Several deals in 2021 reported by CSOs relate to identity security and cloud marketplaces. This trend is likely to continue as these markets consolidate.

In all markets, major companies are looking to expand their reach. The acquisition of SecurityTrails by Recorded Future is an example of 2022 – it adds attack surface monitoring technology to the Recorded Future offering.

Check also:

In the past year, some companies whose activities are not primarily related to the cybersecurity market have bought security companies to better protect their data and that of their customers. For example, in November 2021, global retailer Schwarz Group bought cloud security company XM Cyber ​​to secure its digital offering. This trend is likely to continue into 2022, as evidenced by the acquisition of Siemplify by Google Cloud. Google Cloud already offers a range of security tools for customers of the cloud platform. With Siemplify, you gain greater security coordination, automation, and response (SOAR) capabilities.

We feature the deals chosen by CSO magazine as the most important deals of the year.

1. Snyk entered the cloud security market with the acquisition of Fugue

February 17: Snyk acquires Fugue and its cloud security and compliance products. This decision gives Snyk a good standing in the cloud security market. The company plans to use Fugue’s capabilities to expand the Snyk Developer Security Platform. “We will reimagine what cloud security for DevSecOps teams can look like today, and should be, to deliver more secure innovations around the world,” Snyk CEO Peter McKay said in a press release. Terms of the deal were not disclosed.

2. WhiteSource buys two SAST companies

Feb 15: WhiteSource, a supplier of software configuration analysis tools, expands its static application security (SAST) capabilities by acquiring two companies: Xanitizer and DefenseCode. Xanitizer provides SAST detection technologies and DefenseCode provides SAST capabilities with multi-language support. Both companies will be included in WhiteSource. Terms of the deal were not disclosed.

3. Tenable Cymptom

February 1: Tenable Holdings announces its intention to acquire Cymptom, known for its attack path management technology. After closing the deal in the first quarter of 2020, Tenable plans to integrate the Cymptom platform with data on threats and vulnerabilities. “By connecting software vulnerabilities, network misconfigurations, and access data, Cymptom can identify exploitable pathways for attack and breach,” said Niko Pope, Tenable’s chief product officer, in a press release. viable, and will expand the prioritization, benchmarking, direction and other capabilities that are part of Lumin and available through Tenable.ep.” Terms of the deal were not disclosed.

4. Forescout expands its healthcare safety offering with CyberMDX purchase

February 1: Forescout Technologies, known for its active defense and operations technology (OT) products, acquires cybersecurity provider CyberMDX. This purchase allows Forescout to expand the capabilities of the Internet of Things (IoMT). Similar to cybersecurity for OT devices, IoMT cybersecurity requires specific knowledge and technology. “We are delighted to have the CyberMDX team join Forescout as we continue to introduce new opportunities on our market-leading platform and develop our R&D center,” Forescout CEO Wael Mohamed said in a press release. Terms of the deal were not disclosed.

5. Datto acquires Infocyte, an EDR service provider

January 20: Datto Holding, a company that provides cloud-based software and security solutions to managed service providers, announces the purchase of Infocyte. The company plans to integrate Infocyte Endpoint Protection and Response (EDR) solutions with its own offering. “The addition of the Infocyte team and technology expands our capabilities within the critical steps of protection, detection and response outlined in the NIST regulatory security framework,” Datto CEO Tim Wheeler said in a press release. Application security defense is in the same stages as Nest.

6. Flashpoint buys risk-based security

January 12: Flashpoint announces the acquisition of Risk Based Security (RBS), a data breach and vulnerability analysis service. Flashpoint plans to integrate RBS’ knowledge and technology base into its own platform. “This acquisition will allow our customers to quickly discover critical security vulnerabilities before they become widely known and then automate the way they prioritize and fix these issues,” Flashpoint CEO Josh Lefkowitz said in a press release. It is an important step towards Flashpoint’s vision as one vendor companies can rely on to mitigate all risks and protect critical assets. Terms of sale were not disclosed.

7. Cerberus Cyber ​​Sentinel has taken over the true digital security

Jan 5: Cerberus Cyber ​​Sentinel, a provider of managed and consulting cybersecurity services, buys True Digital Security. By providing services for cyber security and compliance operations, the company will continue to operate as a wholly owned subsidiary of Cerberus. “True Digital is culturally aligned with the Cerberus family of companies. Together we will keep companies safe as the compliance management service provider, cybersecurity plus culture (MCCP+),” said David Jimmyt, President and Founder of Cerberus Sentinel, in a press release. Cyber, providing our customers with the best proven technologies, processes and people.” Terms of the deal were not disclosed.

8. Recorded Future buys SecurityTrails

January 5: Recorded Future acquires SecurityTrails, known for its attack surface monitoring technology, for $65 million. The company intends to enhance its threat monitoring tools by leveraging SecurityTrails technology to provide customers with greater visibility into the attack surface and shadow economy. “By combining our unparalleled Recorded Future intelligence platform with SecurityTrails’ unparalleled vision of the organization’s attack surface, we are making life for opponents even more challenging,” Dr. Christopher Ahlberg, CEO and co-founder of Recorded Future, said in a press release.

9. Corvus Insurance entered the UK and other markets with the acquisition of Tarian Underwriting

January 5: Tarian Underwriting is acquired by a US commercial insurance company. Tarian Underwriting, headquartered in London, UK, is an online underwriting platform located in the UK, US, Canada, Middle East and Australia. “By bringing Tarian to Corvus, we are expanding our international operations into Europe, Africa and Australia with an experienced and proven underwriter team,” Corvus founder and president Phil Edmundson said in a press release. Terms of the deal were not disclosed.

10. Google Cloud Acquires SOAR Resource, Siemplify

Jan 4th: Google Cloud announces that it has purchased Siemplify and its SOAR technology. The company plans to add Siemplify tools to its Chronicle security suite. “We plan to invest in SOAR capabilities with Siemplify cloud services as our backbone and leading team talent. Our goal is to integrate Siemplify capabilities with Chronicle in a way that helps companies modernize and automate their security processes,” said Sunil Putti, Google Cloud Security Vice President and General Manager, in a blog post. “. Contract terms were not disclosed.

Source: Civil Society Organizations website