February 2026 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

61 transactions
tracked across cybersecurity vendors in February 2026
$1.02B
in disclosed funding capital
42 funding rounds
— of which 29 were Seed or Series A
19 acquisitions
— 4 with disclosed values totaling $735M

Get the full February 2026 dataset — every named company, round, investor, and segment.

What February told us

February was an acquisition month. Nineteen cybersecurity vendors were acquired — nearly five times the four acquisitions of February last year — and the buyers were incumbents tightening their platforms. Check Point alone acquired three companies in the month: Cyata (identity), Cyclops (security ratings, a disclosed $85M), and Rotate (detection and response). Palo Alto Networks paid a disclosed $400M for Koi, the largest disclosed acquisition of the month, and Varonis added AllTrue.ai for $150M. Of the 19 deals, four carried disclosed values totaling $735M; the rest closed quietly.

If acquisitions were the volume story, governance was the funding story. GRC was the single most active segment of the month with 11 transactions, and the three largest funding rounds were all GRC plays at $75M each — FieldGuide (Series C, Goldman Sachs Alternatives), Bretton AI (Series B, Sapphire Ventures), and UpGuard (Series C). The clustering is not random: the compliance operating cost imposed by NIS2, DORA, and the EU AI Act keeps pulling capital toward automated control-mapping and continuous-assurance tooling. Total disclosed funding reached $1.02B across 42 rounds.

Beneath GRC, the segment spread stayed wide — Identity (9), Vulnerability (7), and Data and AppSec (6 each). Twenty-nine of the 42 rounds were Seed or Series A, with early-stage capital continuing to seed identity and AI-adjacent security in particular.

Stage and segment breakdown

February 2026 Stage & Segment Breakdown
February 2026 Stage & Segment Breakdown
StageCount
Acquisition19
Seed14
Series A15
Series B4
Series C5
Series D+1
Top segmentsTransactions
GRC11
Identity9
Vulnerability7
Data6
AppSec6
Security Services3

Two deals worth your attention

Check Point's three acquisitions — Cyata, Cyclops, and Rotate. In one month Check Point bought an identity vendor (Cyata), a security-ratings platform (Cyclops, a disclosed $85M), and a detection-and-response vendor (Rotate). Three acquisitions across three segments in thirty days is a clear signal that the firewall-born incumbents are buying their way across the platform map rather than building it — and that mid-stage companies in identity, ratings, and detection are now acquisition targets as much as independent businesses.

FieldGuide — $75M Series C led by Goldman Sachs Alternatives. FieldGuide's audit-and-assurance automation platform took one of three $75M GRC rounds that led the month's funding. Goldman Sachs Alternatives leading a governance-tooling Series C — alongside comparable $75M raises for Bretton AI and UpGuard — marks GRC as the segment where growth capital was most willing to write large checks in February, even as the broader funding base stayed early-stage.

Companies we've covered before

Check Point has been one of the series' most consistent acquirers: Avanan (email security, 2021), Perimeter 81 (network security, 2023), Cyberint (threat intelligence, 2024), and Lakera (AI security, 2025) preceded February's three-deal month. The cadence has tightened — roughly one acquisition a year, then three in a single month — as the company races to assemble a full-stack platform.

Palo Alto Networks, February's largest acquirer with the $400M Koi deal, has followed a similar path: Expanse (2020), Cider Security (2022), Dig Security and Talon (2023), and Protect AI (2025). Koi extends a steady record of folding emerging capability into the platform — a pattern worth watching as the larger incumbents compete on breadth.

The other 59 transactions are in the data feed — including the 15 acquisitions that closed without a disclosed price. Get February's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,700 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2026-03-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.