Computer Business Review

One Week; Four Cybersecurity Deals; $1.5 Billion Spent: What’s Bought What?

A week of cybersecurity deals saw four companies change hands in recent days. Here’s which companies have been snapped up, who bought them, and what they do.

Recorded Future – Sold to Insight Partners for $750 Million

In the week’s (and one of the year’s) largest cybersecurity acquisitions, threat intelligence specialist Recorded Future – headquartered in Massachusetts, with offices in Virginia, Sweden, and the United Kingdom – was bought for $780 million by VC firm Insight Partners, an established software company investor, with over $20 billion of assets under management. The firm had already invested in Recorded Future.

Recorded Future provides a SaaS-based smorgasbord of threat data from a wide range of technical, open web, and dark web sources. Having sourced the data, it uses machine learning to prioritise, categorise and present it for analysts via a web application.

Read this: Why Investment in Cybersecurity is Taking Off

Recorded Future CEO  Christopher Ahlberg said: “Our leadership team will remain in place, our corporate structure will remain intact, and you should expect minimal impact from this change in financial sponsorship. Recorded Future continues to pursue new intelligence sources, develop thoughtful proprietary research, enable and strengthen integration partnerships, and hone unique data collection and analysis techniques. This new financial sponsorship means that we will be able to accelerate our plans and even more aggressively pursue new features and capabilities.”

Twistlock – Sold to Palo Alto for $410 Million 

Palo Alto networks has made two acquisitions this week (See below) but its  $410 million deal for Twistlock was by some margin the larger of the two. Twistlock, founded in 2015, is based in Portland, Oregon and cites a 290-strong customer base; more than 25 percent of which are on the Fortune 100 list.

Twistlock provides vulnerability management, compliance, and runtime defense for full-stack, full-lifecycle container and cloud native cybersecurity teams using Docker, Kubernetes, serverless, and other cloud native technologies.

The acquisition marks “another exciting step forward in our commitment to offering our customers the industry’s most complete cloud security offering” said Palo Alto CEO Nikesh Arora, who added that the acquisition “will significantly enhance our ability to be the cybersecurity partner of choice for our customers, while expanding our capabilities and strengthening our Prisma cloud security strategy.”

Verodin – Sold to FireEye for $250 Million 

In FireEye’s first acquisition since buying email protection specialist “The Email Laundry” in April 2018, on May 28 it announced that it was buying Virginia-based security instrumentation specialist Verodin for $250 million.

Verodin’s Security Instrumentation Platform identifies security gaps due to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Its network controls inspect network traffic (e.g. IDS, IPS, NGFW, etc.), sending traffic between each other to see how the network control responds. These tests include segmentation and policy validation, malicious file transfer, C2, data exfiltration, etc.

“Security effort does not equal security effectiveness. That is why security-conscious customers red-team their networks – they need the unvarnished truth of how effective their security programs are. Verodin gives us the ability to automate security effectiveness testing using the sophisticated attacks we spend hundreds of thousands of hours responding to, and provides a systematic, quantifiable, and continuous approach to security program validation,” said Kevin Mandia, chief executive officer at FireEye.

PureSec – Sold to Palo Alto for $60 Million 

In Palo Alto’s second acquisition this week it agreed a deal with Tel Aviv-based startup PureSec (founded in 2016) for an undisclosed sum; reported in the Israeli press to have been in the $60 million range.

PureSec, recognised as a Gartner Cool Vendor in April 2019, is a serverless security specialist that supports all serverless vendors, including AWS Lambda, Google Cloud Functions, Azure Functions and IBM Cloud Functions. Its tools cover vulnerability management, access permissions, and runtime threats.

“PureSec’s vision has always been to ensure that all serverless applications will be secured at the very highest level. By joining forces with Palo Alto Networks, we will undoubtedly be able to make that a reality much faster. We are humbled and excited about this opportunity, said PureSec CEO Shaked Zin.

2018’s cybersecurity M&A and financiing activity by sector. Credit: Momentum Cyber

There were a record 183 cybersecurity deals in 2018, with 96 percent involving private companies. 2018, with nine of them worth $500 million or more. Four deals were worth more than a billion dollars.

See also: Cybersecurity M&A Activity Hits a Record High