The variety of cybersecurity mergers and acquisitions offers in 2021 set a document tempo. The primary three quarters of the 12 months noticed 151 transactions within the trade, in response to 451 Analysis. That’s up from 94 for a similar interval in 2020. That development is prone to proceed in 2022.
Lots of the 2021 transactions CSO reported have been within the identification and cloud safety markets, particularly towards the tip of the 12 months. This development is prone to proceed as these markets consolidate.
In all markets, bigger companies want to develop their capabilities. Recorded Future’s acquisition of SecurityTrails is an early 2022 instance, because it provides assault floor monitoring know-how to Recorded Future’s choices.
Final 12 months noticed some firms that aren’t primarily within the cybersecurity market purchase safety companies to higher defend their knowledge and clients. In November 2021, world retailer Schwarz Group purchased cloud safety agency XM Cyber to boost the safety of its digital choices. That is prone to proceed into 2022, as evidenced by Google Cloud’s acquisition of Siemplify. Google Cloud already presents a collection of safety instruments to its cloud platform clients. Siemplify enhances offers it enhanced safety orchestration, automation and response (SOAR) capabilities.
Under are the offers that CSO has chosen as essentially the most vital of the 12 months. (This checklist is up to date periodically as new offers are introduced.)
Snyk enters cloud safety market with Fugue acquisition
February 17: Developer safety vendor Snyk has acquired Fugue and its cloud safety and compliance merchandise. The transfer offers Snyk a foothold within the cloud safety market. The corporate plans to make use of Fugue’s capabilities to increase the Snyk Developer Safety Platform. “Collectively, we’ll collectively reimagine what cloud safety can and may appear like for in the present day’s trendy DevSecOps groups, guaranteeing safer innovation can flourish worldwide,” stated Snyk CEO Peter McKay in a press launch. Phrases of the deal weren’t launched.
WhiteSource buys two SAST firms
February 15: WhiteSource, a supplier of software program composition evaluation instruments, has enhanced its static utility safety testing (SAST) capabilities with the acquisition of two firms: Xanitizer and DefenseCode. Xanitizer presents SAST detection applied sciences and DefenseCode presents SAST capabilities with help for a number of languages. Each firms will probably be folded into WhiteSource. Phrases of the offers weren’t launched.
Tenable to accumulate Cymptom
February 1: Tenable Holdings has introduced its intent to accumulate Cymptom, identified for its assault path administration know-how. As soon as the deal closes throughout Q1 2020, Tenable plans to combine Cymptom’s agentless platform into its menace and vulnerability knowledge. “Threat prioritization has develop into a cornerstone of recent cybersecurity. By correlating software program vulnerabilities and misconfigurations with community and entry knowledge, Cymptom can instantly determine exploitable assault and breach pathways,” stated Nico Popp, Tenable’s chief product officer, in a press launch. “Following closing of the deal, these compelling analytics will probably be built-in into Tenable.ep, Tenable’s Publicity Platform, and increase the prioritization, benchmarking, trending and different capabilities that are a part of Lumin and accessible through Tenable.ep.” Phrases of the deal weren’t disclosed.
Forescout expands healthcare safety choices with CyberMDX purchase
February 1: Forescout Applied sciences, identified for its lively protection IoT and operational know-how (OT) merchandise, has acquired healthcare cybersecurity vendor CyberMDX. The acquisition permits Forescout to develop its web of medical issues (IoMT) capabilities. “Cybersecurity for IoMT, very similar to cybersecurity for OT units, requires particular experience and applied sciences. We’re happy to have the CyberMDX group be part of Forescout as we proceed delivering new capabilities on our market-leading platform and develop our R&D middle,” stated Forescout CEO Wael Mohamed in a press launch. Phrases of the deal weren’t launched.
Datto acquires EDR vendor Infocyte
January 20: Datto Holding, which offers cloud-based software program and safety options for managed service suppliers, has introduced its buy of Infocyte. The corporate plans to combine Infocyte’s endpoint safety and response (EDR) into its personal choices. “The addition of the Infocyte group and applied sciences augments our capabilities inside the essential defend, detect and reply phases outlined within the NIST organizational safety framework,” stated Tim Weller, CEO of Datto, in a press launch. “Infocyte’s choices are complementary to Datto RMM Ransomware Detection and SaaS Protection utility safety merchandise in those self same NIST phases.” Phrases of the sale weren’t launched.
Menace intelligence agency Flashpoint buys Threat Primarily based Safety
January 12: Flashpoint has introduced its acquisition of Threat Primarily based Safety (RBS), which presents vulnerability and knowledge breach intelligence companies. Flashpoint plans to combine RBS’s knowledgebase and know-how into its platform. “This acquisition will allow our shoppers to quickly detect essential vulnerabilities earlier than they’re broadly identified, after which automate how they prioritize and remediate these points,” stated Flashpoint CEO Josh Lefkowitz in a press launch. “This can be a recreation changer for safety groups and represents an important step in the direction of attaining Flashpoint’s imaginative and prescient of being the one vendor that enterprises can depend on to mitigate all varieties of safety dangers and defend essential belongings.” Phrases of the sale weren’t launched.
Cerberus Cyber Sentinel acquires True Digital Safety
January 5: Cybersecurity consultancy and managed service supplier Cerberus Cyber Sentinel has bought True Digital Safety. That firm, which offers cybersecurity operations and compliance companies, will proceed to function as a completely owned subsidiary of Cerberus. “True Digital is an distinctive cultural match for the Cerberus household of firms. Collectively we’ll preserve companies secure as their managed compliance and cybersecurity, plus tradition, supplier (MCCP+),” stated David Jemmett, CEO and founding father of Cerberus Sentinel, in a press launch. “This acquisition expands and enhances our group of deeply skilled cybersecurity professionals and executives, bringing our shoppers best-of-breed know-how, confirmed processes, and folks.” Phrases of the deal weren’t disclosed.
Recorded Future buys SecurityTrails
January 5: Safety intelligence agency Recorded Future has acquired SecurityTrails, which is understood for its assault floor monitoring know-how, for $65 million. The corporate expects to boost its menace panorama visibility instruments by leveraging SecurityTrails know-how to supply extra perception to clients’ assault floor and shadow infrastructure. “By combining Recorded Future’s unsurpassed Intelligence Platform with SecurityTrails’ unequalled view into a corporation’s assault floor, we make life depressing for the adversary,” stated Dr. Christopher Ahlberg, CEO and co-founder, Recorded Future, in a press launch.
Corvus Insurance coverage enters UK and different markets with Tarian Underwriting acquisition
January 5: U.S.-based business insurance coverage supplier has bought Tarian Underwriting. Primarily based in London, UK, Tarian is a cyber underwriting platform with a presence within the UK, U.S., Canada, Center East and Australia. “By bringing Tarian into the Corvus fold, we’re increasing our worldwide footprint into Europe, Africa and Australia with an skilled and confirmed group of underwriters,” stated Corvus founder and CEO Phil Edmundson in a press launch. Phrases of the deal weren’t disclosed.
Google Cloud acquires SOAR vendor Siemplify
January 4: Google Cloud introduced that it has bought Siemplify and its SOAR know-how. The corporate plans so as to add Siemplify’s instruments into its Chronicle safety suite. “We plan to put money into SOAR capabilities with Siemplify’s cloud companies as our basis and the group’s expertise main the way in which. Our intention is to combine Siemplify’s capabilities into Chronicle in ways in which assist enterprises modernize and automate their safety operations,” stated Sunil Potti, vice chairman and normal supervisor for Google Cloud Safety, in a weblog publish. Phrases of the deal weren’t launched.
Copyright © 2022 IDG Communications, Inc.