10 Notable Security Acquisitions of 2019 (So Far)
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt71b7febd41acd291/64f0d58a5d2bd25c31862939/SecurityDeals2019Intro.jpg?width=700&auto=webp&quality=80&disable=upscale)
Anyone watching the cybersecurity market has likely noticed a wave of acquisitions making headlines. The M&A activity that remained constant last year has only increased in 2019.
"It's like something's in the water right now," says Hank Thomas, CEO at Strategic Cyber Ventures (SCV), where experts had anticipated growth in the cybersecurity market. "We predicted the ability of the market to do this, and we thought it might be this year."
Cybersecurity Ventures reports more than $7 billion in cybersecurity deals during the first quarter of 2019 alone, and the market certainly hasn't quieted since them. The industry is in a time when large companies are sitting on lots of cash and pondering their security capabilities.
Of course, some technologies are hotter than others. Cloud computing and application security are two notable types ripe for acquisition this year, for example. Service-focused businesses are looking to acquire "as-a-service" companies and wrap their services into their platforms, explains Jeff Pollard, Forrester vice president and principal analyst for security and risk professionals.
He calls this "a bit of an unconventional acquisition scenario, where services companies acquire intellectual properties they can build services around." An example of this can be seen in NTT Security's acquisition of WhiteHat Security, a deal confirmed in March. This acquisition also reflects a trend of companies investing in application security, which Pollard also has noticed.
"Applications generate revenue," he says. The applications companies are building, and the software they're making, go into products and services. "It's not that every company is a software company — it's that every company is making money with software now." Application security goes to the forefront of their priorities because this is technology they use to protect revenue-generating applications, websites, mobile apps, and other products, Pollard continues.
The cloud is a hot target for traditional and legacy vendors, which are still slow to embrace the cloud and adopt native cloud functionality. Vendors struggle to offer the same experience in the cloud as they do on-premises, a challenge that has led to increased activity in cloud-focused M&A, he adds.
These trends are evident in the cybersecurity acquisitions to take place so far this year. Here, we highlight 10 deals that stood out and discuss where the industry is headed. Any transactions you're not seeing? Feel free to share your thoughts in the Comments section, below.
Palo Alto Networks has been on a shopping spree this year. A few months after it announced plans to buy Demisto for $560 million in March, it confirmed its intent to buy Twistlock (for $410 million) and PureSec (for an undisclosed amount). All acquisitions are still pending.
Demisto, a security orchestration, automation, and response (SOAR) company, offered a platform to automate and standardize incident response. Palo Alto Networks' first acquisition of 2019 is intended to boost Demisto's existing integration with its application framework. As part of the deal, Demisto will further grow and leverage the larger firm's distribution network.
Its acquisition of Twistlock, a 4-year-old Israeli startup focused on container security, arrived at the end of May. A day later it confirmed its plans to buy PureSec, another Israeli cloud security startup founded to provide a new application security approach to serverless architecture. The latter deal's value was not made public; however, some Israeli business publications reported a $60 million to $70 million price tag.
Around the same time it confirmed the Twistlock and PureSec purchases, Palo Alto Networks also debuted its Prisma cloud security suite, which integrates its existing products and new offerings into a product portfolio designed for securing the cloud. Technologies from both the acquired companies will bolster Prisma as Palo Alto Networks builds the cloud security suite.
While the Twistlock acquisition took him by surprise, SCV's Thomas says it makes sense. More companies are talking about moving to the cloud and discussing cloud-native security. "There were only so many people doing that and had a product as mature as Twistlock's," he says. Further, Palo Alto Networks is one of the companies "sitting on tons of cash," he adds.
NTT Security, a specialized security firm and subdivision of Nippon Telegraph and Telephone Corp., confirmed plans to buy WhiteHat Security in March. The value has not been officially disclosed, though it's worth noting WhiteHat had raised a total of $56.1 million in funding and had between 251 and 500 employees at the time it was acquired. The acquisition is still pending.
WhiteHat, founded by professional hacker Jeremiah Grossman in 2001, aims to help businesses build security into the development process with its cloud-based application security platform. NTT Security wants to use WhiteHat's tech to integrate application security and DevSecOps into its portfolio. WhiteHat customers will have access to NTT Security's consulting and advisory services, along with its managed security services, as part of the deal.
In February, Carbonite announced an agreement to acquire Webroot for $618.5 million in cash, adding endpoint and network security to its cloud-based data protection services.
Webroot, founded in 1997, focuses on endpoint and network protection, security awareness training, and threat intelligence services. Combined, the two businesses are predicted to tackle endpoint security through a mix of cloud-based security, backup, and recovery. One of the proposed solutions for the two is a ransomware prevention and recovery service.
Imperva, which itself had been acquired by Thoma Bravo in late 2018, this year confirmed plans to purchase Distil Networks for an undisclosed amount. The deal is intended to help Imperva build its security tools and improve its position in the application security market.
Distil Networks, founded in 2011, uses bot detection and mitigation to stop automated attacks against enterprise applications and APIs. Imperva plans to build this technology into its own application security tool, which it created to protect business data and applications. While the price of the acquisition was not disclosed, Distil Networks had most recently finalized its Series C and raised a total of $59 million in funding.
Sophos has been shopping to build its managed detection and response (MDR) capabilities, as indicated by its acquisition of DarkBytes in January, followed by the purchase of Rook Security in May. DarkBytes will operate as a subsidiary of Sophos; the Rook Security acquisition is still pending.
Endpoint security company DarkBytes built a platform to provide businesses with security operations center (SOC) services. This product and the DarkBytes team, who bring expertise in MDR and security orchestration automation response (SOAR), fit into Sophos' prediction of cybersecurity products evolving into adaptive, managed services. The Rook Security acquisition is intended to strengthen the DarkBytes platform with detection, investigation, and response capabilities, Sophos said at the time of purchase.
In March, industrial cybersecurity firm Dragos bought NexDefense, an up-and-coming security vendor in the industrial space. It now operates as a subsidiary of Dragos.
NexDefense has its roots in the US Department of Energy and raised a total of $8.1 million in funding since it was founded in 2012. Its continuous monitoring and asset discovery tool, developed under the name "Sophia," was built by the DoE in 2010 and 2011. The tool was later commercialized by NexDefense under the name "Integrity."
Dragos views NexDefense's technology as a "precursor" for companies hoping to take the first step toward ICS security, said Dragos CEO and founder Robert M. Lee in a statement at the time of acquisition. NexDefense's tech will not be integrated into the Dragos platform.
Symantec confirmed its plans to buy Luminate Security, a startup focused on software-defined perimeter technology, in February. It now operates as a subsidiary of Symantec.
It's another acquisition intended to secure the cloud. Luminate developed its Secure Access Cloud to manage corporate resources and applications both in the cloud and on-premises. Through the tool, security admins can scale private access control so their employees can access only the data they're authorized to use. Symantec bought Luminate with the idea of building this tech into its Integrated Cyber Defense Platform, seemingly to create a balance between cloud security and user experience.
While terms of the acquisition were not formally disclosed, Luminate had raised a total of $14 million in funding since it was founded in 2017.
Anyone watching the cybersecurity market has likely noticed a wave of acquisitions making headlines. The M&A activity that remained constant last year has only increased in 2019.
"It's like something's in the water right now," says Hank Thomas, CEO at Strategic Cyber Ventures (SCV), where experts had anticipated growth in the cybersecurity market. "We predicted the ability of the market to do this, and we thought it might be this year."
Cybersecurity Ventures reports more than $7 billion in cybersecurity deals during the first quarter of 2019 alone, and the market certainly hasn't quieted since them. The industry is in a time when large companies are sitting on lots of cash and pondering their security capabilities.
Of course, some technologies are hotter than others. Cloud computing and application security are two notable types ripe for acquisition this year, for example. Service-focused businesses are looking to acquire "as-a-service" companies and wrap their services into their platforms, explains Jeff Pollard, Forrester vice president and principal analyst for security and risk professionals.
He calls this "a bit of an unconventional acquisition scenario, where services companies acquire intellectual properties they can build services around." An example of this can be seen in NTT Security's acquisition of WhiteHat Security, a deal confirmed in March. This acquisition also reflects a trend of companies investing in application security, which Pollard also has noticed.
"Applications generate revenue," he says. The applications companies are building, and the software they're making, go into products and services. "It's not that every company is a software company — it's that every company is making money with software now." Application security goes to the forefront of their priorities because this is technology they use to protect revenue-generating applications, websites, mobile apps, and other products, Pollard continues.
The cloud is a hot target for traditional and legacy vendors, which are still slow to embrace the cloud and adopt native cloud functionality. Vendors struggle to offer the same experience in the cloud as they do on-premises, a challenge that has led to increased activity in cloud-focused M&A, he adds.
These trends are evident in the cybersecurity acquisitions to take place so far this year. Here, we highlight 10 deals that stood out and discuss where the industry is headed. Any transactions you're not seeing? Feel free to share your thoughts in the Comments section, below.
Read more about:
2019About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024