10 Big Cybersecurity Acquisition Deals In 2025

The arrival of mega-M&A and acquisitions of AI-focused startups have been major themes in the security industry this year.

Security M&A In 2025

While the cybersecurity M&A environment has been busy for years now, 2025 has seen an acceleration in at least two areas. One is the arrival of blockbuster acquisition deals in security, with Google agreeing to acquire cloud and AI security vendor Wiz for an unprecedented $32 billion in March. That was followed by the July announcement that Palo Alto Networks has reached a deal to acquire longtime identity security vendor CyberArk for $25 billion. In each case, the deals represented a massive shift for the companies: While Google and Palo Alto Networks have been among the major consolidators of security vendors in the industry, neither had made a deal of anywhere near this magnitude previously.

Experts have told CRN the arrival of mega-M&A in cybersecurity is yet another signal of the surging importance of the sector amid intensifying threats and the AI boom. And without a doubt, such deals make it “difficult for some of these smaller players to compete effectively against these large players,” said Neil MacDonald, vice president and distinguished analyst at Gartner. “This is becoming a battle of well-funded, large competitors.”

At the same time, a second M&A trend has also emerged in the cybersecurity segment in 2025, with an acceleration in deal-making for innovative startups among some of the key players in the industry. Vendors that have unveiled multiple startup acquisition deals in 2025 include CrowdStrike, F5, SentinelOne, Check Point Software Technologies, Palo Alto Networks and Tenable. Much of the increased activity has been driven by the need to stay current with the many ways AI is impacting security—from utilizing GenAI and agentic tools for cyber defense to securing the usage of AI itself.

Other major deals announced this year, from vendors such as Zscaler and Proofpoint, have been aimed at bolstering offerings in key segments such as security operations and Microsoft 365 security.

As part of CRN’s Cybersecurity Week 2025, we’ve collected the details on 10 big cybersecurity acquisition deals in 2025 (presented in alphabetical order).

Cato Networks Acquires Aim Security

Cato Networks announced its first-ever M&A deal in September with its acquisition of Aim Security, a move that will enable the SASE vendor to expand into the fast-growing AI security segment. Terms of the deal for Aim Security were not disclosed. The startup has nearly 50 employees, Cato told CRN.

A top provider in the crucial SASE (secure access service edge) market, Cato Networks is now also seeking to become a player in the red-hot area of securing AI adoption with the acquisition of Aim Security.

Founded in 2022, Aim Security offers capabilities for securing the usage of both public and private AI applications, including AI agents. The startup has also offered AI security posture management (AI-SPM), which provides improved visibility into AI models and applications with the goal of discovering vulnerabilities and misconfigurations. Cato said it plans to have Aim Security’s capabilities integrated into its Cato SASE Cloud Platform as of early 2026.

Check Point To Acquire Lakera

In September, Check Point Software Technologies announced its plan to acquire Lakera, a developer of AI-native security platforms for agentic AI applications, with Lakera set to be the foundation of Check Point’s Global Center of Excellence for AI Security. Terms of the deal were not disclosed, although a report from Calcalist pegged the acquisition price at an estimated $300 million.

Check Point CEO Nadav Zafrir said in a news release that with the acquisition of Lakera, the company can deliver a full end-to-end AI security stack designed to protect enterprises as they adopt artificial intelligence. Lakera, which was named to CRN’s 10 Cybersecurity Startups To Watch In 2025, offers what it calls “real-time GenAI application security,” with capabilities for preventing unintended actions by GenAI apps resulting from attack methods like data poisoning and prompt attacks.

Check Point also announced in May it has reached a deal to acquire Veriti, a startup that “pioneered” the category of pre-emptive exposure management, according to the cybersecurity vendor. Terms of the deal were not disclosed.

CrowdStrike To Acquire Onum

CrowdStrike announced in September it has reached a $290 million deal to acquire a startup that provides data pipeline management, Onum, to boost its Falcon Next-Gen SIEM offering. Along with providing real-time data pipeline management, Onum brings “amazing” capabilities for in-pipeline detection, CrowdStrike co-founder and CEO George Kurtz said during a call with analysts following the announcement. That means CrowdStrike would be able to begin performing detection on third-party data almost immediately, as the data is being forwarded, “which is critical and gives us tremendous flexibility,” Kurtz said. In interviews with CRN, solution provider partners have applauded the acquisition as a means for CrowdStrike to enable the “clean” data that AI applications need to work most effectively.

Also in September, CrowdStrike announced an agreement to acquire Pangea, a startup that offers guardrails for GenAI-powered applications. The $260 million deal will enable CrowdStrike to offer “AI detection and response” capabilities, Kurtz said in September. Pangea is “a leader in the space of protecting AI agents from the browser, application, gateway cloud [and] in the development pipeline, as well as in production,” he said during the company’s Fal.Con 2025 conference.

F5 Acquires CalypsoAI

In September, F5 acquired AI security vendor CalypsoAI for $180 million. The acquisition aims to boost AI security on the F5 Application Delivery and Security Platform, the company said. CalypsoAI, which was founded in 2018, is a “pioneer” in the area of enterprise AI security, F5 said in a news release.

Key capabilities offered by CalypsoAI include real-time protection against threats targeting AI applications and models, such as prompt injection and jailbreaking, according to F5. Other key functionality includes guardrails for detection and prevention of leakage of sensitive data as well as policy violations, F5 said.

The deal follows acquisitions by F5 earlier this year of agentic-powered security startup Fletch in June and real-time network observability vendor MantisNet in August.

Google To Acquire Wiz

In March, Google announced its deal to acquire fast-growing cloud and AI security vendor Wiz for $32 billion. In operation for just five years, Wiz is poised to become the largest acquisition of a stand-alone security vendor ever—as well as Google’s highest-priced acquisition to date.

Founded in 2020, Wiz has stood out by offering capabilities that rapidly improve visibility into cloud environments, enabling partners and customers to quickly fix misconfigurations and other security gaps in the cloud. Notably, it’s an approach the company is now extending to the AI security space. Wiz reportedly saw its annual recurring revenue reach $500 million last year with an expectation to cross $1 billion in ARR this year.

For Google Cloud, meanwhile, the Wiz deal makes it clear to the market that the tech giant has every intention of becoming a “serious” enterprise security vendor and is more than ready to do battle on Microsoft’s turf, according to Gartner’s MacDonald. The deal—which is expected to close in 2026—would give Google Cloud an immediate leadership position in the cloud and AI security markets where Wiz has been a trailblazer, MacDonald said.

Okta Acquires Axiom Security

Okta is expanding its privileged access management capabilities with the recent acquisition of a startup in the segment, Axiom Security. Terms of the deal, which was announced in August and closed in September, were not disclosed.

Founded in 2021, Axiom Security offers privileged access management that was built to meet the needs of cloud environments as well as SaaS and databases, Okta has said.

Okta sees privileged access management as the “next area” where partners and customers are looking for deeper capabilities from the identity security vendor, prompting the company to ramp up its efforts in the segment including through acquiring Axiom, according to Okta President and COO Eric Kelleher. While Okta had already been offering privileged access management, the Axiom acquisition is “very specifically targeted at accelerating the growth and helping us solve more use cases for privileged access, in particular with Kubernetes and databases,” Kelleher told CRN.

Palo Alto Networks To Acquire CyberArk

Palo Alto Networks is looking to accelerate its “platformization” push with its unprecedented $25 billion deal to acquire identity security vendor CyberArk in a move that also aims to position the company at the center of providing security for agentic AI, according to Palo Alto Networks CEO Nikesh Arora. Announced in July, the deal is expected to close during the second half of Palo Alto Networks’ fiscal 2026, which ends July 31, 2026.

The deal would represent Palo Alto Networks’ entry into the identity security category, which the cybersecurity giant has deliberately avoided entering previously. However, the vendor’s platformization push and the rising demand from customers and partners for a complete security platform has necessitated a move such as this, Arora said during a call with analysts following the deal announcement. CyberArk’s capabilities for protecting identities and privileges in the emerging world of AI agents is among the other key drivers behind the acquisition deal, he said.

Meanwhile, also in July, Palo Alto Networks completed its $700 million acquisition of Protect AI, a startup focused on securing GenAI-powered applications and AI models.

Proofpoint To Acquire Hornetsecurity

In May, Proofpoint said it plans to acquire Hornetsecurity Group, a vendor specializing in security for Microsoft 365, in a deal that will significantly expand its capabilities for MSP partners and SMB customers. Sources close to the agreement—which is expected to close by the end of the year—confirmed that the deal is worth more than $1 billion.

Hornetsecurity’s main offering is 365 Total Protection, which provides MSPs with a multitenant platform for delivery of “advanced” email security, backup and security awareness, as well as access and permission control and domain fraud protection, Proofpoint said in a news release. The company has crossed $160 million in annual recurring revenue with growth up more than 20 percent year over year, according to Proofpoint.

In an interview with CRN, Proofpoint CEO Sumit Dhawan said that the move represents a “big strategic leap forward” for the cybersecurity vendor beyond the enterprise. Upon closure of the deal, Proofpoint will be making significant investments in the U.S. “to scale the business, the aspirations and ambitions that Hornetsecurity already has,” Dhawan said. Crucially, that will include investments aimed at “attracting the best partners in the U.S.,” he said.

SentinelOne To Acquire Prompt Security

SentinelOne said in August it has reached a deal to acquire a startup focused on securing AI and agentic technologies, Prompt Security, in the company’s latest move to enable AI adoption. The $180 million deal, which is expected to close by the end of October, “represents a strategic step forward in our vision to build the world’s definitive AI security company,” SentinelOne CFO Barbara Larson said during a call with analysts in August.

The planned acquisition aims to boost SentinelOne’s Singularity Platform with capabilities that will provide real-time visibility into access of AI tools and the data that’s being shared as well as automated enforcement for preventing attacks and misuse, the vendor has said. Founded in 2023, Prompt Security offers protection against AI-related threats through providing enhanced visibility and governance for GenAI tools.

Then in September, SentinelOne announced it had reached a deal to acquire Observo AI, which offers a data streaming platform that can enable “AI-native” management of data pipelines, the company said in a news release. The $225 million deal is expected to close by the end of October.

Zscaler Acquires Red Canary

In May, Zscaler announced its major deal to acquire Red Canary, a well-known player in MDR (managed detection and response), to accelerate the cybersecurity vendor’s expansion into security operations. The $675 million deal closed in August, bringing Red Canary’s 12 years of experience in offering managed threat detection and agentic AI capabilities into the Zscaler zero-trust security portfolio.

The acquisition of Red Canary will help to propel Zscaler toward achieving a dramatically different vision for security operations—with a future offering that can displace traditional SIEM (security information and event management) tools, Zscaler founder and CEO Jay Chaudhry said during an interview with CRN in June. Zscaler has been integrating the Red Canary technology with functionality from its acquisition of security data fabric provider Avalor in March 2024 to offer new capabilities such as threat management that can improve security outcomes while removing the need for traditional SIEM.

The security operations push is the second major time that Zscaler has sought to reimagine a major segment of the cybersecurity market in its 17-year history, according to Chaudhry. After doing so for secure access, “we’re now reimagining security operations,” he said. “It’s ripe for disruption.”