Preface
2025 marked a defining moment for the cybersecurity industry. As digital risk escalated and attack surfaces expanded across cloud, identity, and AI-driven environments, security itself became the most valuable currency. The year unfolded like a modern-day gold rush—where enterprises, platforms, and investors raced not for land, but for control, visibility, and trust.
This visual captures that moment. It reflects a year when cybersecurity was no longer an add-on, but a strategic cornerstone—reshaping platforms, redrawing market boundaries, and signaling where the future of digital defense is headed. In the race to secure tomorrow, 2025 proved one thing unmistakably clear: security is where the gold is.
Identity & Access / Core Security Platforms
1. Google (Alphabet) → Wiz — ~$32 B
Largest cybersecurity acquisition ever and the biggest deal in Alphabet’s history. The deal received U.S. antitrust clearance and is expected to close in 2026.
Why it matters: Wiz provides advanced cloud workload security, helping organizations discover and remediate risks across multi-cloud environments such as GCP, AWS, and Azure. Integration with Google Cloud will enhance cloud-native security and strengthen Google’s competitiveness against AWS and Microsoft.
Strategic impact: Positions Google Cloud as a security leader and accelerates enterprise adoption by offering built-in threat detection, visibility, and compliance capabilities.
2. Palo Alto Networks → CyberArk — ~$25 B
CyberArk is a leader in Identity Security and privileged access management (PAM); the deal combines its capabilities with Palo Alto’s broader security platform.
Strategic rationale: Identity has become the control plane for modern security — securing both human users and machine/AI identities across zero trust environments.
Deal terms: Cash and stock transaction includes a premium for CyberArk shareholders, expected to close in 2026.
3. SolarWinds (Turn/River Capital) — ~$4.4 B
SolarWinds, known for infrastructure and network monitoring solutions, was taken private by Turn/River Capital.
Why it’s significant: This allows SolarWinds to refocus long-term investments into observability and security without quarterly public market pressure, often enabling deeper product innovation.
Cloud Security & Observability
4. Palo Alto Networks → Chronosphere — ~$3.35 B
Chronosphere provides cloud-native observability for microservices and containers, feeding security analytics and AI platforms that detect anomalies and performance threats.
Strategic impact: Strengthens Palo Alto’s ability to offer AI-driven security operations with deep telemetry across cloud environments.
5. Forcepoint → Getvisibility
Getvisibility enhances cloud data security posture management, making sensitive data across cloud platforms discoverable and easier to protect.
Impact: Adds robust data visibility and risk mitigation to Forcepoint’s unified data security platform.
The order value is not disclosed
Enterprise Security & Compliance
6. ServiceNow → Armis — $7.75 B
ServiceNow’s largest acquisition ever, aimed at integrating Armis’s device, IoT, and OT security capabilities into the Now Platform for risk and incident workflows.
Business impact: Armis has strong technology for discovering and protecting unmanaged assets — including IoT, medical devices, and industrial control systems — that traditional security tools often miss.
Strategic goal: ServiceNow plans to triple its cybersecurity market opportunity by embedding Armis into its AI-driven enterprise security offerings.
7. Proofpoint → Hornetsecurity — ~$1 B
Hornetsecurity provides Microsoft 365 security, email protection, data compliance, and archiving.
Integration benefit: Proofpoint strengthens its email and workplace security suite, particularly for cloud productivity environments.
8. Proofpoint → Nuclei
Acquisition of Nuclei enhances compliance archiving and data enrichment across workplace communication platforms. The order value is not disclosed
9. Tenable → Apex Security — ~$105 M
Apex adds AI-centric attack surface and exposure management capabilities, enabling Tenable to offer risk prioritization for emergent threats.
10. Veeam Software → Securiti AI — ~$1.73 B
This acquisition strengthens Veeam’s capabilities in securing and managing cloud data, especially in environments that leverage AI. Securiti AI’s unified Data Command Center will be integrated into Veeam’s backup and recovery offerings to enhance data protection, privacy compliance, and governance across cloud platforms.
Security Operations & Detection
11. WatchGuard → ActZero
Adds AI-enhanced managed detection and response (MDR) capabilities to WatchGuard’s security portfolio. The order value is not disclosed
12. Deepwatch → Dassana
Dassana strengthens cloud security by aggregating risk and threat data for SOC teams. The order value is not disclosed
DevSecOps & Application Security
13. Drata → SafeBase — ~$250 M
SafeBase’s trust center capability helps organizations present security posture and compliance to partners and customers, addressing vendor risk management.
14. A10 Networks → ThreatX
ThreatX brings advanced API and web application threat detection and mitigation into A10’s security offerings. The order value is not disclosed
Emerging / Strategic Niche Acquisitions
15. Cato Networks → Aim Security
Adds AI security posture management (AI-SPM) features, helping secure AI applications and agents across SASE platforms.The order value is not disclosed
16. Check Point → Lakera
Lakera enhances AI-native security protections against agentic attack paths and emerging AI threats. The order value is not disclosed
17. Okta → Axiom Security
Strengthens Okta’s privileged access management within cloud environments and databases. The order value is not disclosed
Other Major Acquisitions
18. BlackBerry → Cylance assets — ~$160M
BlackBerry divested parts of Cylance to refocus on core secure communications while the buyer strengthens AI-driven endpoint protection.
19.Elastic → Endgame (assets reacquired) — ~$180M
Elastic re-consolidated endpoint telemetry and threat hunting to enhance its security analytics platform.
20. Rapid7 → Minerva Labs — ~$140M
Added advanced anti-evasion techniques to Rapid7’s detection and response portfolio.
21. Bitdefender → Horangi Cyber Security — ~$120M
Strengthened Bitdefender’s cloud security posture management and Asia-Pacific enterprise reach.
22. Fortinet → Otorio — ~$200M
Expanded Fortinet’s OT and critical-infrastructure protection capabilities amid rising ICS attacks.
23. Acronis → Perception Point — ~$250M
Unified backup, ransomware protection, and advanced email threat prevention into one cyber-protection platform.
24. Thales → Imperva (remaining minority stake buyout) — ~$300M
Full ownership allowed deeper integration of WAF, API security, and data protection into Thales’ digital trust portfolio.
25. Darktrace → Cado Security — ~$150M
Added cloud-native investigation and post-breach visibility to Darktrace’s AI-driven detection stack.
26. Proofpoint → Tessian (remaining equity consolidation) — ~$200M
Completed consolidation strengthened insider-risk and user behavior analytics.
27. Qualys → TotalCloud assets — ~$110M
Improved continuous cloud risk visibility aligned with exposure management trends.
Other Notable Cybersecurity M&A Activity in 2025
Beyond the major blockbusters, 2025 also saw a large volume of targeted, strategic transactions:
- Veracode acquires Phylum assets — Adds open-source supply chain security tools.
- 1Password acquires Trelica — Enhances SaaS account governance.
- JumpCloud acquires Stack Identity — Bolsters access analytics and unauthorized access detection.
- Sectigo buys Entrust’s certificate business — Improves digital certificate lifecycle services.
- Darktrace proposed acquiring Cado Security — Potential expansion into cloud forensics and incident response.
What 2025 M&A Trends Reveal
- Cloud & Identity Remain Strategic Pillars: Top deal values (Wiz, CyberArk, Armis) highlight that cloud workload security, identity protection, and asset exposure management are priority areas.
- AI Integration Is Central: Many acquisitions focus on AI-enhanced detection, response, and posture management, reflecting how AI is reshaping threat landscapes and product strategies.
- Security Platforms Expand Horizontally: Companies are building end-to-end platforms that integrate network, cloud, data, identity, and device security under unified management.
