December 2024 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

20 transactions
tracked across cybersecurity vendors in December 2024
$302.3M
in disclosed funding capital
14 funding rounds
— of which 8 were Seed or Series A
6 acquisitions — 2 with disclosed values totaling $260M

Get the full December 2024 dataset — every named company, round, investor, and segment.

What December told us

December 2024 closed the year quietly — 20 transactions and $302M in disclosed funding, the lowest monthly totals since the February dip. But the M&A column delivered the year's final notable transaction: Arctic Wolf's $160M acquisition of Cylance from BlackBerry. The deal completes a long Cylance arc — BlackBerry had acquired Cylance for $1.4B in 2018; the 2024 divestiture at $160M is roughly a 90% mark-down and one of the cleanest examples in the workbook of strategic-cyber acquisitions failing to retain value across an integration cycle.

On the funding side, Series B was the dominant stage with 5 rounds — Sublime Security ($60M, email), Astrix Security ($45M, vulnerability), Flare ($30M, OSINT), Bureau ($30M, identity), Sentra ($30M, data). Email was a small but disproportionately active segment, with Sublime's $60M and Fortinet's $100M Perception Point acquisition both clearing in December. The pattern matches a category that has steadily compounded across 2024 without producing a marquee event.

Two December funded vendors — Sublime Security and Astrix Security — are second-time entries in 2024. Sublime raised a Seed in February 2023 and a Series A in April 2024 before this December Series B; Astrix raised a Seed in February 2022 and a Series A in June 2023. Both vendor arcs landed inside the same segment across all three rounds, fitting a pattern that's become more common in the workbook as the venture market rewards classification stability.

Stage and segment breakdown

December 2024 Stage & Segment Breakdown
December 2024 Stage & Segment Breakdown
StageCount
Seed6
Series A2
Series B5
Series C1
Acquisition6
Top segmentsTransactions
Identity2
Email2
Threat Intel2
Security Services1
VPN1
Orchestration1

Two deals worth your attention

Arctic Wolf's $160M acquisition of Cylance from BlackBerry. Arctic Wolf acquired the Cylance endpoint security business from BlackBerry at $160M — a ~90% mark-down from BlackBerry's original $1.4B acquisition of Cylance in 2018. The deal is the largest cyber M&A event of December and one of the cleanest illustrations the workbook has of a strategic-cyber acquisition failing to compound value across a six-year integration cycle.

Sublime Security — $60M Series B led by IVP. Sublime Security raised $60M Series B for its programmable email security platform — the largest funded round of December. The round was Sublime's third tracked event (Seed in February 2023, Series A in April 2024, Series B in December 2024), an unusually compressed three-round cadence inside the Email segment.

Companies we've covered before

Sublime Security first appeared in February 2023 with a $9.8M Seed in Email, returning in April 2024 with a $20M Series A in the same segment. The December 2024 $60M Series B closes one of the more compressed three-round arcs in the workbook — 22 months from Seed to Series B, all inside Email.

Astrix Security first appeared in February 2022 with a $15M Seed in Vulnerability, returning in June 2023 with a $25M Series A in the same segment. The December 2024 $45M Series B continues a clean three-round arc inside Vulnerability classification.

Cylance is divested by BlackBerry to Arctic Wolf at $160M in December 2024. The deal exits a six-year integration cycle that began with BlackBerry's $1.4B acquisition of Cylance in 2018 — the steepest large-deal value loss the workbook has tracked across a cyber strategic acquisition's full lifecycle.

The other 18 transactions are in the data feed — including the 6 acquisitions whose values never hit the press. Get December's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2025-01-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.