February 2022 Cyber Funding & M&A Brief
Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.
At a glance
Get the full February 2022 dataset — every named company, round, investor, and segment.
What February told us
February 2022 was the busiest month of the year by transaction count — 52 deals — and ran $2.57B in disclosed funding. Securonix's $1.00B growth round in XDR was the largest funded event of the month and a notable nine-figure entry into next-generation SIEM and XDR funding. eSentire at $325M growth in Detection/Response and BlueVoyant at $250M Series D+ in the same segment followed, giving the month three nine-figure rounds inside detection-adjacent categories. Cheq at $150M Series C in the Browser segment and Salt Security at $140M Series D+ in API rounded out the funded headline cohort.
M&A column volume was high — 20 acquisitions cleared in the month — with HelpSystems' $350M acquisition of Tripwire the largest disclosed deal. The transaction folded a long-tenured configuration and compliance vendor into a broader cybersecurity platform owned by HelpSystems' PE-backed structure. Below Tripwire, Cengage acquired Infosec at $191M in security training, Cloudflare picked up Area1 Security at $162M in Email, and Darktrace bought Cybersprint at $53.7M in Vulnerability — a mix of training, email, and attack-surface tuck-ins across distinct buyer cohorts.
Salt Security's $140M Series D+ is worth flagging on its own. The round is Salt's fourth tracked event in roughly 21 months — Series A in June 2020, Series B in December 2020, Series C in May 2021 — all inside the API segment. The cadence and the consistent same-segment classification make it the workbook's cleanest four-round single-segment ramp through this point in the series.
Stage and segment breakdown

| Stage | Count |
|---|---|
| Seed | 11 |
| Series A | 9 |
| Series B | 4 |
| Series C | 2 |
| Series D+ | 2 |
| Growth Funding | 2 |
| Merger | 1 |
| Acquisition | 20 |
| Top segments | Transactions |
|---|---|
| GRC | 5 |
| Identity | 5 |
| SASE | 3 |
| Vulnerability | 3 |
| Data | 3 |
| Training | 3 |
New segment in the taxonomy this month: "Virtual CISO" enters the Pinpoint segment taxonomy for the first time in February 2022. Emergent categories are added when they first appear in vendor positioning; this is the first workbook event in this classification.
Two deals worth your attention
Securonix — $1.00B growth round in XDR. Securonix raised $1.00B in growth funding for its next-generation SIEM and XDR platform, the largest funded round of February and one of the larger nine-figure cyber funding events the workbook tracks. The round arrived as the broader detection and response category was running hot — eSentire and BlueVoyant each cleared nine-figure rounds in the same month — and confirmed that detection-platform vendors were still drawing growth capital at scale.
HelpSystems' $350M acquisition of Tripwire. HelpSystems acquired Tripwire at $350M, the largest disclosed M&A event of February. The deal folded a long-tenured configuration management and compliance vendor into HelpSystems' PE-backed cybersecurity platform and is consistent with the year's emerging pattern of mid-cap cyber assets being absorbed by larger PE-owned vehicles.
Companies we've covered before
Salt Security first appeared in June 2020 with a $20M Series A in API, returning in December 2020 with a $30M Series B and May 2021 with a $70M Series C, all in the same segment. The February 2022 $140M Series D+ is Salt's fourth tracked event — same segment classification across all four rounds — and one of the workbook's cleanest single-segment four-round arcs.
Area1 Security first appeared in June 2020 with a $25M Series D+ in Email. The February 2022 $162M acquisition by Cloudflare closes a roughly 20-month strategic arc and is one of the earlier Email-segment tuck-ins by a major edge-cloud platform.
The other 50 transactions are in the data feed — including the 20 acquisitions whose values never hit the press. Get February's details and more →
Methodology
Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.
Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.
About Pinpoint Search Group
Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.
Get the underlying data
The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.
