Cybersecurity Startup Acquisitions In 2023: Key Deals In Q3

We’re taking a look at the most-notable cybersecurity M&A deals unveiled during the third quarter, including acquisitions by Check Point, Netskope and Tenable.

Cybersecurity M&A Heats Up

With venture funding harder to come by and the economic environment remaining less than stellar, the pressures on startups have been mounting in 2023. And for startups in the cybersecurity space, there are additional, unique issues to grapple with. Namely: A growing set of customers and partners are now looking to consolidate their security tools and reduce—not add to—the number of vendors they work with.

Putting it all together, this is a market where we’d expect to see a lot of cybersecurity startup acquisitions.

And in the third quarter of 2023, we have: Startup M&A has been a major feature of the cybersecurity sector throughout the third quarter. This has included startup acquisitions both from large vendors such as Check Point Software Technologis and Cisco Systems, as well as M&A deals involving venture capital-backed companies acquiring smaller startups. In the following slides, we’ve collected details on a number of notable cybersecurity startup acquisitions that were unveiled or completed during the third quarter of 2023.

While many of the quarter’s cybersecurity startup acquisitions have been too small to disclose the dollar amounts, there have been a few exceptions. Those include Check Point’s $490 million agreement to acquire Perimeter 81 in August and Tenable’s $265 million acquisition deal for Ermetic in September.

In terms of running themes across the acquisitions, secure access service edge (SASE) and identity security have each seen multiple startup acquisitions during the quarter. Identity security has become a red-hot segment of late as identity-based attacks have surged. Likewise, SASE has continued to see rapid adoption as a favored approach for securing remote and hybrid workforces.

In SASE, in particular, M&A is a proven strategy for building a platform: Leading vendors in the category such as Palo Alto Networks have previously built out their SASE platforms in part through startup acquisitions.

Meanwhile, in a recent interview, Netskope co-founder and CEO Sanjay Beri told CRN that technologies from smaller startup acquisitions have been essential to assembling his company’s comprehensive SASE platform. Amid the increasingly buyer-friendly M&A market in cybersecurity, Beri also predicted an uptick in the number of startup acquisitions in the space. “I think you probably will see more this year and next year,” he told CRN. “I would expect that.”

And indeed, in early September, Netskope unveiled its acquisition of Kadiska, a startup focused on enabling strong performance for SASE deployments.

What follows are the details on a number of key cybersecurity startup acquisition deals in the third quarter of 2023. (CRN will update this list as acquisitions are unveiled this quarter.)

Cisco To Acquire Oort

Cisco announced in July it plans to add another startup’s technology to its security portfolio with its agreement to acquire identity threat detection and response startup Oort. Once combined, Oort’s identity-centric technology will enhance user context telemetry for Cisco’s Security Cloud platform, Cisco said. The companies did not disclose the terms of the deal.

The tech giant has been a strategic investor in Oort since 2022. Oort was founded by Cisco alumni Matt Caulfield, an entrepreneur and former Cisco engineer for 10 years who has a background in cloud, networking and data.

Oort’s identity-centric technology will be incorporated into the Cisco Security Cloud platform, including within Cisco’s Duo identity access management technology and extended detection and response portfolios, according to Raj Chopra, senior vice president and chief product officer for Cisco Security.

Cisco has unveiled agreements to acquire four security-related startups in 2023 so far, with Oort joining a list that includes Lightspin, Valtix and Armorblox.

Graylog Acquires Resurface

In July, SIEM and log management vendor Graylog unveiled its acquisition of Resurface—an API security startup whose technology has stood out by working with WAF (web application firewall) and API gateways, according to the company. The Resurface technology is now being offered as an additional product from the vendor, Graylog API Security. The acquisition—the terms of which were not disclosed—positions Graylog as “the only SIEM provider offering an API security solution,” Graylog CEO Andy Grolnick said in a news release.

Laminar CEO Amit Shaked

Rubrik Acquires Laminar

In August, Rubrik disclosed its acquisition of an up-and-coming startup in cloud data security, Laminar, to further extend the IPO-bound vendor’s data security platform. Laminar supports the three largest public clouds—Amazon Web Services, Microsoft Azure and Google Cloud—as well as Snowflake, Google’s BigQuery, Microsoft OneDrive and Google Drive.

Key data security capabilities for Laminar’s offering include posture management—used for enforcing policy and and protecting sensitive data —as well as access governance, threat monitoring and threat response.

The addition of Laminar’s technology to the Rubrik data security platform will “create the industry’s first complete cyber posture and cyber recovery offering of its kind,” Rubrik said in a news release.

Financial terms of the Laminar acquisition were not disclosed by Rubrik. A source close to the agreement put the value of the acquisition at more than $100 million, with the deal including both cash and stock. Rubrik reportedly beat out other potential acquirers that had been interested in the startup, including Datadog.

Coro Acquires Privatise

Coro, a venture-backed company offering a cybersecurity platform for the midmarket, announced in July that it acquired network security startup Privatise. The acquisition of the startup’s technology “adds critical SASE capabilities to Coro’s all-in-one platform,” the company said in a news release. Terms of the deal—funded with the help of Coro’s $155 million in funding raised over the prior 12 months—weren’t disclosed.

Check Point To Acquire Perimeter 81

In August, Check Point Software Technologies said it reached a $490 million agreement to acquire Perimeter 81—a provider of secure remote networks based on zero trust architecture—to bolster its SASE platform. Founded in 2018, Perimeter 81’s technology combines network and security functionality while enabling an identity-driven and cloud-based approach to securing businesses.

In a news release, Perimeter 81 co-founder and CEO Amit Bareket said the company aims to help “deliver the premier SASE platform in the market” as a part of Check Point. “Our interconnection represents a significant step towards a comprehensive and scalable security for the modern era,” Bareket (pictured) said.

Check Point said it will integrate Perimeter 81’s capabilities into its Infinity architecture with the goal of providing a unified security platform spanning the network and cloud along with remote users.

The acquisition is expected to close in the third quarter of 2023.

Check Point To Acquire Atmosec

In early September, Check Point unveiled another acquisition deal targeted at expanding its SASE platform, with an agreement to acquire Atmosec. Founded in 2021, the 17-person startup is focused on enabling “rapid discovery and disconnection” of malicious SaaS apps, as well as prevention of high-risk SaaS communications and fixes for misconfigurations in SaaS, according to Check Point. The integration of Atmosec’s technology into Check Point’s Infinity platform “sets us to deliver one of the industry’s most secure SASE solutions,” said Nataly Kremer (pictured), chief product officer and head of R&D at Check Point, in a news release.

Terms of the acquisition deal for Atmosec—which has been expected to close in mid-September—were not disclosed. Atmosec had raised $6 million in seed funding.

Netskope Acquires Kadiska

On Sept. 6, Netskope unveiled its acquisition of Kadiska, a three-year-old startup that provides capabilities for digital experience monitoring. With the integration onto Netskope’s SASE platform, the Kadiska capabilities will help customers provide strong performance for the networks and applications that users depend upon, the company said in a news release. The acquisition is the latest step in Netskope’s effort to offer “the ability to monitor and proactively remediate performance, and assure experience across the entire SASE architecture—from SD-WAN to SSE—as well as across the cloud and application estate,” the company said. On Aug. 30, Netskope had unveiled a new offering, Proactive Digital Experience Management, for managing the user experience “across the entire SASE architecture.”

Kadiska’s vision matches “uncannily well” with Netskope’s, said Sanjay Beri, co-founder and CEO of Netskope, in the release. “Both technologies have been built to recognize the new world where data, users, cloud infrastructure and applications are all dispersed, leaving blindspots and challenges for organizations seeking to control and optimize experience and security,” Beri (pictured) said.

Terms of the acquisition deal for Kadiska were not disclosed. It’s the eighth acquisition for Netskope since its founding in 2012, and the company’s first startup acquisition in 2023.

Tenable To Acquire Ermetic

On Sept. 7, Tenable announced it reached an agreement to acquire cloud identity and permissions management startup Ermetic for $265 million in cash and stock, as the company looks to expand the cloud security capabilities of its vulnerability and risk management platform. In a news release, the cybersecurity vendor said it plans to integrate Ermetic’s technology into its Tenable One Exposure Management Platform.

The acquisition deal includes $240 million in cash along with $25 million, and Tenable expects it to close in the early fourth quarter.

Shai Morag (pictured), co-founder and CEO of Ermetic, said in the release that combining the two companies will provide “unprecedented” visibility to customers and “remove the complexity that makes managing cloud environments so challenging.”

Founded in 2019, Ermetic specializes in automatically removing unneeded permissions in the cloud. The startup is a “leader” in the category, which is known as cloud infrastructure entitlement management (CIEM), Tenable said in its news release.

For Tenable, the expansion of its offering with Ermetic’s capabilities will enable the company to “deliver a holistic view of the modern attack surface and help organizations reduce exposure and risk, using identity as an essential foundation,” Tenable CEO Amit Yoran said in the release.

The acquisition is the sixth for Tenable since it went public in 2018, according to the company.

Ermetic had raised a total of $100 million in funding, most recently landing a $70 million Series B round in December 2021 led by Qumra Capital.