January 2023 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

33 transactions
tracked across cybersecurity vendors in January 2023
$950.9M
in disclosed funding capital
19 funding rounds
— of which 9 were Seed or Series A
14 acquisitions — anchored by Thoma Bravo's $1.34B deal for Magnet Forensics

Get the full January 2023 dataset — every named company, round, investor, and segment.

What January told us

January 2023 opened the year with a strategic take-private of a public cyber name. Thoma Bravo's $1.34B agreement to acquire Magnet Forensics led the month's M&A column and continued the broader pattern of mid-cap cyber assets that reached the public markets in 2018-2021 being repriced and absorbed by private capital. Thirteen of the month's 14 acquisitions cleared with no disclosed value alongside the Magnet deal — a ratio that matched the workbook's long-running pattern of mass-undisclosed M&A.

Funding activity ran in two distinct layers. At the top, two large growth rounds carried the month's $951M disclosed total: Netskope's $401M growth event in SASE and Saviynt's $205M growth round in Identity. Both were extensions of established stories — Netskope's second workbook appearance, Saviynt's second — rather than new vendor entries. Underneath, nine of the 19 funding rounds cleared at Seed or Series A, with Cygnvs at Series A in detection and Hack The Box at Series B in security training rounding out the named events.

Compared with January 2022 — 36 transactions and $1.53B in disclosed funding — January 2023 ran roughly 38% lower on disclosed capital with similar transaction volume. The gap is consistent with the broader 2022-to-2023 cyber-funding correction; capital was still moving, but at smaller round sizes and toward fewer late-stage targets.

Stage and segment breakdown

January 2023 Stage & Segment Breakdown
January 2023 Stage & Segment Breakdown
StageCount
Seed5
Series A4
Series B5
Series C1
Series D+1
Growth Funding2
Acquisition14
Top segmentsTransactions
Identity6
MSSP5
Training2
Ratings2
GRC2
Endpoint2

Two deals worth your attention

Thoma Bravo's $1.34B acquisition of Magnet Forensics. Thoma Bravo agreed to take Magnet Forensics private at $1.34B, the largest disclosed M&A event of January. The deal is the latest in a multi-year pattern of PE-led private exits replacing standalone public-market trajectories for mid-cap cyber names — joining Thoma Bravo's prior take-privates of SailPoint (April 2022, $6.9B) and Ping Identity (August 2022, $2.8B) and Vista Equity's October 2022 acquisition of KnowBe4 ($4.6B).

Netskope — $401M growth round in SASE. Netskope raised $401M in a growth event, the largest disclosed funding round of January. The company's second appearance in the workbook continues one of the longer SASE arcs we track — an earlier $300M round had landed in 2021 — and confirmed that established SASE platforms could still command nine-figure capital in a 2023 funding environment that had broadly stepped down from 2022 levels.

Companies we've covered before

Netskope first appeared in July 2021 with a $300M Series H funding event in SASE. The January 2023 $401M growth round is Netskope's second tracked event, same segment classification, and the larger of the two.

Saviynt first appeared in September 2021 with a $130M Series B in what was then classified as Zero Trust. The January 2023 $205M growth round reclassifies Saviynt under Identity, reflecting the taxonomy's move away from Zero Trust as a standalone segment as the language consolidated under Identity governance.

Hack The Box first appeared in April 2021 with a $10.6M Series A in security training. The January 2023 $55M Series B is the company's second tracked round and a clean illustration of how training-focused vendors compounded across two years inside the same segment classification.

The other 31 transactions are in the data feed — including the 14 acquisitions whose values never hit the press. Get January's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2023-02-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.