The Top 10 Cybersecurity Acquisitions Of 2018 (So Far)

Bulking Up Around The Cloud, Endpoint

Companies placed big bets on securing the cloud, endpoint and applications in the first half of 2018, with six of the period's 10 top acquisitions focused around these technology areas.

Technology titans, private equity goliaths, and pure-play security mainstays spent at least $3 billion on the year's most significant deals, scooping up nearly 2,900 employees from an assortment of legacy firms and early- and late-stage startups. All of the acquired companies were founded this century, with eight of the 10 targets established in the current decade.

Five of the acquired companies are based in Silicon Valley, three are based in the Northeast, one is based in the Southeast, and one is based elsewhere in the Western United States.

Four of the acquisitions were carried out by technology providers with broad portfolios, three were consummated by platform security vendors, two were executed by private equity firms, and one was carried out by a more narrowly focused security vendor.

Here's a look back at the 10 top cybersecurity acquisitions impacting the channel so far in 2018.

(For more on the biggest news of 2018, check out "CRN's Tech Midyear In Review.")

10. Oracle Acquires Zenedge

Purchase Price: Not Disclosed

Oracle boosted the application and network protection around its cloud services in March by purchasing security startup Zenedge.

The Redwood Shores, California-based software vendor said its acquisition of Aventura, Florida-based Zenedge would make it easier for enterprises to adopt cloud services without compromising performance, cost, control or security. Zenedge's web application firewall and DDoS mitigation products help customers secure their applications, networks, databases and APIs from malicious internet traffic, Oracle said.

From a compliance perspective, Oracle said Zenedge offers a single, interactive control center, pre-built rule-sets extended by adaptive automation, and integrations into SIEM and security reporting. Zenedge's infrastructure is also scalable, Oracle said, with a globally-deployed network, worldwide traffic scrubbing centers, and a programmatic API interface for global propagation.

9. VMware Acquires E8 Security

Purchase Price: Not Disclosed

VMware acquired startup E8 Security in March, taking hold of a technology intended to bolster recent upgrades to its Workspace ONE endpoint management platform.

The Redwood City, Calif.-based startup uses artificial intelligence to monitor anomalies in system behavior. By analyzing data from different sources, E8 Security can discover malicious activity and tackle cyber threats in their early stages.

Integrating E8 Security's capabilities into Palo Alto, California-based VMware's Workspace ONE will enable customers to simplify management and security by correlating data to accurately detect and respond to advanced threats using analytics. E8's automated analysis of user and entity behavior can deliver threat insights to the Workspace ONE Intelligence service.

8. Amazon Web Services Acquires Sqrrl

Purchase Price: $40 Million (reported by Axios)

Amazon Web Services in January gave its new threat detection service a shot in the arm by purchasing cybersecurity software company Sqrrl.

Cambridge, Massachusetts-based Sqrrl's advanced threat hunting capabilities were expected to align well with Amazon GuardDuty, an intelligent threat detection service Seattle-based Amazon launched in November focused on protecting AWS accounts and workloads.

Sqrrl analyzes big data to hunt cyberthreats, helping companies identify and address them faster. The company said it utilizes linked data, machine learning, user and entity behavior analysis, risk scoring, and big data technologies to uncover malicious patterns and anomalies hidden within security data sets.

7. Palo Alto Networks Acquires Secdo

Purchase Price: $100 Million (reported by Israeli business publication Globes)

Palo Alto Networks bolstered its data collection and visualization capabilities on the endpoint through its April purchase of emerging vendor Secdo.

The Santa Clara, California-based platform security titan said its acquisition of New York-based endpoint detection and response vendor Secdo will enhance its ability to rapidly detect and stop stealthy attacks. The data from Secdo will into feed into the Palo Alto Networks logging services and give applications running in the framework greater precision to visualize, detect and stop cyberattacks.

Secdo's thread-level approach to data collection and visualization goes far beyond traditional EDR methods, which Palo Alto Networks said only collect general event data. As a result, security operations teams are hamstrung as they try to reconstruct each step of an attack and distinguish between malicious and normal activity.

6. Proofpoint Acquires Wombat Security Technologies

Purchase Price: $225 Million

Proofpoint in March provided the industry's first-ever integration of market-leading protection and awareness offerings through its purchase of Wombat Security Technologies.

The Sunnyvale, California-based vendor said the deal would allow it to fuse its advanced threat protection capabilities with Pittsburgh-based Wombat's real-time phishing simulation and cybersecurity awareness and training. This combination should provide enterprises with highly accurate insights into their employees' vulnerability to the real phishing attacks targeting them every day, the company said.

Wombat stood out thanks to the breadth of its capabilities, its industry-leading technology, and its proximity to research hub Carnegie Mellon University, according to Proofpoint. The company looked into some options over the past two years, and was excited about Wombat's capabilities and its ability to fit into the company's business operations.

5. Thoma Bravo Acquires Majority Stake In LogRhythm

Purchase Price: Not Disclosed

Thoma Bravo in July purchased a majority stake in LogRhythm to accelerate the company's operational and product development roadmap.

The Boulder, Colorado-based security information and event management (SIEM) vendor said it was impressed by Chicago-based Thoma Bravo's cybersecurity domain expertise and track record of helping companies drive growth and innovation.

LogRhythm plans to use proceeds from the deal to continue building out tools that enable channel partners to deliver managed services in a cost-effective manner. From a technology standpoint, LogRhythm hopes to further differentiate from competitors through investments in its core SIEM platform as well as adjacent technologies like user and entity behavior analytics (UEBA).

4. Splunk Acquires Phantom Cyber

Purchase Price: $350 Million

Splunk extended its security capabilities through the April purchase of security orchestration, automation and response (SOAR) software developer Phantom Cyber.

The San Francisco-based company said it will integrate Palo Alto, California-based Phantom's software with the Splunk platform to create a comprehensive system that SecOps teams can use to accelerate incident response, advance cyber defense, and reduce organizational risk using analytics-driven security. It will also help better manage security operations centers with reduced staffs, according to Splunk.

Security operations center analysts utilize SOAR systems to automate tasks, orchestrate workflows, improve collaboration, and help organizations respond more quickly to security threats, according to Splunk. Phantom CEO and Founder Oliver Friedrichs remained with the company, and is now reporting to Splunk's SVP and GM of Security Markets Haiyan Song.

3. Palo Alto Networks Acquires Evident.io

Purchase Price: $300 Million

Palo Alto Networks purchased Evident.io in March to make it easier for enterprise cloud users to keep their deployment compliant and secure.

The Santa Clara, California-based platform security vendor said buying Pleasanton, California-based Evident.io will extend its API-based security capabilities by analyzing services and account setting configurations against strict security and compliance controls. Evident.io's co-founders joined Palo Alto Networks.

Once Evident.io is integrated with Palo Alto Networks' existing cloud security offering, the company said customers will be able to use a single approach for continuous monitoring, storage security, and compliance validation and reporting.

As a result, security, DevOps and compliance will be able to: develop cloud applications faster; simplify developer and security operations; and continuously validate deployments for compliance.

2. Thoma Bravo Acquires Barracuda Networks

Purchase Price: $1.6 Billion

Thoma Bravo purchased Barracuda Networks in February, just four years after the storage and security vendor filed for an IPO.

The Chicago-based private equity firm said it was impressed by Campbell, California-based Barracuda's ability to bring comprehensive offerings to customers in an increasingly hostile and complex threat environment. The firm said that Barracuda is at the forefront of innovation in several highly strategic areas of the cybersecurity market.

Barracuda, for its part, expected that the deal would help the company accelerate the growth of its industry-leading security platform. The company also praised Thoma Bravo's excellent history of investing in growing security businesses.

1. McAfee Acquires Skyhigh Networks

Purchase Price: Not Disclosed

McAfee in January purchased leading cloud access security broker Skyhigh Networks in January to establish a dominant position in both the endpoint and cloud cybersecurity markets.

The Santa Clara, California-based platform security vendor praised Campbell, Calif.-based Skyhigh for pioneering the CASB product category and for its foresight in realizing that cybersecurity should not be an impediment to cloud adoption. This deal was McAfee's first major acquisition since spinning off from Intel in April 2017.

Skyhigh Founder and CEO Rajiv Gupta joined McAfee's leadership team to run the company's new cloud business unit. The company's existing organizational structure remained generally intact to ensure continuity for customers and partners.