Cybersecurity M&A Heats Up
With venture funding harder to come by and the economic environment remaining less than stellar, the pressures on startups have been mounting in 2023. And for startups in the cybersecurity space, there are additional, unique issues to grapple with. Namely: A growing set of customers and partners are now looking to consolidate their security tools and reduce—not add to—the number of vendors they work with.
Putting it all together, this is a market where we’d expect to see a lot of cybersecurity startup acquisitions.
And in the third quarter of 2023, we have: Startup M&A has been a major feature of the cybersecurity sector throughout the third quarter. This has included startup acquisitions both from large vendors such as Check Point Software Technologis and Cisco Systems, as well as M&A deals involving venture capital-backed companies acquiring smaller startups. In the following slides, we’ve collected details on a number of notable cybersecurity startup acquisitions that were unveiled or completed during the third quarter of 2023.
While many of the quarter’s cybersecurity startup acquisitions have been too small to disclose the dollar amounts, there have been a few exceptions. Those include Check Point’s $490 million agreement to acquire Perimeter 81 in August and Tenable’s $265 million acquisition deal for Ermetic in September.
In terms of running themes across the acquisitions, secure access service edge (SASE) and identity security have each seen multiple startup acquisitions during the quarter. Identity security has become a red-hot segment of late as identity-based attacks have surged. Likewise, SASE has continued to see rapid adoption as a favored approach for securing remote and hybrid workforces.
In SASE, in particular, M&A is a proven strategy for building a platform: Leading vendors in the category such as Palo Alto Networks have previously built out their SASE platforms in part through startup acquisitions.
Meanwhile, in a recent interview, Netskope co-founder and CEO Sanjay Beri told CRN that technologies from smaller startup acquisitions have been essential to assembling his company’s comprehensive SASE platform. Amid the increasingly buyer-friendly M&A market in cybersecurity, Beri also predicted an uptick in the number of startup acquisitions in the space. “I think you probably will see more this year and next year,” he told CRN. “I would expect that.”
And indeed, in early September, Netskope unveiled its acquisition of Kadiska, a startup focused on enabling strong performance for SASE deployments.
What follows are the details on a number of key cybersecurity startup acquisition deals in the third quarter of 2023. (CRN will update this list as acquisitions are unveiled this quarter.)
Cisco To Acquire Oort
Cisco announced in July it plans to add another startup’s technology to its security portfolio with its agreement to acquire identity threat detection and response startup Oort. Once combined, Oort’s identity-centric technology will enhance user context telemetry for Cisco’s Security Cloud platform, Cisco said. The companies did not disclose the terms of the deal.
The tech giant has been a strategic investor in Oort since 2022. Oort was founded by Cisco alumni Matt Caulfield, an entrepreneur and former Cisco engineer for 10 years who has a background in cloud, networking and data.
Oort’s identity-centric technology will be incorporated into the Cisco Security Cloud platform, including within Cisco’s Duo identity access management technology and extended detection and response portfolios, according to Raj Chopra, senior vice president and chief product officer for Cisco Security.
Cisco has unveiled agreements to acquire four security-related startups in 2023 so far, with Oort joining a list that includes Lightspin, Valtix and Armorblox.
Graylog Acquires Resurface
In July, SIEM and log management vendor Graylog unveiled its acquisition of Resurface—an API security startup whose technology has stood out by working with WAF (web application firewall) and API gateways, according to the company. The Resurface technology is now being offered as an additional product from the vendor, Graylog API Security. The acquisition—the terms of which were not disclosed—positions Graylog as “the only SIEM provider offering an API security solution,” Graylog CEO Andy Grolnick said in a news release.