December 2024 Cyber Funding & M&A Brief
Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.
At a glance
Get the full December 2024 dataset — every named company, round, investor, and segment.
What December told us
December 2024 closed the year quietly — 20 transactions and $302M in disclosed funding, the lowest monthly totals since the February dip. But the M&A column delivered the year's final notable transaction: Arctic Wolf's $160M acquisition of Cylance from BlackBerry. The deal completes a long Cylance arc — BlackBerry had acquired Cylance for $1.4B in 2018; the 2024 divestiture at $160M is roughly a 90% mark-down and one of the cleanest examples in the workbook of strategic-cyber acquisitions failing to retain value across an integration cycle.
On the funding side, Series B was the dominant stage with 5 rounds — Sublime Security ($60M, email), Astrix Security ($45M, vulnerability), Flare ($30M, OSINT), Bureau ($30M, identity), Sentra ($30M, data). Email was a small but disproportionately active segment, with Sublime's $60M and Fortinet's $100M Perception Point acquisition both clearing in December. The pattern matches a category that has steadily compounded across 2024 without producing a marquee event.
Two December funded vendors — Sublime Security and Astrix Security — are second-time entries in 2024. Sublime raised a Seed in February 2023 and a Series A in April 2024 before this December Series B; Astrix raised a Seed in February 2022 and a Series A in June 2023. Both vendor arcs landed inside the same segment across all three rounds, fitting a pattern that's become more common in the workbook as the venture market rewards classification stability.
Stage and segment breakdown

| Stage | Count |
|---|---|
| Seed | 6 |
| Series A | 2 |
| Series B | 5 |
| Series C | 1 |
| Acquisition | 6 |
| Top segments | Transactions |
|---|---|
| Identity | 2 |
| 2 | |
| Threat Intel | 2 |
| Security Services | 1 |
| VPN | 1 |
| Orchestration | 1 |
Two deals worth your attention
Arctic Wolf's $160M acquisition of Cylance from BlackBerry. Arctic Wolf acquired the Cylance endpoint security business from BlackBerry at $160M — a ~90% mark-down from BlackBerry's original $1.4B acquisition of Cylance in 2018. The deal is the largest cyber M&A event of December and one of the cleanest illustrations the workbook has of a strategic-cyber acquisition failing to compound value across a six-year integration cycle.
Sublime Security — $60M Series B led by IVP. Sublime Security raised $60M Series B for its programmable email security platform — the largest funded round of December. The round was Sublime's third tracked event (Seed in February 2023, Series A in April 2024, Series B in December 2024), an unusually compressed three-round cadence inside the Email segment.
Companies we've covered before
Sublime Security first appeared in February 2023 with a $9.8M Seed in Email, returning in April 2024 with a $20M Series A in the same segment. The December 2024 $60M Series B closes one of the more compressed three-round arcs in the workbook — 22 months from Seed to Series B, all inside Email.
Astrix Security first appeared in February 2022 with a $15M Seed in Vulnerability, returning in June 2023 with a $25M Series A in the same segment. The December 2024 $45M Series B continues a clean three-round arc inside Vulnerability classification.
Cylance is divested by BlackBerry to Arctic Wolf at $160M in December 2024. The deal exits a six-year integration cycle that began with BlackBerry's $1.4B acquisition of Cylance in 2018 — the steepest large-deal value loss the workbook has tracked across a cyber strategic acquisition's full lifecycle.
The other 18 transactions are in the data feed — including the 6 acquisitions whose values never hit the press. Get December's details and more →
Methodology
Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.
Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.
About Pinpoint Search Group
Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.
Get the underlying data
The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.
