2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The level of activity is driven by growth in sectors such as identity management, zero trust, managed security services, DevSecOps and cloud security.
In many cases, the acquiring company sought to strengthen its position in its market—Okta’s purchase of Auth0, for example. In others, the acquisition was an entry into a new market; Lookout is now a player in the secure access service edge (SASE) market with the acquisition of CipherCloud. Some used the newly acquired company to expand product capabilities, like Palo Alto Networks boosting its Prisma Cloud platform with cloud security technology from Bridgecrew.
Below are the deals that selected as the most significant in second half of the year.
Microsoft acquires CloudKnox Security
Microsoft has enhanced its cloud security offerings with the acquisition of CloudKnox Security, a cloud infrastructure entitlement management (CIEM) provider. This is Microsoft’s second security acquisition this month (see below). With CloudKnox technology, Microsoft will be able to offer more visibility into privileged access, allowing for better enforcement of least-privilege principles.
OwnBackup acquires RevCult
Cloud data protection firm OwnBackup has acquired RevCult, a provider of SaaS security posture management (SSPM) solutions for Salesforce. Customers to be more resilient with proactive data backup, monitoring, compare and restore capabilities, many of the problems we help them recover from are preventable through the addition of proactive SSPM
XYPRO Technology acquires Workload Aware Security
XYPRO Technology has added the Workload Aware Security (WASL) product from Hewlett-Packard Enterprise, bringing security and compliance monitoring capabilities for Linux and SAP HANA environments into its security portfolio. HPE will continue to sell and distribute WASL. XYPRO will support existing WASL deployments and renewals and continue to develop the platform. Terms of the sale were not disclosed.
Check Point Software acquires Avanan
Enterprise security provider Check Point Software Technologies has acquired cloud email security company Avanan. In addition to Avanan cloud email security technology, the deal is expected to extend Check Point’s security capabilities to collaboration suites such as Teams and Slack.
HackerU acquires Cybint
Educational cybersecurity firm HackerU has bought Cybint for its SaaS-based education platform. The acquisition increases HackerU geographic reach and broadens its offerings across all security career points. The company will also rebrand as ThriveDX
Feedzai acquires Revelock
Cloud risk management platform provider Feedzai has acquired the Revelock biometric platform. The combined products will create what Feedzai claims is the world’s largest AI-based financial risk management platform
Ivanti to acquire IIoT platform
Ivanti has signed a letter of intent to acquire WIIO Group’s IIoT platform to integrate with its Wavelink supply chain software. The IIoT platform is expected to give Wavelink customers a full view of their IIoT devices and the ability to better identify and remediate security issues.
Ivanti acquires RiskSense
Ivanti’s acquisition of RiskSense allows the company to merge its own automated IT asset management and security platform with RiskSense vulnerability management and prioritization technology.
Deloitte buys aeCyberSolutions
Deloitte Risk & Financial Advisory has acquired industrial cybersecurity firm aeCyberSolutions from aeSolutions for an undisclosed fee. With the purchase, Deloitte gains frameworks, methodologies, and tools aimed at security industrial control systems and operational technology.
Akamai plans to acquire Guardicore
Akamai has signed an agreement to acquire micro-segmentation solution provider Guardicore for approximately $600 million. The company plans to integrate Guardicore’s technology into its zero-trust security portfolio
TransUnion signs agreement to Acquire Neustar
TransUnion has announced its intent to acquire identity resolution company Neustar for $3.1 billion. The company expects the deal to expand its digital identity capabilities in digital marketing and identity fraud areas.
FireMon acquires DisruptOps
Network security policy management vendor FireMon acquisition of DisruptOps adds cloud security operations capabilities to its solutions. FireMon expects to bring to its customers the ability to monitor and respond to security risks across the public cloud infrastructure. not disclosed.
LogPoint intent to acquire SecBI
LogPoint has entered into an agreement to acquire SecBI, known for its automated threat detection and response capabilities. The company plans to integrate SecBI SOAR and EDR platform into its own solutions.
One Identity acquires OneLogin
Identity security provider One Identity has acquired identity access management (IAM) vendor OneLogin for an undisclosed sum. The company plans to combine OneLogin’s technology with its Unified Identity Security Platform to provide enhanced IAM, privileged access management (PAM), identity governance and administration, and Active Directory management and security.
Schwarz Group acquires stake in XM Cyber
Schwarz Group, the fourth-largest retailer worldwide, continues its efforts to establish itself in the cloud computing market with the majority stake acquisition of hybrid cloud security firm XM Cyber.
GB Group intent to acquire Acuant
GB Group (GBG) has reached an agreement to purchase Acuant, a provider of identity verification and KYC/AML compliance products, for $736 million. The move is expected to accelerate UK-based GBG’s global rollout of its identity and fraud solutions.
Sift acquires Keyless
Digital trust and safety company Sift has acquired Keyless and its passwordless and multi-factor authentication technology. The company plans to sell Keyless products to regulated businesses and online retailers
IBM intent to ReaQta
IBM Security has reached an agreement to acquire ReaQta to expand its threat detection and response capabilities. ReaQta’s AI-based endpoint security products automatically identify and manage threats.
ZeroFox to acquire IDX
Cybersecurity SaaS vendor ZeroFox has entered into an agreement with digital privacy protection firm IDX and L&F Acquisition, a special purpose acquisition company (SPAC) for a business publication that will allow ZeroFox to become a publicly traded company. Its estimated market valuation would be $1.4 billion. External cybersecurity must be a top three priority and part of the critical security tech stack for chief information security officers because perimeter firewalls and internal endpoint agents alone are not enough to protect company assets and customers.
Brillio strengthens acquires Cedrus Digital
Digital technology consulting firm Brillio has acquired Cedrus Digital, a cloud consultancy with cloud security and DevSecOps capabilities. As companies continue to accelerate and scale their digital ambitions, they increasingly need proven expertise with industry-specific domain experience. Acquiring Cedrus Digital is a tremendous opportunity to deepen Brillio’s onshore capabilities in cloud native engineering, cognitive process automation, and cloud security.
Claroty to acquire Medigate
Claroty looks to solidify its presence in what it calls the extended internet of things (XIoT) security market with the planned acquisition of Medigate and its dedicated healthcare IoT security platform. By combining Claroty and Medigate’s deep domain expertise and specialized technologies into a single platform, we will take a giant leap forward on our mission to secure the ever-expanding universe of XIoT for every connected organization