Table of Contents
I'm back in the US after a nice family holiday in the UK!
While in the UK, I saw a few small English countryside towns, learned to drive on the left side of the road through rolling hills and crazy narrow roads, and saw my fair share of pubs and UK beers.
Plus sheep, there was a lot of sheep. 🐑 A good time was had by all.
Speaking of 🍺, it seems the cybersecurity company acquisition space is all about one-upping. Google acquires Mandiant for $5.4B? Thoma Bravo, KKR, and Kaseya (yes, that Kaseya) said "hold my beer" with their own mega acquisitions.
Let's dive in.
4 question survey: https://forms.gle/TemXaSqkuXc9c6gc7
- 18 companies raised $524.5M across 14 unique product categories
- 7 companies were acquired or had a merger event for $17.1B
🧩 By Product Category
- $215.0M for Managed Detection and Response (MDR)
- $120.0M for SaaS Security
- $65.0M for Identity and Access Management (IAM)
- $42.0M for Secure Remote Access
- $33.0M for Data Protection
- $24.0M for Penetration Testing
- $10.5M for Privileged Access Management (PAM)
- $6.0M for Extended Detection and Response (XDR)
- $5.0M for Fraud Protection
- $4.0M for Cyber Insurance
- An undisclosed amount for Security Awareness
- An undisclosed amount for Professional Services
- An undisclosed amount for Privacy
- An undisclosed amount for Network Security
🏢 By Company
- Critical Start, a managed detection and response (MDR) platform, raised a $215.0M Private Equity Round from Vista Equity Partners.
- Obsidian Security, a SaaS security posture management (SSPM) platform, raised a $90.0M Series C from Menlo Ventures, Innovation Valley Partners, and Greylock.
- Silverfort, an agentless authentication and identity verification platform, raised a $65.0M Series C from Greenfield Partners.
- Twingate, a secure remote access platform, raised a $42.0M Series B from 8VC.
- DoControl, a data access monitoring, orchestration, and remediation platform for SaaS applications, raised a $30.0M Series B from Insight Partners.
- Prelude, an automated red team tool, raised a $24.0M Series A from Sequoia Capital.
- Sentra, a cloud data security platform, raised a $23.0M Seed from Bessemer Venture Partners.
- Securden, a Windows privileged access management (PAM) platform, raised a $10.5M Series A from Tiger Global Management.
- 666 Encryption, the self-proclaimed "world's most advanced" encryption platform, raised a $10.0M Seed.
- Blueshift Cybersecurity, an extended detection and response (XDR) company, raised a $6.0M Seed from CyberJunction and WestWave Capital.
- VerifyMe, an identity verification and fraud protection platform, raised a $5.0M Post-IPO Equity round.
- Surance.io, a threat monitoring platform for cyber insurance companies, raised a $4.0M Series A from Tech Mahindra.
- ANKKI, a data security governance company, raised an undisclosed Venture Round from Qi An Xin.
- HacWare, an email security awareness platform leveraging AI, raised an undisclosed Seed from Elevate Capital.
- Imprivata, a single sign-on platform for sensitive health data, raised an undisclosed Private Equity Round from Thoma Bravo.
- infiniDome, a platform for protecting drones, vehicles, and critical infrastructure from jamming attacks, raised an undisclosed Series B from Honeywell Venture Capital, Nextgear Ventures, and VentureIsrael.
- Ingeek, a cybersecurity consulting firm, raised an undisclosed Series B from PICC Capital Investment Management.
- Sarus, a data privacy and synthetic data platform, raised an undisclosed Seed from FAST — by GETTYLAB.
🤝 Mergers & Acquisitions
- SailPoint, an Identity and Access Management (IAM) platform for large enterprises, was acquired by Thoma Bravo for $6.9B.
- Datto, a disaster recovery service, was acquired by Kaseya for $6.2B.
- Barracuda Networks, a maker of network, web, and email security platforms, was acquired by KKR for $4.0B.
- ACE IT Solutions, a cybersecurity professional services firm, merged with Omega Systems for an undisclosed amount.
- Cyber Solutions, a managed services provider (MSP), was acquired by NetGain Technologies for an undisclosed amount.
- ERC-Oasis, a cybersecurity professional services firm, merged with Oasis Systems for an undisclosed amount.
- Fortica, a cybersecurity professional services focused on cloud security, was acquired by KPMG for an undisclosed amount.
🔐 Secure The Job
If you're looking for new opportunities (actively or passively), I've got two ways to help:
- Return on Security Job Board - Browse the jobs I curate each week and apply for what matches your interests.
- Return on Security Talent Collective - Join the talent collective to get personally matched with high-growth, high-upside opportunities. This is invite-only, curated by me, and you can set your profile to be public or anonymous.
Search firms, recruiters, and hiring managers - hire the best talent from the Return on Security community by signing up here.
📚 Great Reads & Finds
- 10 Fundamental (but really hard) Security Metrics - a list of non-traditional cybersecurity program metric ideas for the community to wrestle with. Many of these may seem impossible at first or may require more coordination than what you may be used to, but working through this list will be a good thought exercise.
- Creating a Proactive Security Engineering Culture - Atomic fixes, doable by engineers, observed by leaders. A write-up of how Chime built a proactive product security and security engineering culture.
- The IT Shuffle - More and more these days, IT is at the frontlines of security. They are dealing with users on a day-day basis and touching components that affect them.
Computers can have a few small viruses as a little treat
🎉 Enjoying This Newsletter?
A weekly recap of cybersecurity funding and M&A news.