January's M&A News Roundup

January was a relatively quiet month in terms of cybersecurity deals. Companies were also particularly cagey, with only one disclosed fee out of the nine deals Infosecurity has identified. Here is our first M&A roundup of 2023.

Pentesting Firm NetSPI Adds nVisium’s Vulnerability Assessment Tool to Its Portfolio

Virginia-based nVisium was acquired by NetSPI for an undisclosed fee on January 10, 2023. The penetration testing platform provider will add nVisium’s vulnerability assessment and application pentesting products to its offering. This acquisition follows NetSPI’s $410m growth investment from KKR and the December 2020 acquisition of Silent Break Security.

RAN Security Joins Cerberus Sentinel as it Rebrands As CISO Global

In December 2022, Arizona-based Cerberus Sentinel announced it was rebranding as CISO Global, Inc. On January 10, 2023, as all corporate entities had been updated, the managed cybersecurity and compliance provider confirmed that Buenos Aires-headquartered RAN Security is joining the group as a subsidiary. The transaction is expected to close later in the year. The fee has not been shared by either party.

SailPoint Acquires Third-Party Identity Provider SecZetta

Identity management vendor SailPoint announced on January 12 that it is acquiring SecZetta, a security startup that provides a non-employee identity management solution, for an undisclosed fee. The latter will fully integrate SailPoint’s Identity Security Cloud platform.

Abacus Group Fulfils MSSP Ambitions With Gotham Security And GoVanguard

UK-based Abacus Group, which provides cloud-hosted IT services, wants to strengthen its security offering by acquiring cybersecurity consulting companies Gotham Security and its parent company, GoVanguard, which closed on January 18.

Bitwarden Moves Beyond Passwords With Passwordless.dev Acquisition

After raising $100m in September 2022, open-source password manager Bitwarden announced its first acquisition on January 18 with Swedish-based Passwordless.dev, specializing in passwordless authentication. “Founded in 2020, Passwordless.dev provides a comprehensive API framework that minimizes complexities for developers seeking to build passkeys and FIDO2 WebAuthn features such as Face ID, fingerprint, and Windows Hello,” a Bitwartden spokesperson said in a public statement.

$1.65bn-Worth Vanta Buys Trustpage

Automated security compliance vendor Vanta announced on January 19 that it is acquiring Trustpage, which provides security review tools and questionnaires, for an undisclosed amount.

“Now with Trustpage by Vanta, every business can have a real-time, single source of truth for their security posture that’s verified to meet industry gold standards,” Trustpage’s CEO Chase Lee said in a public statement. In 2022, Vanta raised $150m in funding from Craft Ventures, Sequoia, Y Combinator, and CrowdStrike, bringing the company’s total amount raised to $203m at a $1.65bn valuation.

Thoma Bravo-Owned Morpheus Purchaser to Acquire Magnet Forensics for $1.34bn

Thoma Bravo continues its activity in the cybersecurity market and has maintained its 2022 momentum with a new acquisition: Magnet Forensics. The digital investigation provider announced on January 20 that it had entered into a definitive arrangement agreement with Morpheus Purchaser, a newly created corporation controlled by Thoma Bravo. The deal is worth nearly $1.34bn.

SecOps Provider GuardSight Acquired by Iron Bow

GuardSight, a Utah-based provider of cyber-operations-as-a-service and managed detection and response solutions, has been acquired by Iron Bow, which offers managed security services. The deal was announced on January 26. The fee was not disclosed by either company.

OneSpan Extends Secure Contract Offering to Web3 With ProvenDB

Transaction security vendor OpenSpan announced on January 27 that it is acquiring ProvenDB, an Australian startup that delivers secure storage and vaulting for documents based on blockchain technology.

“Digital artifacts are simply too easy to fabricate, tamper, or delete in the era of Web3, leading to security breaches and loss of trust in digital information. In this world of evidence tampering and deep fakes, it is critical that we have non-repudiation and copies of the original artifact with an immutable chain of custody throughout the entire customer journey,” Matthew Moynahan, OneSpan’s president and CEO, said in a statement.

What’s Hot on Infosecurity Magazine?