December 2022 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

25 transactions
tracked across cybersecurity vendors in December 2022
$760M
in disclosed funding capital
19 funding rounds
— of which 10 were Seed or Series A
6 acquisitions — all undisclosed value

Get the full December 2022 dataset — every named company, round, investor, and segment.

What December told us

December 2022 closed the year quietly on the M&A side and quietly-but-steadily on the funded side. Twenty-five transactions cleared overall — 19 funding rounds and six acquisitions — and $760M in disclosed funding closed the year. None of the six acquisitions cleared with disclosed values above the small-cap range, a December M&A column consistent with the workbook's broader pattern of year-end M&A drift.

Funding activity was led by Drata's $200M Series C in GRC, the largest funded round of December and the company's third workbook event after a $25M Series A in June 2021 and a $100M Series B in November 2021. Drata's three rounds spanned 18 months, all inside GRC, with each round larger than the last — one of the cleaner same-segment three-round ramps the workbook tracks inside compliance automation. Snyk at $196.5M growth funding in AppSec was the second-largest, the company's fourth workbook event after rounds in September 2020, March 2021, and September 2021.

Below Drata and Snyk, Aztec Network raised $100M Series B in Crypto, CyberCube cleared $50M Series C in Cyber Insurance, and VMRay raised $34M Series B in Detection/Response. Ten of the 19 funding rounds cleared at Seed or Series A — a steady early-stage distribution that closed the year in line with the broader 2022 baseline.

Stage and segment breakdown

December 2022 Stage & Segment Breakdown
December 2022 Stage & Segment Breakdown
StageCount
Seed7
Series A3
Series B5
Series C3
Acquisition6
Top segmentsTransactions
Identity5
Data4
MSSP2
AppSec2
GRC2
API2

Two deals worth your attention

Drata — $200M Series C in GRC. Drata raised $200M Series C for its compliance automation platform, the largest funded round of December and the company's third workbook event in roughly 18 months. The three Drata rounds — $25M Series A in June 2021, $100M Series B in November 2021, $200M Series C in December 2022 — all cleared inside GRC at consistent same-segment classification, making Drata one of the cleanest single-segment three-round trajectories the workbook tracks in compliance automation.

Snyk — $196.5M growth round in AppSec. Snyk raised $196.5M growth funding, the second-largest funded round of December and the company's fourth workbook event after three Series D+ rounds across 2020 and 2021. All four Snyk rounds cleared inside AppSec at consistent same-segment classification — a four-round same-segment trajectory across roughly 27 months that is one of the workbook's longer continuous AppSec funding arcs.

Companies we've covered before

Drata first appeared in June 2021 with a $25M Series A in GRC, returning in November 2021 with a $100M Series B in the same segment. The December 2022 $200M Series C is Drata's third tracked event — same segment classification across all three rounds — and a clean A-to-B-to-C ramp inside compliance automation.

Snyk first appeared in September 2020 with a $200M Series D+ in AppSec, returning in March 2021 with a $300M Series D+ and September 2021 with another $300M Series D+ in the same segment. The December 2022 $196.5M growth round is Snyk's fourth tracked event — same segment classification across all four — and one of the longer continuous AppSec funding arcs the workbook tracks.

VMRay first appeared in December 2020 with a $25M Series B in Detection/Response. The December 2022 $34M Series B extension is VMRay's second tracked event, same segment classification, and a small follow-on inside the same Series B window roughly two years after the original event.

The other 23 transactions are in the data feed — including the 6 acquisitions whose values never hit the press. Get December's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2023-01-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.