362 Cyber Acquisitions in 2024
9% of the industry turned over.
As I wrap up this year’s mad frenzy to get the manuscript for Security Yearbook 2025 to Wiley everything is coming together. On January 3rd I published funding results for the year based on data from the IT-Harvest Dashboard. Getting the complete manuscript, including the Directories organized by Country and Category, to the publisher by the 13th is a new record. But, thanks to the ten-week long print queues, we are on a tight schedule to meet the dates of RSAC which starts April 28 this year. Books will be shipped directly to Moscone from the printer in Kentucky. Look for announcements of where I will be signing free copies.
Thanks to the timely research that AGC Partners provides every year, I was able to complete Chapter 17 and submit it this week. The following is derived from that.
There were 362 acquisitions of cybersecurity vendors in 2024 according to investment bank AGC Partners. That compares to 250 in 2023 and 332 in 2022. Almost 9% of the vendor space changed hands in 2024.
Of the 61 for which purchase valuations are available the total transaction amount came to $49.9 billion. The actual total, if disclosed, would be much higher.
Notable deals include:
The January announced acquisition of Juniper Networks by HPE for $13.247 billion. The deal did not close in 2024 but the CEO made public comments that he expects it to close in early 2025.
ZeroFox was acquired by PE firm Haveli Investments for $350 million, well below the $1.4 billion valuation the company touted before going public via a SPAC vehicle. The threat intel company has dropped 10% in headcount since the announced acquisition.
Security data aggregator, Avalor was acquired by Zscaler for $350 million.
Wiz acquired Gem Security for $350 million.
Hashi Corp was acquired by IBM for $6.4 billion.
In April, Thoma Bravo made a $5 billion offer for Darktrace, the publicly traded email security vendor in the UK. The deal was completed on October 1. (See In Memoriam chapter for details on Darktrace founder Michael Lynch’s tragic demise in his yacht Bayesian.)
Mobile device biometric monitoring company Biocatch was acquired by PE firm Permira for $1.3 billion.
The Software Integrity Group of Synopsis was acquired by ClearLake and Francisco Partners private equity for $1.6 billion which later spun out the application security portfolio under the name Black Duck with close to 1,000 employees.
Palo Alto Networks bought SIEM solution Qradar from IBM for $500 million.
Thoma Bravo owned LogRhythm merged with Exabeam.
Venafi acquired by CyberArk from Thoma Bravo in a $1.54 billion deal.
Data protection company Acronis was acquired by PE firm EQT for $4 billion.
The biggest threat intel company, Recorded Future, was acquired by Mastercard for $2.65 billion. Mastercard maintains a portfolio of security solutions but it likely will turn Recorded Future’s capabilities to supporting its merchant customers.
Legacy MSSP SecureWorks was acquired by Sophos for $825 million.
Wiz acquired Dazz for $450 million, four times the amount raised by Dazz so probably a good (not great) outcome for most parties.
Of the 362 transactions reported by AGC Partners, 217 acquisitions were strategic, while 141 were by private equity. There was one SPAC transaction when Cyabra (68 headcount, up 31% in 2024) agreed to merge with Trailblazer Merger Corp., which was still listed on Nasdaq at the end of the year.
Watch for a flurry of news coming from IT-Harvest in the next couple of weeks. We will be announcing the 2025 Cyber 150 awards. These are for the fastest growing companies in the size range 50-500 people for the entire year of 2024 and will be published in Security Yearbook 2025. Even the vendors don’t know if they are awardees yet. Although, if your LinkedIn headcount grew more than 30% last year and you have between 50 and 500 people you are probably in the list. :-)
I also took a stab at the 2025 Fast Fifty under 50. These are the 50 fastest growing companies between 20 and 49 headcount.
The biggest news in our short three year history as a SaaS company is coming next week as we introduce a prosumer product. Stand by for the mind-blowing demo reel. :-)
Edits: Original post implied that PE had acquired the giant Synopsys. Updated to show that PE acquired a division and spun it out as Black Duck.