10 Key Cybersecurity Acquisition Deals In Q1 2023

We’re taking a look at the most-notable cybersecurity M&A deals announced during the first quarter, including acquisitions by HPE, Zscaler and Cisco.

Cybersecurity M&A

The consolidation continued in the cybersecurity market during the first three months of the year, both among top vendors in the industry and major solution providers in the channel. We’ve collected details on 10 notable acquisition deals in cybersecurity that were announced or completed during the first quarter of 2023.

The M&A activity ranged in size from combinations of large security tool vendors to pickups of small-but-promising startups in cyberdefense. Among the well-known cybersecurity companies that unveiled new acquisition deals in Q1 were Zscaler, which announced a startup acquisition to expand its capabilities for protecting software-as-a-service (SaaS) apps, and Rapid7, which landed an acquisition to enhance its managed detection and response (MDR) platform.

Meanwhile, a number of tech giants that have a broader IT focus announced acquisition deals during Q1 to bolster their security offerings, including Cisco, Hewlett Packard Enterprise (HPE) and OpenText. Several solution providers in the channel disclosed notable security-focused acquisitions during the quarter, as well.

Our list doesn’t cover private equity buyouts, though the first quarter did see some activity there, with Vista Equity Partners closing its $4.6 billion take-private deal for security awareness training vendor KnowBe4.

What follows are the details on 10 key cybersecurity acquisition deals in Q1 of 2023.

OpenText Acquires Micro Focus

In January, OpenText completed its $5.8 billion acquisition of Micro Focus, the latest in a series of cybersecurity-related acquisitions by the company. The acquisition brought the Micro Focus CyberRes offering to the OpenText suite, with capabilities around cyber protection — for data, identities and applications — as well as threat detection and response. Micro Focus had itself acquired a number of cybersecurity vendors in recent years including Interset and Debricked.

The addition of the Micro Focus cybersecurity portfolio to the OpenText platform has joined other capabilities acquired by OpenText in recent years, including endpoint security and threat intelligence from Webroot (through the acquisition of Carbonite); data protection from Carbonite; as well as email encryption software from Zix and security software from Zix-owned AppRiver. OpenText is now finding major traction on security with partners, especially those who favor vendors that can offer a broad portfolio of capabilities, according to Ghassan Lababidi (pictured), vice president of cybersecurity partner marketing and enablement for SMB at OpenText.

HPE Agrees To Acquire Axis Security

In March, Hewlett Packard Enterprise announced that it’s reached an agreement to acquire Axis Security to bolster its secure access service edge (SASE) platform. Combining the Axis Security offering in security service edge (SSE) with the HPE Aruba networking platform — including SD-WAN from the acquisition of Silver Peak — will ultimately give HPE “the most comprehensive” offering in SASE, HPE CEO Antonio Neri (pictured) told CRN.

“All of this will be fully integrated into our HPE GreenLake platform, which will be offered as a subscription service,” Neri said. “Therefore, our partners will be able to sell all these solutions to drive a SASE model with recurring revenue, while also selling the underlying connectivity that comes with it.”

The Axis Security acquisition is expected to close in HPE’s second fiscal quarter, ending April 30. Terms of the deal were not disclosed. Axis Security had raised at least $100 million in funding, most recently raising a $50 million Series C round led by Spark Capital in March 2021.

Cisco Agrees To Acquire Valtix

In February, Cisco Systems announced an agreement to acquire cloud network security startup Valtix, as the tech giant continues working to build out unified platform for modern cybersecurity, Cisco Security Cloud. Valtix specializes in multi-cloud network security for AWS, Azure, Google Cloud and Oracle Cloud Infrastructure. Combined into Cisco’s security portfolio, Valtix will add a layer of visibility between public and private cloud networks and simplify the operational burden for security teams, Cisco said.

Valtix has made significant strides toward bringing a “modern, multi-cloud approach to solving cloud security challenges,” wrote Vishal Jain (pictured), co-founder and CEO of Valtix, in a blog post. As a part of Cisco, however, Valtix is “primed to have an even more massive impact as an integrated component,” Jain wrote.

Cisco, which has been a strategic investor in Valtix for the past three years, did not disclose financial terms of the acquisition deal. Valtix had disclosed raising at least $26.5 million in funding, most recently raising $12.5 million in January 2021.

Cisco Agrees To Acquire Lightspin

In its second acquisition deal of 2023 so far, Cisco Systems announced in March that it’s reached an agreement to acquire cloud security startup Lightspin. The company, which specializes in cloud security posture management (CSPM) across cloud-native resources, will help Cisco to meet its goal of helping customers modernize their cloud environments with end-to-end security and observability, wrote Vijoy Pandey, Cisco’s senior vice president of engineering for emerging technologies and incubation, in a blog post.

Lightspin takes a unique approach to contextualized cloud-security coverage, using graph-based technology to deliver key context, prioritization, and remediation recommendations, Pandey said.

“With the addition of Lightspin, customers will be able to identify, prioritize, and remediate critical cloud security risks without the hassle of extensive configuration requirements,” he said. “In today’s security climate, where the risk management needs of organizations can evolve overnight, it is vital that Cisco’s cloud security investments reflect the growing needs of its customers.”

Lightspin had disclosed raising at least $20 million in funding, most recently raising a $16 million Series A round in June 2021. Terms of the acquisition deal were not disclosed by Cisco.

Optiv Acquires ClearShark

One of the biggest security players in the channel announced an acquisition in Q1, as well. Optiv kicked off a major expansion in the federal government space with the acquisition of solution provider ClearShark, which more than doubles the size of the company’s federal business and provides a foundation for strong growth in the market, CEO Kevin Lynch (pictured) said in an interview with CRN.

Terms of the acquisition of ClearShark were not disclosed. The deal has added about 125 employees to Optiv’s existing headcount of more than 2,500.

Crucially, the combination of the two companies “sets the foundation for us to really bring a public sector focus on an even larger scale,” Lynch said. “We see ClearShark as the cornerstone of our public sector business going forward.”

It’s the first acquisition for Optiv since Lynch joined the cybersecurity powerhouse as CEO in April 2020. And looking ahead, “I do expect that there will be more” acquisitions for Optiv following ClearShark, Lynch said.

Zscaler Agrees To Acquire Canonic

In mid-February, well-known security service edge vendor Zscaler announced an agreement to acquire Canonic Security, a startup focused on protecting against attacks that target software-as-a-service. Canonic’s technology aims to “prevent organizations’ growing risks of SaaS supply chain attacks,” Zscaler said in a news release.

Many organizations have adopted hundreds of SaaS apps at this point, and “their users are connecting thousands of third-party applications and browser extensions to their critical SaaS platforms like Atlassian Suite, Microsoft 365, Salesforce, Google Workspace, and Slack without IT’s permission,” the company said. “Canonic’s solution allows cybersecurity and IT teams to quickly gain visibility to this ungoverned surface area and streamline SaaS application governance and enforcement.”

Zscaler said it will integrate Canonic’s capabilities into a data protection offering that was announced in October 2022, including by enhancing its cloud access security broker (CASB) solution as well as its SaaS security posture management (SSPM) tool.

Canonic Security had exited stealth a year ago, and had announced raising just $6 million in funding. Terms of the acquisition deal were not disclosed by Zscaler.

SailPoint Acquires SecZetta

In January, widely used identity security vendor SailPoint snapped up SecZetta, a provider of third-party identity security. The acquisition will bolster its SailPoint platform, which includes identity governance and administration (IGA) and other identity security tools, by bringing in capabilities to helping with managing and securing identities that belong to non-employees. Non-employees who need to interact with a company’s systems can include contractors and those employed in distribution and supply chains. Additionally, in the cases of businesses with a franchise model, third-party identity can include the majority of employees who work on behalf of a business.

Prior to the SecZetta acquisition, SailPoint “actually had a light offering for what we called ‘non-employee life cycle’—how do you manage people that aren’t your employees in the world of identity? We knew that was a need,” SailPoint founder and CEO Mark McClain (pictured) told CRN. “We looked at how easy it would be to integrate that into our core platform versus building something from scratch. Ultimately, the decision was that it’s better to buy this.”

Rapid7 Acquires Minerva Labs

In mid-March, Rapid7 announced an acquisition that aims to boost its managed detection and response (MDR) platform with additional capabilities for thwarting attacker evasion tactics and preventing malware deployment. The company said it has acquired Minerva Labs for $38 million in a cash and stock deal.

Founded in 2014, Minerva Labs has 15 employees, primarily consisting of engineers, Rapid7 told CRN. The acquisition of Minerva Labs appears to be the first for Rapid7 since mid-2021, when the company acquired IntSights for $335 million.

Rapid7 called Minerva Labs a “leading provider of anti-evasion and ransomware prevention technology.” In a news release, the company said that the acquisition will extend its managed threat detection offering with capabilities for orchestration of “advanced” ransomware prevention.

GreenPages Acquires Arcas

In early February, solution provider powerhouse GreenPages Technology Solutions announced it has closed the acquisition of Arcas Risk Management, in a bid to enhance its cybersecurity capabilities. Key capabilities that Arcas will help GreenPages with delivering include incident response, risk assessments and security operations, GreenPages said in a news release. The acquisition of Arcas — a provider of cybersecurity, risk advisory and compliance consulting services — “will help clients further reduce their attack surface across their operating environments” while enhancing protection of data against malicious actors, GreenPages CEO Ron Dupler said in a news release.

GreenPages, No. 169 on CRN’s Solution Provider 500 list, completed a recapitalization with private equity firm Abry Partners in 2020. The move represented the first outside capital raised by GreenPages since its founding in 1992, in an effort to help with scaling up the business.

NetSPI Acquires nVisium

NetSPI, a provider of penetration testing services and attack surface management capabilities, said it’s expanding its capabilities for offensive security services with the acquisition in January of nVisium. The terms of the acquisition were not disclosed, and it was mainly aimed at adding talent for NetSPI’s penetration testing services, according to NetSPI CEO Aaron Shilts (pictured). The acquisition brings two “complementary offensive security teams together who are committed to delivering the highest standard of penetration testing on the market today,” Shilts said in a news release. The acquisition follows NetSPI’s $410 million funding round in October, aimed at uses including the expansion of its channel program.