High cybersecurity M&A offers for 2022

The variety of cybersecurity mergers and acquisitions offers in 2021 set a file tempo. The primary three quarters of the yr noticed 151 transactions within the trade, in line with 451 Analysis. That’s up from 94 for a similar interval in 2020. That development is prone to proceed in 2022.

Lots of the 2021 transactions CSO reported had been within the identification and cloud safety markets, particularly towards the tip of the yr. This development is prone to proceed as these markets consolidate.

In all markets, bigger corporations want to develop their capabilities. Recorded Future’s acquisition of SecurityTrails is an early 2022 instance, because it provides assault floor monitoring know-how to Recorded Future’s choices.

Final yr noticed some corporations that aren’t primarily within the cybersecurity market purchase safety corporations to raised defend their knowledge and clients. In November 2021, international retailer Schwarz Group purchased cloud safety agency XM Cyber to boost the safety of its digital choices. That is prone to proceed into 2022, as evidenced by Google Cloud’s acquisition of Siemplify. Google Cloud already provides a collection of safety instruments to its cloud platform clients. Siemplify enhances provides it enhanced safety orchestration, automation and response (SOAR) capabilities.

Beneath are the offers that CSO has chosen as essentially the most vital of the yr. (This listing is up to date periodically as new offers are introduced.)

Proofpoint agrees to buy Illusive

December 12: Proofpoint, Inc., has entered into an agreemant to amass identification menace detection and response (ITDR) agency Illusive. The deal is predicted to shut in January 2023, after which the corporate will combine Illusive’s know-how into its data safety platforms. “It’s presently far too straightforward for an attacker to show one compromised identification into an organization-wide ransomware incident or knowledge breach,” stated Ryan Kalember, Proofpoint’s govt vp, cybersecurity technique, in a press release. “The acquisition of Illusive reinforces Proofpoint’s dedication to innovation and progress, bringing market-defining know-how to make menace actors’ jobs as troublesome as potential.” Phrases of the deal weren’t disclosed.

Veracode acquires DAST instrument Crashtest Safety

December 12: Veracode now owns the dynamic utility safety testing (DAST) toold Crashtest Safety. The corporate intends so as to add the instrument to its Steady Software program Safety Platform. “Our clients have by no means been beneath better strain to safe their net purposes in response to heightened danger,” stated Veracode Chief Product Officer Brian Roche in a press release. “They search simple-to-use merchandise that may be onboarded shortly and seamlessly. The Crashtest Safety product provides simply the answer—it’s a extremely progressive DAST instrument and already has deep roots within the European market. This acquisition helps the rising demand for run-time scanning and permits clients to shortly and simply expertise the most recent developments in DAST.” Phrases of the deal weren’t introduced.

Safety On-Demand merges with Booz Allen Hamilton Managed Risk Providers

December 8: Safety On-Demand has acquired Booz Allen Hamilton’s Managed Risk Providers (MTS) enterprise. The mixed firm will function beneath the DeepSeas model and supply cyber menace detection and incident response providers. “I’m excited in regards to the distinctive capabilities this mixed crew of consultants brings to the market, in addition to our plans to scale in a measured and significant approach. We have now the power to ship a deep, scalable cybersecurity platform along with the abilities to assist shoppers customise their safety packages,” stated Chris Esemplare, CEO of DeepSeas, in a press release. Phrases of the deal weren’t disclosed.

AlgoSec acquires CNAPP vendor Prevasio

December 6: AlgoSec has acquired Prevasio and its SaaS cloud-native utility safety platform (CNAPP), which incorporates an agentless cloud safety posture administration platform (CSPM). Prevasio intend to supply the Prevasio platform as a standalone product. “Purposes are the lifeblood of organizations. As such, our clients have an pressing have to successfully safe the connectivity of these purposes throughout cloud and hybrid estates to keep away from disagreeable surprises. With Prevasio, organizations can now confidently safe their cloud-native purposes to extend organizational agility and harden safety posture,” stated Yuval Baron, AlgoSec CEO, in a press release. Phrases of the deal weren’t disclosed.

Palo Alto Networks to purchase software program provide chain safety agency Cider Safety

November 17: Palo Alto Networks has entered into an settlement to amass Cider Safety and its utility safety and software program provide chain safety know-how for $195 million USD. The corporate expects the acquisition to assist allow Palo Alto’s Prisma Cloud platform and its method to securing your entire utility safety lifecycle. “Any group utilizing public cloud has an utility infrastructure with a whole lot of instruments and purposes that may entry their code and but, they’ve restricted visibility to their configuration or if they’re secured,” stated Lee Klarich, chief product officer for Palo Alto Networks, in a press release. “Cider has made it potential to attach into infrastructure, analyze the instruments, and determine the dangers, in addition to methods to remediate them.”

MSSP Thrive acquires UK agency Custard Technical Providers

November 11: Thrive’s buy of Custard Technical Providers, an IT help firm, expands the US-based agency’s presence within the UK. The acquisition additionally permits Thrive to supply its managed safety and cloud providers to Custard’s clients. “Custard is a customer-centric, no-nonsense IT help and safety firm that has a superb monitor file of offering an outstanding IT expertise to shoppers of all sizes for over 20 years,” stated Rob Stephenson, CEO of Thrive, in a press release. “We’re excited so as to add Custard to our ever-expanding U.Okay. operations.” Phrases of the deal weren’t disclosed.

1Password steps towards passwordless authentication with Passage buy

November 3: Password administration answer supplier 1Password has acquired Passage and its passkey passwordless authentication know-how. The corporate plans to leverage the Passage crew and its passkey know-how to roll out a complete answer for passwordless authentication within the first half of 2023. “After I take a look at the rising curiosity in passkeys, I can’t assist asking myself: what’s going to it take to make passwordless know-how flourish? How will 1Password contribute?” stated 1Password CEO Jeff Shiner in a blog post. “What’s modified is an rising consensus round methods to make that know-how obtainable to any developer, enterprise, or particular person that wishes to make use of it – on any platform or system.” Phrases of the deal weren’t launched.

HUMAN Safety acquires clear.io to raised defend the adverstising ecosystem

November 3: HUMAN Safety, Inc., (previously White Ops) has acquired clear.io and its know-how to guard towards malvertising and e-commerce fraud. HUMAN plans so as to add clear.io’s merchandise to its Human Protection Platform, broadening its skill to guard media corporations. “By teaming up with clear.io, HUMAN is gaining vital expertise with deep area experience together with elevated sign throughout the web, enhancing our collective safety capabilities for our clients throughout your entire digital ecosystem,” stated HUMAN co-founder and CEO Tamer Hassan in a press release. Phrases of the deal weren’t launched.

The Purple Guys purchase managed service supplier Golden Tech

October 18: Managed It providers supplier The Purple Guys has acquired Golden Tech. The deal permits the corporate to develop its IT and cybersecurity providers throughout the Chicago and Indiana areas. “We’re thrilled to announce this extremely strategic acquisition of Golden Tech, which is complementary to our present choices and helps our broader progress technique,” stated Kevin Cook dinner, CEO of The Purple Guys, in a press release. “Shawn and Steve Massa constructed an impressive firm with a formidable monitor file of progress, a loyal consumer base and a tenured crew with deep expertise supporting the SMB group. We’re very excited to associate with the Golden Tech crew. We look ahead to constructing on the corporate’s historic success and driving continued progress within the broader Northwest Indiana and Chicagoland markets.” Phrases of the deal weren’t disclosed.

Crimson Sift acquires assault floor administration supplier Hardenize

October 13: Crimson Sift has introduced its acquisition of Hardenize. The corporate plans to combine Hardenize’s assault floor administration (ASM) capabilities into its digital resilience answer. stated Rahul Powar, CEO of Crimson Sift. “By buying Hardenize, an innovator in ASM, we lengthen our main safety merchandise past defending electronic mail; enabling enterprise clients to see their full assault floor, resolve the problems at hand, and safe their beneficial property in an ever-evolving menace continuum,” stated Rahul Powar, CEO of Crimson Sift, in a press release. Phrases of the deal weren’t disclosed.

Thoma Bravo to purchase ForgeRock and take the corporate non-public

October 11: Software program funding agency Thoma Bravo has entered into an settlement to amass international digital identification agency ForgeRock for $2.3 billion USD, one of many largest M&A transactions within the cybersecurity area this yr. “The transaction provides a novel alternative to create worth for all of our stakeholders and is a transparent validation of our crew’s excellent work and the beginning of an thrilling new chapter for ForgeRock, our clients, and our associate ecosystem,” stated ForgeRock CEO Fran Rosch in a press release. “We’re assured that Thoma Bravo’s assets and insights will assist us proceed to drive innovation in our platform and ship much more worth for purchasers.”

Jamf to purchase cell detection and response vendor ZecOps

September 26: Apple enterprise administration agency Jamf has signed an settlement to amass ZecOps, Inc. As soon as accomplished, the deal will improve the safety capabilities of Jamf’s platform. “We imagine ZecOps has constructed a differentiated answer that meets a vital want for a lot of organizations – the power to completely detect and examine threats that concentrate on cell customers to allow them to confidently use these highly effective units for work,” stated Dean Hager, CEO, Jamf, in a press release. “This functionality additional propels our purpose of constant to bridge the hole between what Apple offers and the enterprise requires.” Phrases of the deal weren’t disclosed.

CrowdStrike pronounces intent to amass Reposify

September 20: CrowdStrike Holdings has agreed to buy Reposify, Ltd., and its exterior assault floor administration platform (EASM). The corporate expects to incorporate the EASM know-how into its Risk Intelligence product suite. “Fortifying safety posture and lowering enterprise danger are prime priorities for organizations. Conventional danger fashions take an inside-out method, which doesn’t at all times account for the way a menace actor could view the exterior assault floor. Reposify’s know-how delivers an outside-in perspective of a company’s international exterior danger, offering deep visibility into what related units are susceptible and most definitely to be focused,” stated George Kurtz, co-founder and CEO of CrowdStrike, in a press release.Phrases of the deal weren’t disclosed.

SandboxAQ acquires encryption evaluation agency Cryptosense

September 13: SandboxAQ has bought Cryptosense, which the corporate expects to speed up its deployment of its post-quantum cryptography options. SandboxAQ its product will present a single 360-degree view of how encryption is used all through the enterprise. “Speedy advances in quantum computing and AI problem the effectiveness and efficiency of present cryptography-based cybersecurity options. The mixed management, expertise, and experience that SandboxAQ and Cryptosense carry to {the marketplace} accelerates the deployment of simpler cryptography options to guard the world towards the safety threats of at this time and tomorrow,” stated Jack D. Hidary, CEO of SandboxAQ, in a press release. Phrases of the deal weren’t launched.