July 2023 Cyber Funding & M&A Brief

Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.

At a glance

30 transactions
tracked across cybersecurity vendors in July 2023
$498.8M
in disclosed funding capital
21 funding rounds
— of which 15 were Seed or Series A
9 acquisitions — anchored by Thales's $3.70B deal for Imperva

Get the full July 2023 dataset — every named company, round, investor, and segment.

What July told us

July 2023's M&A column was carried by two large transactions inside the same window. Thales agreed to acquire Imperva at $3.70B — the largest cyber M&A event of 2023 so far, and one of the more notable Platform-segment exits since the 2022 strategic-buyer cycle. In parallel, TPG agreed to acquire Forcepoint's government and critical-infrastructure business (G2CI) at $2.50B. The two transactions combined for $6.2B in announced M&A value inside 30 days — an uncommon level of single-month concentration, even against the workbook's record of large cyber M&A events.

Both deals extended the year's take-private and private-buyer thread. Imperva had been Thoma Bravo-owned since 2019; the Thales exit returned the asset to strategic ownership at a price point above the original 2019 take-private. TPG's G2CI carve-out followed a similar pattern — Forcepoint had been Francisco Partners-owned, and the government business spun out to a different PE buyer in a deal that signaled continued investor appetite for OT/ICS exposure inside critical-infrastructure environments.

Funding activity ran the second-lightest of the year — 21 funding rounds and $499M in disclosed capital. OneTrust's $150M growth round in GRC was the largest funded event, followed by NetCraft at $100M growth in Threat Intel and Secure Code Warrior at $50M Series C in security training. The breadth of funded segments was narrow; Identity, GRC, and Threat Intel accounted for ten of the 21 rounds.

Stage and segment breakdown

July 2023 Stage & Segment Breakdown
July 2023 Stage & Segment Breakdown
StageCount
Seed8
Series A7
Series B2
Series C1
Growth Funding2
Acquisition9
Top segmentsTransactions
Identity4
GRC3
Threat Intel3
Fraud2
Vulnerability2
OT/ICS2

Two deals worth your attention

Thales's $3.70B acquisition of Imperva. Thales agreed to acquire Imperva at $3.70B, the largest cyber M&A event of 2023 so far. The deal returns Imperva to strategic ownership after four years of Thoma Bravo control and is a notable PE-to-strategic exit at a price meaningfully above the 2019 take-private level — a counter-pattern to the public-to-private repricings that have dominated the year's M&A column through June.

TPG's $2.50B acquisition of Forcepoint's G2CI business. TPG agreed to acquire Forcepoint's government and critical-infrastructure business (G2CI) at $2.50B in a carve-out from Francisco Partners. The deal is the largest pure-OT/ICS-segment M&A event the workbook tracks and signaled continued PE appetite for critical-infrastructure security exposure even as the broader OT/ICS funding market had cooled from 2022 highs.

Companies we've covered before

OneTrust first appeared in December 2020 with a $300M Series C in GRC, returning in April 2021 with a $210M Series C in the same segment. The July 2023 $150M growth round is OneTrust's third tracked event — same segment classification across all three rounds — and the smallest of the series, consistent with broader 2023 GRC funding compression.

Protect AI first appeared in December 2022 with a $13.5M Seed in AppSec. The July 2023 $35M Series A is Protect AI's second tracked event, same segment classification — a clean Seed-to-Series A arc inside AppSec's emerging AI-security subcategory.

Cyble first appeared in April 2021 with a $4M Seed in Threat Intel, returning in February 2022 with a $10M Series A in the same segment. The July 2023 $24M Series B continues a clean single-segment three-round arc inside threat intelligence.

The other 28 transactions are in the data feed — including the 9 acquisitions whose values never hit the press. Get July's details and more →

Methodology

Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.

Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.

About Pinpoint Search Group

Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.

Get the underlying data

The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.

Subscribe to the data feed

Published 2023-08-05 · last updated 2026-06-25. The narrative and aggregate figures above are free; the full per-deal dataset is available to subscribers.