The variety of cybersecurity mergers and acquisitions offers in 2021 set a report tempo. The primary three quarters of the yr noticed 151 transactions within the trade, in keeping with 451 Analysis. That’s up from 94 for a similar interval in 2020. That development is prone to proceed in 2022.
Most of the 2021 transactions CSO reported have been within the identification and cloud safety markets, particularly towards the tip of the yr. This development is prone to proceed as these markets consolidate.
In all markets, bigger corporations need to broaden their capabilities. Recorded Future’s acquisition of SecurityTrails is an early 2022 instance, because it provides assault floor monitoring expertise to Recorded Future’s choices.
Final yr noticed some corporations that aren’t primarily within the cybersecurity market purchase safety corporations to higher defend their information and clients. In November 2021, international retailer Schwarz Group purchased cloud safety agency XM Cyber to reinforce the safety of its digital choices. That is prone to proceed into 2022, as evidenced by Google Cloud’s acquisition of Siemplify. Google Cloud already provides a collection of safety instruments to its cloud platform clients. Siemplify enhances offers it enhanced safety orchestration, automation and response (SOAR) capabilities.
Beneath are the offers that CSO has chosen as essentially the most vital of the yr. (This listing is up to date periodically as new offers are introduced.)
Proofpoint agrees to buy Illusive
December 12: Proofpoint, Inc., has entered into an agreemant to accumulate identification risk detection and response (ITDR) agency Illusive. The deal is predicted to shut in January 2023, after which the corporate will combine Illusive’s expertise into its data safety platforms. “It’s at the moment far too simple for an attacker to show one compromised identification into an organization-wide ransomware incident or information breach,” mentioned Ryan Kalember, Proofpoint’s government vice chairman, cybersecurity technique, in a press release. “The acquisition of Illusive reinforces Proofpoint’s dedication to innovation and progress, bringing market-defining expertise to make risk actors’ jobs as troublesome as attainable.” Phrases of the deal weren’t disclosed.
Veracode acquires DAST instrument Crashtest Safety
December 12: Veracode now owns the dynamic software safety testing (DAST) toold Crashtest Safety. The corporate intends so as to add the instrument to its Steady Software program Safety Platform. “Our clients have by no means been below better strain to safe their internet purposes in response to heightened danger,” mentioned Veracode Chief Product Officer Brian Roche in a press release. “They search simple-to-use merchandise that may be onboarded shortly and seamlessly. The Crashtest Safety product provides simply the answer—it’s a extremely modern DAST instrument and already has deep roots within the European market. This acquisition helps the rising demand for run-time scanning and permits clients to shortly and simply expertise the newest developments in DAST.” Phrases of the deal weren’t introduced.
Safety On-Demand merges with Booz Allen Hamilton Managed Menace Providers
December 8: Safety On-Demand has acquired Booz Allen Hamilton’s Managed Menace Providers (MTS) enterprise. The mixed firm will function below the DeepSeas model and supply cyber risk detection and incident response providers. “I’m excited in regards to the distinctive capabilities this mixed staff of specialists brings to the market, in addition to our plans to scale in a measured and significant means. We have now the flexibility to ship a deep, scalable cybersecurity platform along with the abilities to assist shoppers customise their safety packages,” mentioned Chris Esemplare, CEO of DeepSeas, in a press release. Phrases of the deal weren’t disclosed.
AlgoSec acquires CNAPP vendor Prevasio
December 6: AlgoSec has acquired Prevasio and its SaaS cloud-native software safety platform (CNAPP), which incorporates an agentless cloud safety posture administration platform (CSPM). Prevasio intend to supply the Prevasio platform as a standalone product. “Purposes are the lifeblood of organizations. As such, our clients have an pressing must successfully safe the connectivity of these purposes throughout cloud and hybrid estates to keep away from disagreeable surprises. With Prevasio, organizations can now confidently safe their cloud-native purposes to extend organizational agility and harden safety posture,” mentioned Yuval Baron, AlgoSec CEO, in a press release. Phrases of the deal weren’t disclosed.
Palo Alto Networks to purchase software program provide chain safety agency Cider Safety
November 17: Palo Alto Networks has entered into an settlement to accumulate Cider Safety and its software safety and software program provide chain safety expertise for $195 million USD. The corporate expects the acquisition to assist allow Palo Alto’s Prisma Cloud platform and its method to securing the complete software safety lifecycle. “Any group utilizing public cloud has an software infrastructure with lots of of instruments and purposes that may entry their code and but, they’ve restricted visibility to their configuration or if they’re secured,” mentioned Lee Klarich, chief product officer for Palo Alto Networks, in a press release. “Cider has made it attainable to attach into infrastructure, analyze the instruments, and determine the dangers, in addition to tips on how to remediate them.”
MSSP Thrive acquires UK agency Custard Technical Providers
November 11: Thrive’s buy of Custard Technical Providers, an IT assist firm, expands the US-based agency’s presence within the UK. The acquisition additionally permits Thrive to supply its managed safety and cloud providers to Custard’s clients. “Custard is a customer-centric, no-nonsense IT assist and safety firm that has a superb observe report of offering an outstanding IT expertise to shoppers of all sizes for over twenty years,” mentioned Rob Stephenson, CEO of Thrive, in a press release. “We’re excited so as to add Custard to our ever-expanding U.Okay. operations.” Phrases of the deal weren’t disclosed.
1Password steps towards passwordless authentication with Passage buy
November 3: Password administration answer supplier 1Password has acquired Passage and its passkey passwordless authentication expertise. The corporate plans to leverage the Passage staff and its passkey expertise to roll out a complete answer for passwordless authentication within the first half of 2023. “Once I have a look at the rising curiosity in passkeys, I can’t assist asking myself: what is going to it take to make passwordless expertise flourish? How will 1Password contribute?” mentioned 1Password CEO Jeff Shiner in a blog post. “What’s modified is an rising consensus round tips on how to make that expertise obtainable to any developer, enterprise, or particular person that desires to make use of it – on any platform or gadget.” Phrases of the deal weren’t launched.
HUMAN Safety acquires clear.io to higher defend the adverstising ecosystem
November 3: HUMAN Safety, Inc., (previously White Ops) has acquired clear.io and its expertise to guard in opposition to malvertising and e-commerce fraud. HUMAN plans so as to add clear.io’s merchandise to its Human Protection Platform, broadening its capability to guard media corporations. “By teaming up with clear.io, HUMAN is gaining vital expertise with deep area experience together with elevated sign throughout the web, enhancing our collective safety capabilities for our clients throughout the complete digital ecosystem,” mentioned HUMAN co-founder and CEO Tamer Hassan in a press release. Phrases of the deal weren’t launched.
The Purple Guys purchase managed service supplier Golden Tech
October 18: Managed It providers supplier The Purple Guys has acquired Golden Tech. The deal permits the corporate to broaden its IT and cybersecurity providers throughout the Chicago and Indiana areas. “We’re thrilled to announce this extremely strategic acquisition of Golden Tech, which is complementary to our current choices and helps our broader progress technique,” mentioned Kevin Prepare dinner, CEO of The Purple Guys, in a press release. “Shawn and Steve Massa constructed an excellent firm with a formidable observe report of progress, a loyal shopper base and a tenured staff with deep expertise supporting the SMB neighborhood. We’re very excited to associate with the Golden Tech staff. We stay up for constructing on the corporate’s historic success and driving continued progress within the broader Northwest Indiana and Chicagoland markets.” Phrases of the deal weren’t disclosed.
Crimson Sift acquires assault floor administration supplier Hardenize
October 13: Crimson Sift has introduced its acquisition of Hardenize. The corporate plans to combine Hardenize’s assault floor administration (ASM) capabilities into its digital resilience answer. mentioned Rahul Powar, CEO of Crimson Sift. “By buying Hardenize, an innovator in ASM, we lengthen our main safety merchandise past defending e-mail; enabling enterprise clients to see their full assault floor, remedy the problems at hand, and safe their priceless belongings in an ever-evolving risk continuum,” mentioned Rahul Powar, CEO of Crimson Sift, in a press release. Phrases of the deal weren’t disclosed.
Thoma Bravo to purchase ForgeRock and take the corporate non-public
October 11: Software program funding agency Thoma Bravo has entered into an settlement to accumulate international digital identification agency ForgeRock for $2.3 billion USD, one of many largest M&A transactions within the cybersecurity house this yr. “The transaction provides a novel alternative to create worth for all of our stakeholders and is a transparent validation of our staff’s excellent work and the beginning of an thrilling new chapter for ForgeRock, our clients, and our associate ecosystem,” mentioned ForgeRock CEO Fran Rosch in a press release. “We’re assured that Thoma Bravo’s sources and insights will assist us proceed to drive innovation in our platform and ship much more worth for patrons.”
Jamf to purchase cellular detection and response vendor ZecOps
September 26: Apple enterprise administration agency Jamf has signed an settlement to accumulate ZecOps, Inc. As soon as accomplished, the deal will improve the safety capabilities of Jamf’s platform. “We consider ZecOps has constructed a differentiated answer that meets a vital want for a lot of organizations – the flexibility to totally detect and examine threats that concentrate on cellular customers to allow them to confidently use these highly effective units for work,” mentioned Dean Hager, CEO, Jamf, in a press release. “This functionality additional propels our aim of constant to bridge the hole between what Apple supplies and the enterprise requires.” Phrases of the deal weren’t disclosed.
CrowdStrike declares intent to accumulate Reposify
September 20: CrowdStrike Holdings has agreed to buy Reposify, Ltd., and its exterior assault floor administration platform (EASM). The corporate expects to incorporate the EASM expertise into its Menace Intelligence product suite. “Fortifying safety posture and lowering enterprise danger are high priorities for organizations. Conventional danger fashions take an inside-out method, which doesn’t at all times account for the way a risk actor could view the exterior assault floor. Reposify’s expertise delivers an outside-in perspective of a corporation’s international exterior danger, offering deep visibility into what related units are susceptible and more than likely to be focused,” mentioned George Kurtz, co-founder and CEO of CrowdStrike, in a press release.Phrases of the deal weren’t disclosed.
SandboxAQ acquires encryption evaluation agency Cryptosense
September 13: SandboxAQ has bought Cryptosense, which the corporate expects to speed up its deployment of its post-quantum cryptography options. SandboxAQ its product will present a single 360-degree view of how encryption is used all through the enterprise. “Speedy advances in quantum computing and AI problem the effectiveness and efficiency of current cryptography-based cybersecurity options. The mixed management, expertise, and experience that SandboxAQ and Cryptosense deliver to {the marketplace} accelerates the deployment of more practical cryptography options to guard the world in opposition to the safety threats of in the present day and tomorrow,” mentioned Jack D. Hidary, CEO of SandboxAQ, in a press release. Phrases of the deal weren’t launched.