings, we must create easily implementable cybersecurity defenses as we’re often dealing with critical infrastructure, including assets such as data centers and hospitals,” said Vijay Sankaran, vice president and chief technology officer, Johnson Controls, in a press release. “Tempered Networks Airwall approach is purpose-built for our sector as it’s designed around principles of zero trust, securing device communications as data moves between devices and the cloud – so enabling remote building optimization in the most trusted way possible.” Terms of the deal were not disclosed.

Entrust boosts identity portfolio with Evidos acquisition

June 8: Entrust has acquired Evidos and its cloud-based electronic signature and identity verification solutions. The deal, the terms of which were not disclosed, reflects Entrust’s objective to become a leader in trusted electronic signatures. “Security empowers enterprises to transform with confidence. Digital life demands that organizations provide trusted digital-first transactions, from opening bank accounts to applying for government services. Our intention at Entrust is to be a global player in digital signature solutions, built on a platform of security and trust.” said Todd Wilkinson, CEO of Entrust, in a press release.

IBM Security announces plan to buy Randori

June 6: IBM Security has announced its intent to acquire attack surface management  (ASM) vendor Randori. When completed, the acquisition is expected to enhance IBM Security’s hybrid cloud strategy and AI-powered product and service portfolio. The company plans to integrate Randori’s ASM software into its QRadar extended detection and response product. “We started Randori to ensure every organization has access to the attacker’s perspective,” said Brian Hazzard, Randori co-founder and CEO, in a press release. “… By joining forces with IBM, we can greatly accelerate this vision and strategy – leveraging IBM’s deep expertise in AI, threat intelligence, offensive security and global reach.” Terms of the deal were not disclosed.

Forescout to acquire threat detection and response firm Cysiv

June 6: Security automation vendor Forescout has signed an agreement to acquire Cysiv. The company plans to use Cysiv’s cloud-based threat detection engine to automatically analyze asset and network communications data that Forescout’s platform collects. “Upon close, the acquisition will help our customers leverage actionable threat intelligence from comprehensive data collected by Forescout and analyzed by Cysiv,” said Wael Mohamed, CEO of Forescout, in a press release. “We will receive far more than just great technology in this acquisition. The Cysiv team is exceptional, and our two organizations are highly complementary.” Terms of the deal were not disclosed.

ReliaQuest to purchase threat intelligence firm Digital Shadows

June 1: Cloud-native security operations firm Reliaquest has agreed to acquire Digital Shadows for $160 million. The company plans to add Digital Shadows’ risk and threat intelligence technology into its GreyMatter security operations platform once the deal is complete. “Combining the internal visibility provided by ReliaQuest with the external threat intelligence and digital risk monitoring brought by Digital Shadows creates an end-to-end picture for enterprises around the world,” said Alastair Paterson, co-founder and CEO at Digital Shadows, in a press release. “The complementary technical capability, shared cultural values, and geographic synergies offered by the combined companies make this a great opportunity for our customers and our partners.”

Encryption firm Cipherloc agrees to acquire SideChannel

May 18: Cipherloc, known for its encryption technology, has entered into an agreement to purchase SideChannel, Inc. Once completed, the deal would add virtual CISO services to Cipherloc’s portfolio. “We anticipate that this acquisition will empower us to fulfill our mutual ambitions to improve and simplify cybersecurity for emerging and middle market companies,” said SideChannel CEO Brian Haugli in a press release. “… SideChannel’s vCISO platform offers best-in-class solutions for companies traditionally underserved by the big players. We believe this business combination will further enable these customers to receive the highest level of vCISO services coupled with software solutions tailored to their unique needs and budgets.”

Thales to acquire two European cybersecurity companies

May 17: Thales has signed an agreement with Sonae Investment Management to acquire S21sec and Excellium, two Europe-based cybersecurity companies operating under holding company Maxive Cybersecurity. The €120 million deal, once completed, will strengthen Thales’s presence in Spain, Portugal, Luxembourg and Belgium. “…the acquisition of S21sec and Excellium consolidates our leadership in cybersecurity consulting and managed services. We are delighted to welcome the S21sec and Excellium expert teams as part of our fast-growing cybersecurity teams,” said Marc Darmon, Thales executive vice president, Secure Communications and Information Systems, in a press release.

Magnet Forensics acquires Comae Technologies’ assets

May 5: Magnet Forensics, which sells forensics tools to help law enforcement and government organizations to investigate cybercrime, has purchased the assets of UAE-based Comae Technologies. The company plans to continue development of Comae’s cloud-based memory analysis platform and incorporate the technology into its solutions. “My team and I are thrilled to be continuing our work alongside the team at Magnet Forensics, where the incident response technology can help protect thousands of enterprises and communities from cybercrime,” said Comae founder Mat Suiche in a blog post. Terms of the deal were not disclosed.

Vector Capital now the majority owner of WatchGuard Technologies

April 27: Private equity firm Vector Capital has acquired a majority stake in WatchGuard technologies, which offers network security and intelligence, advanced endpoint protection, multi-factor authentication (MFA), and secure Wi-Fi solutions. “Vector firmly believes in WatchGuard’s portfolio, partners, employees, and vision. This transaction is a testament to WatchGuard’s current success and the opportunity ahead,” said WatchGuard CEO Prakash Panjwani in a press release. “We believe Vector is well positioned to further accelerate WatchGuard’s growth strategy while preserving our company culture and commitment to security delivery through the MSP community.” Terms of the transaction were not disclosed.

Synopsys agrees to acquire application software SaaS vendor WhiteHat Security

April 27: Synopsys, a provider of electronic design automation services and seminconductor IP, has entered an agreement to purchase WhiteHat Security for $330 million. The company will become part of Synopsys’s Software Integrity Group, adding SaaS-based security testing solutions to its security software portfolio. “WhiteHat Security’s DAST capabilities complement our strengths in static analysis, interactive analysis and software composition analysis, while their expertise in SaaS will accelerate our security testing SaaS capabilities,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group, in a press release.

OneIDLab and Tozny merge to form Tozny, Inc.

April 19: OneIDLab and Tozny are now one company, Tozny, Inc. The merger combines Tozny’s integrated identity and access management (IAM), privileged access management (PAM), key management, and data encryption solutions with OneIDLab’s secure remote access and decentralized identity token solutions. “Our customers are increasingly asking for a risk informed integrated solution that doesn’t require a wholesale change in their IT infrastructure. Our integrated platform works with existing applications, and makes it much simpler for our customers to adopt and maintain a zero-trust posture that includes people, devices, applications and services,” said Jonathan DeHart, co-founder and CEO of Tozny, Inc., in a press release.

Investment firm Thoma Bravo to acquire identity security firm Sailpoint for $6.9 billion

April 11: Sailpoint has entered into an agreement to be acquired by software investment firm Thoma Bravo. Once the deal is finalized, Sailpoint will become a privately held company. “Identity security is core to cyber security and businesses have realized that to fuel business growth and success, they must start with identity as the foundation for secure business transformation. We’ve experienced rapid growth and see a tremendous opportunity ahead of us to continue to set the pace in the identity security market as the category leader,” said Mark McClain, Sailpoint’s CEO and founder, in a press release

April 11: Digital identity vendor Imprivata has purchased SecureLink and its access management and patient privacy monitoring capabilities. The acquisition will allow Imprivata to provide what it claims is the only single vendor platform to manage and secure all enterprise and third-party digital identities. “The importance of protecting digital identities has never been greater. The combined organization creates a holistic set of capabilities that enable the secure and efficient use of digital identities, while providing visibility and control of how they are used,” Patrick Tickle, CEO of SecureLink, said in a press release. Terms of the deal were not released.

London Stock Exchange Group to acquire Global Data Consortium

April 5: The London Stock Exchange Group (LSEG) has agreed to acquire Global Data Consortium (GDC), a provider of identity verification data. LSEG currently uses GDC’s data to support know-your-customer (KYC) requirement. GDC will be part of LSEG’s Data and Analytics division.  The acquisition of GDC, combined with our existing capabilities from GIACT and Qual-ID, will enable customers to verify digital identity and protect against fraud globally with a suite of real-time, accurate solutions,” said Phil Cotter, group head of customer and third-party risk solutions at LSEG, in a press release. Terms of the deal were not disclosed. 

European distributor Nuvias Group buys Netsafe

April 4: Nuvias Group has acquired Netsafe, a cybersecurity and networking distributor group, to expand its operations in Eastern Europe, specifically in Romania, Croatia, Slovenia and Bulgaria. “Nuvias sees significant promise and opportunity in the Eastern European market. With Netsafe we have a platform for considerable growth in this region. We have a very strong match in our philosophy and approach to specialist value-added distribution, making for a solid base for accelerated growth”, commented Simon England, CEO of the Nuvias Group, in a press release. Netsafe will continue to operate under its own brand. Terms of the sale were not released.

Perception Point adds web security with Hysolate acquisition

March 30: Email and cloud collaboration channel security firm Perception Point has purchased Hysolate and its web isolation platform. The combined companies will be able to offer protection against content-based attacks through isolation, detection, and remediation. “Coupling Hysolate’s innovative isolation technology and endpoint management capabilities with Perception Point’s proven prevention and remediation solution transforms Perception Point into a one-stop-shop for all content-based attacks, delivering significant added value to our rapidly growing customer base,” said Perception Point CEO Yoram Salinger in a press release. Terms of the deal were not disclosed.

Mitek buys KYC vendor HooYu 

March 23: Digital identity verification and fraud prevention firm Mitek has acquired HooYu, a UK-based provider of know-your-customer (KYC) technology, for £98 million. The company plans to integrate HooYu’s technology into its own platform. “Having a single platform that easily orchestrates and configures a KYC journey to manage identities and identify bad actors is becoming a prerequisite for any business transacting digitally,” said HooYu CEO Keith Marsden in a press release. “Bringing together Mitek’s lead in identity, liveness and biometrics, with our orchestration, configuration and journey services simplifies identity management for financial institutions.” 

SentinelOne agrees to acquire Attivo Networks

March 15: SentinelOne has agreed to purchase identity security and lateral movement protection company Attivo Networks for $616.5 million. The company plans to use Attivo’s technology to expand its Singularity XDR platform to allow detection and response to identity-based threats. “The shift to hybrid work and increased cloud adoption has established identity as the new perimeter, highlighting the importance of visibility into user activity. Identity threat detection and response (ITDR) is the missing link in holistic XDR and zero trust strategies,” said Nicholas Warner, COO, SentinelOne, in a press release. “Our Attivo acquisition is a natural platform progression for protecting organizations from threats at every stage of the attack lifecycle.

Cengage Group completes purchase of Infosec

March 1: Cengage Group has finalized its acquisition of cybersecurity education and training firm Infosec. The company’s offerings will become part of Cengage’s Workforce Skills business. “As demand for workforce skills training explodes, together we’ll be better positioned to deliver quality online learning for cybersecurity and other growing fields wherever students need – through academic institutions, employers or direct to consumer. With our ability to scale training across channels, we will help millions of learners gain the skills needed to move up in their careers and help close the cybersecurity skills gap,” said Cengage CEO Michael E. Hansen in a press release. Terms of the sale were not disclosed.

Cloudflare to enhance zero-trust capabilities with Area 1 purchase

February 23: Internet security firm Cloudflare has announced its intent to acquire Area 1 Security and its cloud-native anti-phishing technology. The $162 million deal is expected to not only extend Cloudflare’s Advanced Email Security Suite, but also better position the company to deliver zero-trust solutions. “Email is the largest cyberattack vector on the internet, which makes integrated email security critical to any true zero-trust network. That’s why today we’re welcoming Area 1 Security to help make Cloudflare’s platform the clear leader in zero trust,” said Matthew Prince, co-founder and CEO of Cloudflare, in a press release.

Snyk enters cloud security market with Fugue acquisition

February 17: Developer security vendor Snyk has acquired Fugue and its cloud security and compliance products. The move gives Snyk a foothold in the cloud security market. The company plans to use Fugue’s capabilities to extend the Snyk Developer Security Platform. “Together, we’ll collectively reimagine what cloud security can and should look like for today’s modern DevSecOps teams, ensuring more secure innovation can flourish worldwide,” said Snyk CEO Peter McKay in a press release. Terms of the deal were not released.

WhiteSource buys two SAST companies

February 15: WhiteSource, a provider of software composition analysis tools, has enhanced its static application security testing (SAST) capabilities with the acquisition of two companies: Xanitizer and DefenseCode. Xanitizer offers SAST detection technologies and DefenseCode offers SAST capabilities with support for multiple languages. Both companies will be folded into WhiteSource. Terms of the deals were not released.

Belden divests itself of Tripwire

February 9: Networking solutions provider Belden has announced an agreement to divest its Tripwire cybersecurity business for $350 million to HelpSystems. Belden paid $710 million for Tripware in 2015. Belden will act as Tripwire’s exclusive reseller of its industrial security solutions. “This is an important transaction that will enable Belden and Tripwire to more effectively execute their strategic growth plans,” said Belden CEO Roel Vestjens in a press release.

Tenable to acquire Cymptom

February 1: Tenable Holdings has announced its intent to acquire Cymptom, known for its attack path management technology. Once the deal closes during Q1 2020, Tenable plans to integrate Cymptom’s agentless platform into its threat and vulnerability data. “Risk prioritization has become a cornerstone of modern cybersecurity. By correlating software vulnerabilities and misconfigurations with network and access data, Cymptom can immediately identify exploitable attack and breach pathways,” said Nico Popp, Tenable’s chief product officer, in a press release. “Following closing of the deal, these compelling analytics will be integrated into Tenable.ep, Tenable’s Exposure Platform, and augment the prioritization, benchmarking, trending and other capabilities which are part of Lumin and available via Tenable.ep.” Terms of the deal were not disclosed.

Forescout expands healthcare security offerings with CyberMDX buy

February 1: Forescout Technologies, known for its active defense IoT and operational technology (OT) products, has acquired healthcare cybersecurity vendor CyberMDX. The purchase allows Forescout to expand its internet of medical things (IoMT) capabilities. “Cybersecurity for IoMT, much like cybersecurity for OT devices, requires specific expertise and technologies. We are pleased to have the CyberMDX team join Forescout as we continue delivering new capabilities on our market-leading platform and grow our R&D center,” said Forescout CEO Wael Mohamed in a press release. Terms of the deal were not released.

Datto acquires EDR vendor Infocyte

January 20: Datto Holding, which provides cloud-based software and security solutions for managed service providers, has announced its purchase of Infocyte. The company plans to integrate Infocyte’s endpoint protection and response (EDR) into its own offerings. “The addition of the Infocyte team and technologies augments our capabilities within the critical protect, detect and respond stages outlined in the NIST organizational security framework,” said Tim Weller, CEO of Datto, in a press release. “Infocyte’s offerings are complementary to Datto RMM Ransomware Detection and SaaS Defense application security products in those same NIST stages.” Terms of the sale were not released.

Threat intelligence firm Flashpoint buys Risk Based Security

January 12: Flashpoint has announced its acquisition of Risk Based Security (RBS), which offers vulnerability and data breach intelligence services. Flashpoint plans to integrate RBS’s knowledgebase and technology into its platform. “This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues,” said Flashpoint CEO Josh Lefkowitz in a press release. “This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Terms of the sale were not released.

Cerberus Cyber Sentinel acquires True Digital Security

January 5: Cybersecurity consultancy and managed service provider Cerberus Cyber Sentinel has purchased True Digital Security. That company, which provides cybersecurity operations and compliance services, will continue to operate as a wholly owned subsidiary of Cerberus. “True Digital is an exceptional cultural fit for the Cerberus family of companies. Together we will keep businesses safe as their managed compliance and cybersecurity, plus culture, provider (MCCP+),” said David Jemmett, CEO and founder of Cerberus Sentinel, in a press release. “This acquisition expands and complements our team of deeply experienced cybersecurity professionals and executives, bringing our clients best-of-breed technology, proven processes, and people.” Terms of the deal were not disclosed.

Recorded Future buys SecurityTrails

January 5: Security intelligence firm Recorded Future has acquired SecurityTrails, which is known for its attack surface monitoring technology, for $65 million. The company expects to enhance its threat landscape visibility tools by leveraging SecurityTrails technology to provide more insight to customers’ attack surface and shadow infrastructure. “By combining Recorded Future’s unsurpassed Intelligence Platform with SecurityTrails’ unrivaled view into an organization’s attack surface, we make life miserable for the adversary,” said Dr. Christopher Ahlberg, CEO and co-founder, Recorded Future, in a press release.

Corvus Insurance enters UK and other markets with Tarian Underwriting acquisition

January 5: U.S.-based commercial insurance provider has purchased Tarian Underwriting. Based in London, UK, Tarian is a cyber underwriting platform with a presence in the UK, U.S., Canada, Middle East and Australia. “By bringing Tarian into the Corvus fold, we are expanding our international footprint into Europe, Africa and Australia with an experienced and proven team of underwriters,” said Corvus founder and CEO Phil Edmundson in a press release. Terms of the deal were not disclosed.

Google Cloud acquires SOAR vendor Siemplify

January 4: Google Cloud announced that it has purchased Siemplify and its SOAR technology. The company plans to add Siemplify’s tools into its Chronicle security suite. “We plan to invest in SOAR capabilities with Siemplify’s cloud services as our foundation and the team’s talent leading the way. Our intention is to integrate Siemplify’s capabilities into Chronicle in ways that help enterprises modernize and automate their security operations,” said Sunil Potti, vice president and general manager for Google Cloud Security, in a blog post. Terms of the deal were not released.