The second half saw major consolidation in the security industry, with a number of vendors acquiring startups in the areas of data security, identity management and SaaS security.

Cyber ​​mergers and acquisitions intensify

The cybersecurity vendor consolidation that many have been predicting for years would finally appear to be happening in 2024. A flurry of deals between large and small security tool makers has taken place in the industry this year, particularly in recent months. Major acquisitions include Palo Alto Networks’ $500 million buyout of IBM’s QRadar SaaS business, Fortinet’s acquisition of cloud security unicorn Lacework, and, recently announced in late October, the planned acquisition by Sophos from Secureworks for $859 million.

(Related: 5 Major Security Vendors That Could Be Acquired by Private Equity)

While these deals are part of the merger and acquisition deals that have reshaped the security industry this year, a flood of smaller deals have also been announced in recent months. Key startup acquisitions have been revealed in the second half of 2024 by a number of major security vendors, including Proofpoint, Cloudflare, Netskope, Mimecast and CrowdStrike.

Data security (including security for SaaS) was a major theme of much of the cybersecurity startup acquisition activity during the third and fourth quarters, with more than half of recent deals focusing on data and SaaS security. Other recently announced deals have focused on segments such as identity management, cloud security, attack surface management and collaboration security.

Here are the details of 10 key cybersecurity startup acquisitions in the third and fourth quarters of 2024.

Rapid7 acquires Noetic Cyber

In July, Rapid7 announced it had entered into an agreement to acquire Noetic Cyber, a startup whose technology aims to strengthen the vendor’s capabilities in cyber asset attack surface management (CAASM). The deal has since been completed.

Rapid7 did not disclose the terms of the acquisition agreement.

Rapid7 called Noetic Cyber ​​an “innovator and leader” in the CAASM space, and said the acquisition of its technologies will allow the vendor to “provide more complete visibility of a customer’s environment, including visibility into internal and external assets, on-premises and in the cloud.

The acquisition “positions Rapid7 to deliver the most productive security operations experience while making it more accessible to the teams who need it most,” Rapid7 CEO Corey Thomas said in a press release.

Fortinet acquires Next DLP

In August, Fortinet announced the acquisition of data security startup Next DLP in an effort to strengthen its secure access service edge (SASE) platform. Terms of the acquisition were not disclosed.

With the acquisition of Next DLP, which CRN named one of the 10 hottest cybersecurity startups of 2023, Fortinet announced it would enhance its Unified SASE (secure access service edge) offering as well as “enhance its position in the standalone enterprise data loss prevention sector.” (DLP) market.

Next DLP provides a platform to spot insider risks while also detecting data exfiltration and loss, using a software agent that has minimal impact on CPU performance and worker productivity .

Mimecast acquires Aware

In August, Mimecast announced the acquisition of a startup, Aware, which focuses on securing workplace collaboration tools using AI. Terms of the deal were not disclosed.

Mimecast said in a press release that the acquisition aims to “revolutionize how organizations manage and mitigate human-centric security risks.” Aware’s technology integrates “seamlessly” with collaboration tools, while “the key business insights and insights it collects provide unprecedented visibility into workplace collaboration,” Mimecast said .

ColorTokens acquires PureID

In September, microsegmentation provider ColorTokens announced its acquisition of PureID, an identity and access management (IAM) startup. Terms of the deal were not disclosed.

ColorTokens said in a press release that the deal would “significantly strengthen” the microsegmentation capabilities of its Xshield platform through the integration of a “robust” identity offering. The move will enable “identity-based segmentation” for cloud and containerized environments, IoT/OT deployments and user environments, ColorTokens said in the release.

Kaseya acquires SaaS alerts

In October, Kaseya announced the acquisition of SaaS cybersecurity startup Alerts with the aim of further improving comprehensive, real-time protection of user identity and security in Software-as-a-Service environments .

The technology behind SaaS Alerts, which specializes in monitoring and securing SaaS applications, is now integrated into Kaseya 365 User at no additional cost.

SaaS Alerts technology is expected to strengthen MSPs’ ability to protect small businesses and their customers against growing cyber threats, Kaseya said. Terms of the deal were not disclosed.

Proofpoint to acquire Normalyze

In October, Proofpoint announced it had entered into an agreement to acquire a startup focused on data security posture management (DSPM). Terms of the deal were not disclosed.

In a press release, Proofpoint said it will “further enhance its human-centric security platform with industry-leading AI-powered DSPM technology from Normalyze.” The new features will enable Proofpoint to “discover, classify and protect data at scale across SaaS, PaaS, public or multi-cloud, on-premises and hybrid environments,” the company said in the release.

Cyera acquires Trail Security

In October, Cyera announced that it had acquired Trail Security, which it described as a “next generation” data loss prevention (DLP) provider, for $162 million.

Cyera said in a press release that its acquisition of Trail Security “significantly elevates Cyera’s AI-powered platform” with the addition of “AI-enhanced DLP technology.”

Cyera is a startup itself, founded in 2021, and was recently named a startup to watch by CRN. The $1.4 billion company offers an agentless DSPM tool for data discovery, classification and protection.

Netskope acquires Dasera

In October, Netskope announced its acquisition of DSPM vendor Dasera, which the SASE platform provider said would enhance the data protection capabilities of its Netskope One offering. Financial terms of the acquisition were not provided.

The deal for Dasera will make DSPM available immediately on the vendor’s Netskope One platform, the company said.

Cloudflare acquires Kivera

In October, Cloudflare announced the acquisition of cloud security startup Kivera, with the aim of expanding the capabilities of the Cloudflare One SASE platform. Terms of the deal were not disclosed.

In a post, Cloudflare said the acquisition will allow the company to offer cloud application controls online, “giving Cloudflare One customers preventative security controls for all of their cloud services.” Key features include “one-click” mitigation of misconfigurations and enhanced cloud tenant control, Cloudflare said.

CrowdStrike to acquire Adaptive Shield

In November, CrowdStrike announced that it was significantly strengthening its Falcon platform with the planned acquisition of SaaS security startup Adaptive Shield. In an article, CrowdStrike President Michael Sentonas called the acquisition “critical” to the company’s future in SaaS and AI security.

Financial details of the transaction were not disclosed. The acquisition is expected to close during CrowdStrike’s fourth fiscal quarter 2024.

With this acquisition, CrowdStrike said it will be the only cybersecurity provider to provide a single platform for end-to-end protection against identity-based attacks across the entire modern cloud ecosystem, since On-premises Active Directory to cloud-based identity providers and SaaS applications.