Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Cybersecurity M&A Roundup: 39 Deals Announced in September 2022

Cybersecurity M&A Roundup for September 2022

Cybersecurity M&A Roundup for September 2022

Thirty-nine cybersecurity-related merger and acquisition (M&A) deals were announced in September 2022. An analysis conducted by SecurityWeek showed that more than 230 mergers and acquisitions were announced in the first half of 2022.

Accenture acquires Sentia

Accenture has acquired the Netherlands, Belgium and Bulgaria businesses of Sentia, a Netherlands-based cloud consulting company that provides cloud control and optimization services, including managed services, security services, and cloud infrastructure migration.

Adista acquires Cyberprotect

B2B cloud and telecoms operator Adista Group has announced buying Cyberprotect, a company that offers SOC and managed cybersecurity services. Both companies are based in France. Cyberprotect becomes the dedicated cybersecurity branch of the Adista Group.

Aiven acquires Kafkawize

Open source cloud data platform company Aiven has acquired Kafkawize, an open source data governance tool for Apache Kafka. Kafkawize has been renamed Klaw. The product provides data governance with enterprise grade security and user management functionality.

Allurity acquires Aiuken Cybersecurity

The Sweden-based Allurity cybersecurity group has acquired Spanish company Aiuken for its SOC and cloud security platforms. Allurity says its goal is to become a European cybersecurity powerhouse. Allurity previously acquired Swedish companies Arctic Group, ID North and Pulsen Integration IAM.

Arctic Wolf acquires VxIntel

SOC solutions provider Arctic Wolf has acquired threat intelligence company VxIntel. The VxIntel team will become part of Arctic Wolf Labs, and their knowledge of the malware landscape will help enhance the threat detection capabilities of the Arctic Wolf Security Operations Cloud.

Avocado Consulting acquires Cyberisk Australia

Avocado Consulting has bought cybersecurity advisory firm Cyberisk Australia. Both companies are based in Australia. Avocado Consulting said the deal enables the creation of an end-to-end cyber consultancy through the addition of technology and staff.

Celerium acquires Dark Cubed

Celerium, a company that provides network security solutions to companies and government agencies, has acquired Dark Cubed, which offers an automated network defense solution for SMBs and government contractors. The Dark Cubed solution will be integrated with Celerium’s Cyber Defense Network suite.

CloudBees acquires ReleaseIQ

Enterprise software delivery company CloudBees has purchased ReleaseIQ to expand its DevSecOps capabilities and provide customers a low-code, end-to-end release orchestration and visibility solution.

CoreStack acquires Optio3

Cloud governance solutions provider CoreStack has acquired IoT remote operations management company Optio3. CoreStack is acquiring Optio3’s technology, IP and talent, which will facilitate CoreStack’s delivery of its cloud governance platform.

CrowdStrike acquires Reposify

Endpoint detection and response pioneer CrowdStrike plans on acquiring attack surface management startup Reposify. The Reposify transaction, which will be paid mostly in cash, gives CrowdStrike an entry point into the lucrative external attack surface management (EASM) market.

CyZen becomes part of Marcum following merger

Accounting and advisory firms Marcum and Friedman have completed their merger recently and Marcum Technology has announced that it has integrated Friedman’s CyZen cybersecurity consultancy, which is now part of its Cybersecurity and Digital Forensics group. CyZen helps launch Marcum’s virtual SOC capability and expands its MSSP portfolio.

Devo acquires LogicHub

Cloud-native logging and security analytics solutions provider Devo has announced buying security orchestration, automation and response (SOAR) company LogicHub. The addition of LogicHub to Devo’s platform expands its capabilities and enables the company to deliver an autonomous SOC.

Distology acquires Squareball

UK-based IT security distributor Distology has bought Germany-based Squareball, which specializes in software engineering, product design, solution architecture and identity access management (IAM) consultancy. Distology said the deal helps it strengthen the business and aids its expansion in Europe.

Global Market Innovators acquires Cosant Cyber Security

MSP/MSSP Global Market Innovators (GMI) has acquired security, risk advisory and compliance services provider Cosant Cyber Security in an effort to enhance its security advisory capacity and capabilities related to SOC 2, CMMC, and other governance frameworks.

Gulf Business Machines acquires Coordinates Middle East

Digital solutions provider Gulf Business Machines (GBM) has acquired a majority stake in Coordinates Middle East, a company that provides managed detection and response (MDR). Both companies are based in the United Arab Emirates. The deal helps GBM expand its security services offering.

HelpSystems acquires Outflank

Cybersecurity and automation software solutions provider HelpSystems has announced buying Netherlands-based company Outflank, which specializes in red teaming, attack simulation, and training services. Outflank joins HelpSystems’ Offensive Security portfolio.

Jamf acquires ZecOps

Apple device management company Jamf has acquired mobile security firm ZecOps. ZecOps brings mobile XDR capabilities to the Jamf platform, helping the company protect customers against targeted mobile attacks.

Lantronix acquires Uplogix

Lantronix, a provider of secure turnkey solutions for intelligent IT and IoT, has announced its acquisition of out-of-band management solutions provider Uplogix for approximately $8 million in cash, with an additional payment of up to $4 million if revenue targets are met. The deal helps increase the scale of Lantronix’s out-of-band remote management solution offerings.

Materialise acquires Identify3D

Belgium-based 3D printing solutions provider Materialise has acquired Identify3D, a US-based company that develops software to encrypt, distribute, and trace the flow of digital parts across complex supply chains. Materialise said the acquisition of Identify3D makes its CO-AM platform the most secure platform for distributed manufacturing.

Newfold Digital acquires MarkMonitor

Web presence solutions provider Newfold Digital has signed an agreement to acquire MarkMonitor, a provider of domain management and domain security solutions, from Clarivate. MarkMonitor, for which Clarivate will receive $302.5 million in cash, will strengthen Newfold Digital’s enterprise domain management capabilities.

Pathlock acquires Grey Monarch

US-based application security and controls automation provider Pathlock has purchased UK-based Grey Monarch, which specializes in SAP security monitoring, license optimization, and employee lifecycle automation. The combination of the two companies will help SAP customers streamline audit, compliance and control processes.

Plurilock Security acquires CloudCodes

Identity-centric cybersecurity firm Plurilock Security has acquired India-based cloud access security broker (CASB) for roughly $1.4 million in cash and shares. CloudCodes enables Plurilock to gain access to new zero trust cybersecurity solutions and enter the cloud access security market.

Resourcive acquires Proteus Advisors

IT sourcing consultancy Resourcive announced the purchase of cybersecurity consultancy Proteus Advisors. As part of the investment, Proteus Advisor founder Adrian Tilston will join Resourcive and lead its cybersecurity practice.

SandboxAQ acquires Cryptosense

Alphabet spinoff SandboxAQ has acquired France-based cybersecurity and encryption analysis software company Cryptosense. SandboxAQ said Cryptosense complements and accelerates the deployment of its post-quantum cryptography solutions to organizations worldwide.

SGS acquires Penumbra Security

Swiss testing and certification company SGS has bought US-based information security assessment provider Penumbra Security. The deal helps SGS expand its cybersecurity capabilities and its footprint in the United States.

Systems Planning & Analysis acquires ORCA division of Metron

Government contractor Systems Planning & Analysis has acquired the ORCA division of Metron. ORCA specializes in operations research and cyber analysis for the US government. ORCA has developed Cyber Assassin, a digital engineering ecosystem that provides requirements traceability, cyber vulnerability analysis, and acquisition trade space analysis.

Telesystem acquires Threat Protector

Network, communication and collaboration solutions provider Telesystem is acquiring Threat Protector, which provides cybersecurity awareness training, email encryption, and endpoint protection for businesses. The acquisition strengthens Telesystem’s entry into the cybersecurity market.

Volaris acquires Hitachi ID Systems

Volaris, which acquires, strengthens and grows software companies, has purchased access governance and identity management solutions provider Hitachi ID Systems and renamed it Bravura Security. Bravura Security will continue to operate independently, delivering identity, privileged access, password and passwordless products.

Wonde acquires Secure Schools

Data management firm Wonde has acquired Secure Schools, a provider of cybersecurity solutions for the education sector, reportedly for a seven-figure sum. The deal helps Wonde in its mission to simplify data security requirements. The acquisition will also enable Secure Schools to invest in audit and technical assessment platforms.

Zscaler acquires ShiftRight

Cloud security firm Zscaler has bought security workflow automation company ShiftRight. ShiftRight’s technology is being integrated into the Zscaler Zero Trust Exchange cloud security platform to automate security management.


SecurityWeek is tracking deals involving managed security services providers (MSSPs) and distributors separately. Here is a list of deals from September 2022:

Cerberus Sentinel acquires NLT Secure

Cyber Security 1 acquires CSAD and CSSA

Fujitsu acquires InPhySec

Magna5 acquires Interphase Systems

Meriplex acquires F1 Solutions

Performance Technologies acquires majority stake in Adaptera

Valeo Networks acquires Alura Business Solutions

Waterdog Computer Works acquires ITCadence

VC3 acquires Accent Computer Solutions

Related: Cybersecurity M&A Roundup: 41 Deals Announced in August 2022

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

M&A Tracker

The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a...

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.