Quarterly Report, Q4 2023: Cyber Security Vendor M&A and Funding News
Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.
At a glance
Get the full Q4 2023 dataset — every named company, round, investor, segment, and acquisition.
Highlights and Analysis
In Q4 2023, our team tracked 102 transactions, including 85 funding rounds and 17 M&A events. Disclosed funding totaled $1.59B, down 46% from the $2.92B recorded in Q4 2022, while round count rose from 70 to 85. The quarter closed full-year 2023 disclosed funding at $8.70B across 346 funding rounds, down 40% from 2022's $14.45B even as full-year round count rose 14% (346 vs. 303). The year's structural story sat in the M&A column, where strategic-platform consolidation drove the heaviest disclosed M&A dollar year the workbook has tracked, alongside a sustained PE-orchestrated take-private undercurrent.
Late-stage capital remained selective at the top. Two rounds cleared $100M — BlueVoyant ($140M Series D+) and Island ($100M Series C) — followed by SecureW2 ($80M growth), Adlumin ($70M Series B), FusionAuth ($65M Series A), Chainguard ($61M Series B), Gutsy ($51M Seed), Censys ($50M Series C), Andalusia Labs ($48M Series A), SimSpace ($45M growth), Prove Identity ($40M growth), Halcyon ($40M Series B), and ArmorCode ($40M Series B). Early-stage activity continued to drive volume, with 56 of the 85 funding rounds at Seed or Series A.
The quarter's M&A column was lighter in deal count but contained two of the year's largest disclosed strategic-platform acquisitions. Palo Alto Networks' $615M acquisition of Talon Cyber Security adds browser-security capabilities to the platform, followed by Palo Alto Networks' $400M acquisition of Dig Security in data security. Travelers Insurance's $435M acquisition of Corvus Insurance marks the first disclosed non-cyber strategic acquisition of a cyber-insurance vendor in the workbook.

Funding Overview
The 85 funding rounds tracked in Q4 2023 highlight a market in which late-stage capital remained selective while early-stage formation continued at a steady pace.
Two rounds exceeded $100M: BlueVoyant ($140M) and Island ($100M). Below that band, growth-stage activity stayed steady across SecureW2 ($80M), Adlumin ($70M Series B), FusionAuth ($65M Series A), Chainguard ($61M Series B), Gutsy ($51M Seed), Censys ($50M Series C), Andalusia Labs ($48M Series A), SimSpace ($45M growth), Prove Identity ($40M growth), Halcyon ($40M Series B), ArmorCode ($40M Series B), Vulcan Cyber ($34M Series B), and Dream Security ($34M Seed). Early-stage activity (56 of 85 rounds, or 66%) held within the year's normal range.
What stands out in Q4 2023 is where that capital is clustering. A meaningful portion of investment is concentrating around:
- Identity and access infrastructure, which led the segment mix with 10 transactions, including SecureW2's $80M growth round, FusionAuth's $65M Series A, and Prove Identity's $40M growth round — reinforcing identity as a contested category across both established and emerging vendors
- Detection, response, and managed security, where BlueVoyant's $140M Series D+, Adlumin's $70M Series B, and Halcyon's $40M Series B anchored continued enterprise demand for managed detection and response delivery
- AppSec, software supply chain, and AI/LLM security, where Chainguard's $61M Series B, ArmorCode's $40M Series B, and a five-transaction AI/LLM segment reflect growing buyer demand across pre-production controls, supply-chain integrity, and AI-defense
- GRC and emerging governance categories, where Gutsy's $51M Seed round and Hyperproof-adjacent activity reinforce continued enterprise demand for governance, audit, and continuous-control automation
This distribution reflects a market in which capital is moving toward identity, managed detection, AppSec, and governance categories — areas where enterprise demand signals are clearest and category structures are continuing to form.

Market & Macro Signals
Several structural dynamics are visible in the Q4 2023 transaction record.
First, strategic-platform consolidation continued at the top of the M&A column. Palo Alto Networks alone completed two disclosed strategic acquisitions this quarter — Talon Cyber Security ($615M) and Dig Security ($400M) — extending platform reach into browser security and cloud-data security respectively. The combination signals that incumbent strategic-platform acquirers continue to fill capability gaps at meaningful disclosed scale.
Second, non-cyber strategic acquirers entered cyber insurance. Travelers Insurance's $435M acquisition of Corvus Insurance marks the first disclosed acquisition of a cyber-insurance vendor by a traditional insurance carrier in the workbook. The transaction signals that adjacent-industry strategic acquirers — insurance, in this case — are entering the cyber acquirer column at disclosed scale.
Third, PE-orchestrated take-private activity persisted in mid-cap services. Chertoff Group's $205M take-private of Trustwave returned the managed-security services vendor to private ownership, extending the multi-quarter pattern of PE sponsors absorbing mature mid-cap cyber and cyber-services vendors.
Finally, strategic tuck-ins continued at sustained pace. Of the 17 acquisitions, 12 came without disclosed prices, including strategic moves by Proofpoint (Tessian), Arctic Wolf (Revelstoke), Rockwell Automation (Verve Industrial Protection), Okta (Uno), Kiteworks (Maytech), BlueVoyant (Conquest Cyber), PagerDuty (Jeli.io), SentinelOne (Krebs Stamos Group), SonicWall (Solutions Granted), and Cisco (Isovalent). The breadth of acquirer activity signals continued platform-building across email, orchestration, OT, identity, data, and detection/response.

M&A Activity & Strategic Movement
Q4 2023 recorded 17 M&A transactions, with strategic activity concentrated at the top of the disclosed-price range. The most notable transaction was Palo Alto Networks' $615M acquisition of Talon Cyber Security, the quarter's largest disclosed deal.
Additional activity across the quarter reinforces this direction:
- Palo Alto Networks completed a second strategic acquisition with Dig Security ($400M), extending its cloud-data security and CNAPP capabilities and marking the vendor's second sizeable disclosed cyber acquisition of the year alongside Talon
- Travelers Insurance acquired Corvus Insurance ($435M), the first disclosed acquisition of a cyber-insurance vendor by a traditional insurance carrier in the workbook
- Chertoff Group completed the $205M take-private of Trustwave, returning the managed-security services vendor to private ownership
- Okta acquired Spera ($100M), extending identity-threat detection capabilities into the Okta platform
- Proofpoint, Arctic Wolf, Rockwell Automation, Okta, Kiteworks, BlueVoyant, PagerDuty, SentinelOne, SonicWall, and Cisco each completed targeted acquisitions (Tessian, Revelstoke, Verve Industrial Protection, Uno, Maytech, Conquest Cyber, Jeli.io, Krebs Stamos Group, Solutions Granted, and Isovalent respectively) without disclosed pricing, signaling continued platform-building across email, orchestration, OT, identity, data, GRC, detection/response, and container security
Across these transactions, the strategic pattern is consistent: incumbent strategic-platform acquirers — led by Palo Alto Networks — continued to absorb adjacent capabilities across browser, data, and identity layers, while a non-cyber strategic entered cyber-insurance at disclosed scale.
Stepping back to the full year, the disclosed M&A column distributed across an unusually strategic-heavy buyer cohort. Cisco's $28B Splunk announce alone accounted for roughly two-thirds of 2023's $42.22B disclosed M&A dollars, with the remaining $14.22B distributed across approximately $6.91B in pure-cyber strategic acquisitions (Imperva, Talon, Perimeter 81, Dig, Bionic, Ermetic, Laminar, Lookout, Lightspin, Tesserent, Spera, and a tail of smaller deals), approximately $6.81B in PE-led take-privates and PE-orchestrated carve-outs (Sumo Logic, Magnet Forensics, Absolute Software, Forcepoint G2CI, Trustwave, Cobwebs), and approximately $0.5B in non-cyber strategic acquisitions (Corvus/Travelers, Polar/IBM). Strategic-platform consolidation operated as the year's dominant acquirer dynamic, with PE-orchestrated take-private activity continuing in parallel.

Looking Ahead
Q4 2023 closes the year with strategic-platform consolidation driving the heaviest disclosed M&A dollar year the workbook has tracked, PE-orchestrated take-private activity persisting across the public-cyber cohort, and late-stage capital remaining selective and modestly distributed.
We expect the following dynamics to carry into 2024:
- Strategic-platform consolidation will continue across incumbent cyber acquirers, with platform vendors continuing to absorb adjacent capabilities across browser, data, identity, and AI-defense layers
- PE-orchestrated take-private activity will persist for mature mid-cap public cyber vendors, particularly those with durable cash flow and clear platform positioning
- Non-cyber strategic acquirers will continue testing cyber M&A, with adjacent-industry buyers entering cyber-insurance, cyber-services, and platform-extension categories at disclosed scale
From a go-to-market perspective, 2023 closed with disclosed funding down meaningfully from 2022 ($8.70B vs. $14.45B) even as round count rose 14%, reflecting a market in which early-stage formation continued to broaden while late-stage capital concentrated on category leaders. The year's structurally distinctive shift, however, sat in the M&A column: strategic-platform consolidation drove the heaviest disclosed M&A dollar year the workbook has tracked, anchored by Cisco's $28B Splunk announce. Vendors entering 2024 will be measured against a market in which strategic platforms have demonstrated willingness to underwrite full-platform absorption at scale, PE sponsors continue to absorb mature mid-cap public cyber vendors in parallel, and adjacent-industry strategic acquirers are beginning to enter the cyber-acquirer column. The interplay between strategic-platform consolidation, PE-orchestrated take-private activity, and broadening early-stage formation will continue to shape both funding outcomes and competitive positioning across the cybersecurity ecosystem in the year ahead.
The full Q4 2023 dataset — every named company, round, investor, segment, and acquisition — is in the data feed. Get the full Q4 2023 dataset →
Methodology
Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.
Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.
About Pinpoint Search Group
Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.
Get the underlying data
The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.
