Cybersecurity M&A Roundup: 42 Deals Announced in August 2021
The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with roughly 40 deals announced in August 2021 as well.
Cybersecurity consulting and managed security services company Cerberus Sentinel acquired managed services provider VelocIT. The acquisition will help Cerberus expand its managed security services offering. VelocIT will become a wholly owned subsidiary of Cerberus and will focus on integrated risk services.
IT solutions provider CDW Corporation announced buying cybersecurity company Focal Point Data Risk, which specializes in data risk management. CDW says the acquisition will help it expand its portfolio and enhance its capabilities.
Israel-based application security testing firm Checkmarx has acquired Dustico, which specializes in solutions for detecting supply chain attacks in code packages. Dustico technology will be integrated into Checkmarx’s suite of analysis tools. Dustico will operate as CxDustico following the acquisition.
Cyber insurance provider Corvus purchased Wingman Insurance, which specializes in tech and cyber insurance. The deal will help Corvus enter the admitted coverage market and continue its growth. Wingman will continue to operate as an independent brand.
Deloitte Risk & Financial Advisory acquired aeCyberSolutions, the industrial cybersecurity business of Applied Engineering Solutions (aeSolutions). The acquisition will enable Deloitte to expand its cybersecurity offerings. This was Deloitte’s fifth cyber-related acquisition in 2021.
Financial risk management company Feedzai acquired advanced behavioral biometric platform Revelock. Revelock technology will be integrated into Feedzai’s platform in an effort to enhance its capabilities with a digital identity solution powered by behavioral biometrics. Feedzai says its goal is to create the largest financial intelligence network, which contains more than a trillion data points and profiles for bad and good actors.
HackerU, an educational technology firm specializing in cybersecurity and other digital skills programs, acquired SaaS cyber education company Cybint, reportedly for $50 million. The deal helps HackerU, which will rebrand as ThriveDX, expand and scale its B2B offerings.
IT asset and service management solutions provider Ivanti acquired vulnerability management and prioritization company RiskSense. Ivanti says RiskSense adds risk-based vulnerability prioritization and remediation capabilities to its Neurons for Patch Intelligence product.
Ivanti’s supply chain business unit, Ivanti Wavelink, acquired WIIO Group’s industrial internet of things (IIoT) platform. The IIoT platform will enable Ivanti Wavelink customers to gain better visibility into IIoT equipment, identify and remediate problems, and build applications for enhanced operational efficiency.
Cybersecurity firm Sophos announced the acquisition of DevSecOps automation platform Refactr. Sophos says the acquisition will enable it to optimize its managed threat response and extended detection and response (XDR) solutions with security orchestration automation and response (SOAR) capabilities. Refactr developers and engineers have joined Sophos, but the Refactr platform will continue to be offered to existing customers. Refactr Community Edition will also remain available.
Telos Corp, a provider of cyber, cloud and enterprise security solutions, has acquired the assets of Diamond Fortress Technologies (DFT), which specializes in touchless fingerprint biometrics solutions. Telos believes the deal will help it “eliminate much of the friction involved in biometrics data gathering for identity and access management.”
IT and professional services company ASGN Incorporated has announced the acquisition of Enterprise Resource Performance, Inc. (ERPi), a healthcare consulting and data analytics firm. ERPi employees will join ECS, ASGN’s federal government segment, which, among others, provides cybersecurity solutions.
Cisco announced the acquisition of Epsagon, which specializes in application monitoring for serverless and containers. The networking giant says Epsagon will help it expand Full-Stack Observability solutions, which help organizations address performance, optimization and security challenges.
Technology solutions provider Chess has announced buying Armadillo, a company that provides penetration testing, vulnerability assessment, and attack simulation services. Both firms are based in the UK. Chess says the goal of the acquisition is to strengthen its capabilities.
Crossword Cybersecurity plc, a company that focuses on the commercialization of university research-based cybersecurity and risk management software and cybersecurity consulting, acquired threat intelligence and monitoring company Stega UK. Both companies are based in the UK. Crossword will pay £1.8 million ($2.5 million) for Stega.
Dark Pulse, a company that provides laser sensing systems for assessing the health and security of infrastructure, acquired Optilan, a provider of security (including cyber and physical security) and communications systems. The deal is part of DarkPulse’s expansion into global critical infrastructure markets.
Cloud-driven networking solutions provider Extreme Networks has announced its intent to acquire the Ipanema SD-WAN business of network and application performance management firm Infovista. Extreme expects to pay €60 million (roughly $73 million) for Ipanema in an all-cash deal. Extreme said the acquisition will help expand its ExtremeCloud portfolio with new cloud-managed SD-WAN connectivity and security capabilities.
Cybersecurity company GoVanguard has acquired boutique cybersecurity company Gotham Security in an effort to expand its capabilities. Specifically, Gotham Security brings red-teaming and pentesting services to GoVanguard’s offering.
Science, technology and engineering solutions provider KBR has acquired UK-based Frazer-Nash Consultancy, which specialises in systems engineering, assurance and technology advisory services. KBR has paid roughly $400 million in cash for Frazer-Nash Consultancy. KBR says Frazer-Nash’s expertise in systems engineering, data science, cyber, and clean energy complements its own capabilities.
FireEye’s Mandiant unit has acquired Intrigue, a provider of attack surface management technology for enterprises. Intrigue’s technology will be integrated into the Mandiant Advantage platform, and it will help customers discover, monitor, and manage risks.
Consumer cybersecurity companies NortonLifeLock and Avast announced their merger in a deal valued at roughly $8.1-$8.6 billion. The combined company will server over 500 million users, and it will have headquarters in the US and the Czech Republic. NortonLifeLock’s CEO, Vincent Pilette, will remain CEO, and Avast’s CEO, Ondřej Vlček, is expected to join NortonLifeLock as president and board member.
Cloud-based IT, security and compliance solutions provider Qualys has entered into an agreement to acquire TotalCloud, a company that has developed a cloud workflow management and no-code automation platform. Qualys said the deal should enable it to strengthen its cloud security solution.
Accounting and professional consulting firm RubinBrown has acquired technology consulting services provider Liberty Technology Advisors. Liberty will be integrated into RubinBrown’s Business Advisory Services Group, which offers business improvement and reorganization, cybersecurity, enterprise risk management, fraud and forensics, information technology and risk services.
Managed detection and response (MDR) services provider SilverSky announced buying Advanced Computer Solutions Group (ACSG), which offers a wide range of IT services, including cybersecurity. The deal should help SilverSky expand its presence in the education sector, where ACSG has a significant customer base.
Private equity firm SGT Capital has purchased cybersecurity and compliance solutions provider Utimaco Verwaltungs GmbH (co-based in US and Germany) from the EQT Mid Market Europe fund.
BlueHalo, a company that provides engineering solutions and technology to the national security community, has acquired Intelligent Automation, Inc. (IAI), which provides advanced technology development and productized solutions in fields such as artificial intelligence, cybersecurity, hypersonics, space, 5G, data analytics, and communications. BlueHalo says it’s expanding its national security platform with various capabilities — including cyber — and the acquisition of IAI helps it add “significant depth” across its portfolio of products and solutions.
Incident response company BreachQuest has acquired Rendition Infosec, which specializes in digital forensics, breach response, due diligence and vulnerability assessment services. The acquisition was announced when BreachQuest emerged from stealth mode. Jake Williams, co-founder and CTO of BreachQuest, is also the founder of Rendition Infosec.
Check Point Software Technologies has acquired cloud email security solutions provider Avanan, reportedly for between $250 million and $300 million. Both companies are based in Israel. Avanan’s solutions will be integrated into Check Point’s offering.
Comcast Business, which offers connectivity, communications, cybersecurity, networking and wireless solutions, has acquired Masergy, a company that specializes in software-defined networking and cloud platforms. Comcast Business said Masergy, which also provides security services, complements its portfolio of enterprise services and solutions.
Search software giant Elastic NV is buying build.security, an Israeli startup that helps businesses enforce cloud security authorization policies, as well as Cmd, a Canada-based provider of runtime security for cloud infrastructure. The acquisitions will help Elastic expand the capabilities of its extended detection and response (XDR) platform.
Cloud solutions provider Ekco has acquired information security consultancy Ward Solutions, which provides pentesting, cloud security, risk and compliance, and incident response services. Both companies are based in Ireland. Ekco’s portfolio includes recovery, backup, and security solutions and the company says Ward will enable it to provide the full stack of cybersecurity services.
Managed IT services provider iVision announced that it’s acquiring Carve Systems and merging with the company. Carve Systems specializes in information security, training and risk management services, and iVision believes the acquisition will enable it to help customers improve their security posture. While the two companies have merged, the Carve brand will remain.
LexisNexis Risk Solutions UK Limited, a company that helps organizations reduce risk, has purchased TruNarrative, which provides a cloud-based orchestration platform for detecting and preventing financial crime and fraud. LexisNexis said TruNarrative’s platform aligns with its financial crime compliance and fraud solutions.
Managed IT and cybersecurity solutions provider Meriplex acquired the assets of GNT Solutions, an MSP based in California. The acquisition enables Meriplex, which strategically acquires MSPs across the US, to further expand into California.
Managed IT services provider Nexon Asia Pacific announced buying Equate Technologies, which provides cybersecurity, risk and consulting solutions. Both companies are based in Australia. Nexon said the acquisition will help it strengthen its security offering.
Otava acquired NewCloud Networks. Both companies specialize in cloud solutions and Otava said the acquisition enables it to gain “a robust product portfolio that includes security services, cloud backup, disaster recovery, remote desktop, production cloud, and a comprehensive managed security toolset.”
Data protection solutions provider OwnBackup has acquired RevCult, which specializes in Salesforce security and governance solutions. The companies have been working together for years. OwnBackup said the deal will help it enhance its cloud data protection platform.
Tesserent has acquired Loop Secure for AUD 13.5 million (roughly USD 10 million) in cash and stock. Both companies are based in Australia and they both offer cybersecurity solutions. Tesserent said the deal will enable it to strengthen its capabilities.
Two Six Technologies, which offers products and expertise to national security customers, acquired IT services provider Trusted Concepts, which also focuses on national security missions. Trusted Concepts specializes in cyber, data analytics, encryption and secure communications, which complement Two Six Technologies’ own solutions.
Defense contractor VTG has acquired ASSETT, a company that specializes in undersea warfare and unmanned systems technologies. ASSETT’s capabilities include cybersecurity engineering, software development (including DevSecOps) and data science.
XYPRO Technology Corporation, a company that provides cybersecurity and other solutions for HPE NonStop Server, announced the acquisition of Workload Aware Security for Linux (WASL) from HPE. WASL is a security and compliance monitoring platform for Linux and SAP HANA environments. Following the acquisition, HPE will continue to sell WASL, while XYPRO will work on supporting existing deployments and improving the platform.