Tom Wright | August 14, 2018

10 biggest cybersecurity acquisitions in H1

As seen on CRN...

Acquisition activity in the cybersecurity space slowed in the first half of this year, according to Momentum Cyber.

The value of M&As in H1 was $4.1bn (£3.2bn), the firm said, compared with $6.2bn in the first half of 2017.

Q1 this year saw acquisitions to the value of $2.5bn, while Q2 saw $1.6bn.

Both quarters were dwarfed by the last quarter of Q4, which saw $11.5bn-worth of M&A deals completed.

10. Secdo acquired by Palo Alto Networks - $90m

In the first of two Palo Alto Networks acquisitions featured on this list, the US firm acquired Secdo for a fee which Momentum reported as $90m.

The Israeli firm, founded in 2014, specialises in end-point detection and response and also provides a platform for network visibility and analytics.

Speaking to CRN last year, Secdo CEO Shai Morag said that the firm was in the process of building out its UK channel, specifically targeting dedicated security resellers and managed security service providers.

On the acquisition by Palo Alto, Morag said: "We founded Secdo to dramatically increase visibility for security operations teams to reduce the time it takes to detect and respond to an alert.

"The combined capabilities of Secdo and Palo Alto Networks will provide customers with the capabilities they need to swiftly and accurately detect and respond to cyberattacks."

9. Dealflo acquired by OneSpan - $55m

London-based Dealflo was acquired by publicly listed OneSpan in May, in a deal worth $55m.

Dealflo was founded in 2008 and specialises in identity verification and financial agreement automation solutions. The firm counts Ford and BMW among its customers.

OneSpan is listed on New York's NASDAQ market and has a valuation of around $658m.

The firm's CEO Scott Clements said that Dealflo's capabilities will help it bolster its subscription revenues.

8. VictorOps acquired by Splunk - $120m

In a move more than double the size of the ninth-placed deal on this list, Splunk moved for incident management vendor VictorOps for $120m in June.

VictorOps provides a solution that centralises the flow of information throughout the incident life cycle, according to Momentum.

The platform provides access to real-time alerts and facilitates collaboration among team members to help resolve incidents faster.

At the time, Splunk CEO Doug Merritt said: "The combination of machine data analytics and artificial intelligence from Splunk with incident management from VictorOps creates a platform of engagement that will help modern development teams innovate faster and deliver better customer experiences."

7. IDQ acquired by SK Telecom - $130m

South Korean telecoms giant SK splashed out $65m for half of Geneva-based firm IDQ, valuing it at $130m.

IDQ claims to be the world leader in "quantum-safe crypto solutions", to protect data as it travels across a network.

"In a world where the technological landscape is being revolutionised by quantum physics, IDQ helps its customers to guarantee long-term security of their data through quantum-safe crypto solutions," its website states.

6. Wombat Security Technologies acquired by Proofpoint - $225m

Proofpoint snapped up cybersecurity awareness training vendor Wombat for $225m in February.

Publicly listed Proofpoint, currently worth around $6bn, said at the time of the deal that Wombat's tech would bolster its offering against human-based threats.

Wombat's solutions focus on training organisations' employees to follow best practices and help minimise the ways that attackers can pose a threat.

Wombat's education platform includes solutions to help combat attack methods including phishing.

Gary Steele, Proofpoint's CEO, said: "Because threat actors target employees as the weakest link, companies need to continuously train employees and arm them with real-time threat data." 

5. Evident acquired by Palo Alto Networks - $300m

Cloud infrastructure security vendor Evident was snapped up by Palo Alto for $300m in March.

Evident focuses on securing the public cloud and also manages misconfigurations in AWS environments.

Palo Alto, which is listed on the stock exchange and is currently valued at around $20bn, said that the acquisition extends its portfolio of API-based security capabilities.

Tim Prendergast, co-founder of Evident, said: "The deal combines the best public cloud infrastructure security company,, with the industry's leader in public cloud security, Palo Alto Networks.

"Together, our technologies will form the world's most advanced cloud security offering."

4. Iovation acquired by TransUnion - $325m

Multi-factor authentication vendor Iovation was acquired by credit reporting agency TransUnion in May for $325m.

Iovation aims to protect businesses and consumers from online fraud in real time by combating identity fraud and providing multi-factor authentication solutions.

The firm focuses predominately on the e-commerce, financial, gaming, insurance and ticketing sectors.

3. Phantom acquired by Splunk - $350m

Splunk's first cybersecurity acquisition of the year was bigger than its VictorOps deal and was the vendor's largest ever, with the firm snapping up Phantom for $350m.

Phantom's platform is designed to pull together existing security operations into one place and provide a "layer of connective tissue around them".

This allows for the automation of certain tasks, with Phantom claiming that some tasks can go from taking hours to taking minutes.

The platform supports six functions in security operations centres: automation, orchestration, collaboration, event management, case management and reporting.

Earlier in the year Momentum's managing partner Eric McAlpine told CRN that Phantom was set to become one of the leading players in the managed detection and response space.

2. PhishMe acquired by BlackRock and Pamplona - $400m

PhishMe, which has since rebranded as Cofense, was acquired by Blackstone and Pamplona in February in a deal valuing the firm at $400m.

Cofense specialises in providing online security awareness services, with its phishing solution (still known as PhishMe) its flagship product.

The vendor also offers services around incident response, forensics, social engineering and penetration testing.

Progress is the Cofense's distributor in the UK.

1.  Threatmetrix acquired by LexisNexis Risk Solutions - $830m

In a deal valued at more than double the second-biggest acquisition in H1, LexisNexis Risk Solutions shelled out $830m for vendor ThreatMetrix in January.

ThreatMetrix provides cloud-based security focusing on fraud prevention and identity solutions.

The vendor was founded in 2005 and claims to have "pioneered" the digital identity space. It has had a partnership with LexisNexis Risk Solutions for the last two years.

The risk arm of legal giant LexisNexis uses technology to give its customers the tools to evaluate business decisions and foresee potential hazards.

Read this article on CRN