February 2021 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

33 transactions
tracked across cybersecurity vendors in February 2021
$578.6M
in disclosed funding capital
18 funding rounds
— of which 10 were Seed or Series A
15 acquisitions — 6 with disclosed values totaling $921.5M

Get the full February 2021 dataset — every named company, round, investor, and segment.

What February told us

February 2021 ran the strategic-cyber-buyer M&A column hot. Five disclosed acquisitions cleared, all from cyber strategic buyers: CrowdStrike picked up Humio at $400M in SIEM, Palo Alto Networks acquired Bridgecrew at $156M in AppSec, SentinelOne bought Scalyr at $155M in SIEM, Tenable acquired Alsid at $98M in Identity, and Proofpoint picked up InteliSecure at $62.5M in MSSP. Two SIEM acquisitions inside the same month — Humio and Scalyr — is unusual cadence for the segment and signaled that next-generation observability and SIEM primitives were drawing strategic platform interest in parallel across distinct buyer cohorts.

Funding activity ran $578.6M across 18 rounds, a steady mid-band reading after January's late-stage-anchored $879.2M. Armis at $125M in IoT was the largest funded round, followed by CYE at $100M growth funding in Vulnerability, Red Canary at $81M Series C in Detection/Response, vArmour at $58M growth in Identity, PerimeterX at $57M Series D+ in Bot, and Armorblox at $30M Series B in Email. Ten of the 18 funding rounds cleared at Seed or Series A, a heavier early-stage skew than January's distribution.

M&A volume ran high — 15 acquisitions cleared overall, with six carrying disclosed values totaling $921.5M. The Web Application Security segment makes its first workbook appearance this month, via Sqreen's acquisition by Datadog. The segment debut sits alongside the broader pattern of platform vendors absorbing application-security specialist capabilities, including Palo Alto Networks' Bridgecrew tuck-in at $156M.

Stage and segment breakdown

February 2021 Stage & Segment Breakdown
February 2021 Stage & Segment Breakdown
StageCount
Seed1
Series A9
Series B3
Series C1
Series D+1
Growth Funding2
Acquisition15
Top segmentsTransactions
MSSP6
Identity4
IoT3
Data2
AppSec2
SIEM2
New segment in the taxonomy this month: "Web Application Security" enters the Pinpoint segment taxonomy for the first time in February 2021. Emergent categories are added when they first appear in vendor positioning; this is the first workbook event in this classification.

Two deals worth your attention

CrowdStrike's $400M acquisition of Humio. CrowdStrike acquired Humio at $400M, the largest disclosed M&A event of February. The deal extended CrowdStrike's Falcon platform into log management and next-generation SIEM territory and is one of two SIEM-segment acquisitions clearing the workbook in February (alongside SentinelOne's $155M pickup of Scalyr). Two SIEM-segment strategic acquisitions in a single month signaled clear strategic-platform interest in absorbing observability and log analytics primitives.

Armis — $125M funding round in IoT. Armis raised $125M in funding for its agentless device security platform, the largest funded round of February and the company's first workbook event. The round confirmed that the broader IoT and unmanaged-device security category was clearing nine-figure capital at growth scale, with insurance, healthcare, and industrial use cases all driving demand.

The other 31 transactions are in the data feed — including the 15 acquisitions whose values never hit the press. Get February's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2021-03-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.