The second half of the year saw a major consolidation of the security industry, with a number of vendors acquiring startups in data security, identity management and SaaS security.

Cyber ​​M&A is heating up

The consolidation of cybersecurity vendors that many have been predicting for years looks set to finally happen in 2024. A surge in deals between big and small security tool makers has hit the industry this year, in especially in the last few months. Major acquisitions included Palo Alto Networks’ $500 million purchase of IBM’s QRadar SaaS business, Fortinet’s acquisition of cloud security unicorn Lacework, and, just announced in late October, Sophos’ planned acquisition of Secureworks for 859 millions of dollars.

(Related: 5 Major Security Vendors That Could Be Acquired by Private Equity)

While these have been among the M&A deals that have reshaped the security industry this year, a wave of smaller deals have also been announced in recent months. Key startup acquisitions were revealed in the second half of 2024 by a number of major security vendors, including Proofpoint, Cloudflare, Netskope, Mimecast, and CrowdStrike.

Data security (including security for SaaS) was a major theme of most cybersecurity startup acquisition activity during the third and fourth quarters, with more than half of recent deals including data security and SaaS as a focus. Other recently announced offerings focused on segments including identity management, cloud security, attack surface management and collaboration security.

The following are details on 10 key cybersecurity startup acquisitions in Q3 and Q4 of 2024.

Rapid7 acquires Noetic Cyber

In July, Rapid7 announced that it had reached an agreement to acquire Noetic Cyber, a startup whose technology aims to strengthen the vendor’s capabilities in cyber asset attack surface management (CAASM). The deal has since ended.

Rapid7 did not disclose the terms of the acquisition agreement.

Rapid7 called Noetic Cyber ​​”an innovator and leader” in CAASM and said the acquisition of its technologies will allow the vendor to “provide more comprehensive visibility into a customer’s environment, including visibility into both internal and external assets, at headquarters and in the cloud.”

The acquisition “positions Rapid7 to deliver the most productive security operations experience while making it more accessible to the teams that need it most,” Rapid7 CEO Corey Thomas said in a statement. presser.

Fortinet acquires Next DLP

In August, Fortinet announced the acquisition of data security startup Next DLP in a bid to bolster its secure access service edge (SASE) platform. Terms of the purchase were not disclosed.

With the acquisition of Next DLP — which CRN named one of the 10 hottest cybersecurity startups of 2023 — Fortinet said it will enhance its Unified SASE (secure access service edge) offering as well as “improve its position in preventing data loss on its own. (DLP)”.

Next DLP provides a platform for insider risk detection while detecting data exfiltration and data loss using a software agent that provides minimal impact on CPU performance and worker productivity.

Mimecast acquires Aware

In August, Mimecast announced the acquisition of a startup, Aware, which focuses on securing workplace collaboration tools with the help of AI. Terms of the deal were not disclosed.

Mimecast said in a press release that the acquisition aims to “revolutionize the way organizations manage and mitigate human-centric security risks.” Aware’s technology integrates “seamlessly” with collaboration tools, while “the key business insights and insights it gathers provide unprecedented visibility into workplace collaboration,” Mimecast said.

ColorTokens acquires PureID

In September, micro-segmentation provider ColorTokens announced its acquisition of identity and access management (IAM) startup PureID. Terms of the deal were not disclosed.

ColorTokens said in a press release that the deal will “significantly strengthen” the micro-segmentation capabilities on its Xshield platform by integrating a “robust” identity offering. The move will enable “identity-based segmentation” for cloud and containerized environments, IoT/OT deployments and user environments, ColorTokens said in the release.

Kaseya Purchases SaaS Alerts

In October, Kaseya announced the acquisition of cybersecurity startup SaaS Alerts in a move to further improve comprehensive, real-time protection for user identity and security in software-as-a-service environments.

The technology behind SaaS Alerts, which specializes in monitoring and securing SaaS applications, is now integrated into Kaseya 365 User at no additional cost.

SaaS Alerts technology is expected to strengthen MSPs’ ability to protect small businesses and their customers from growing cyber threats, Kaseya said. Terms of the deal were not disclosed.

Proofpoint to acquire Normalyze

In October, Proofpoint announced an agreement to acquire a startup focused on data security posture management (DSPM). Terms of the deal were not disclosed.

In a press release, Proofpoint said it will “further enhance its human-centric security platform with Normalyze’s leading AI-powered DSPM technology.” The new capabilities will enable Proofpoint to “discover, classify and protect data at scale across SaaS, PaaS, public or multi-cloud, on-prem and hybrid environments,” the company said in the statement.

Cyera acquires Trail Security

In October, Cyera announced that it had acquired Trail Security, which it described as a “next generation” provider of data loss prevention (DLP), for $162 million.

Cyera said in a press release that the acquisition of Trail Security “significantly elevates Cyera’s AI-based platform” by adding “AI-enhanced DLP technology.”

Cyera is a startup itself, which was founded in 2021 and was recently named a startup to watch by CRN. The $1.4 billion company offers an agentless DSPM tool for data discovery, classification and protection.

Netskope acquires Dasera

In October, Netskope revealed the acquisition of DSPM vendor Dasera, which the SASE platform provider said would enhance data protection capabilities for its Netskope One offering. Financial terms of the acquisition were not provided.

The deal for Dasera will make DSPM available immediately on the vendor’s Netskope One platform, the company said.

Cloudflare acquires Kivera

In October, Cloudflare announced its acquisition of cloud security startup Kivera, in a move to expand the capabilities of the Cloudflare One SASE platform. Terms of the deal were not disclosed.

In a post, Cloudflare said the acquisition will allow the company to offer inline controls for cloud applications, “empowering Cloudflare One customers with proactive security controls for all their cloud services.” Key capabilities include “one-click” mitigation of misconfigurations and forceful control of cloud tenants, Cloudflare said.

CrowdStrike to acquire Adaptive Shield

In November, CrowdStrike said it was significantly augmenting its Falcon platform with its planned acquisition of SaaS security startup Adaptive Shield. In a post, CrowdStrike President Michael Sentonas called the acquisition “essential” to the company’s future in SaaS and AI security.

Financial details of the transaction were not disclosed. The acquisition is expected to close during CrowdStrike’s fourth fiscal quarter 2024.

With the acquisition, CrowdStrike said it will be the only cybersecurity vendor to offer a single platform for end-to-end protection against identity-based attacks across the entire modern cloud ecosystem—from on-premises Active Directory to identity providers cloud-based and SaaS applications.