July 2021 Cyber Funding & M&A Brief
Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.
At a glance
Get the full July 2021 dataset — every named company, round, investor, and segment.
What July told us
July 2021 ran $1.73B in disclosed funding across 27 rounds. Netskope's $300M growth round (stage H) in SASE led the funded side, followed by Cybereason at $275M growth in Endpoint, At-Bay at $185M Series D+ in Cyber Insurance, Arctic Wolf at $150M Series D+ in MSSP, Sourcegraph at $125M Series D+ in AppSec, and LogicGate at $113M Series D+ in GRC. Twelve of the 27 rounds cleared at Seed or Series A. Late-stage funding ran across diverse segments — SASE, Endpoint, Cyber Insurance, MSSP, AppSec, GRC — without a single segment dominating the funded column.
M&A column produced two notable Threat Intel events in the same month. Microsoft's $500M acquisition of RiskIQ extended hyperscaler security tooling into attack surface management and threat intelligence — one of the larger hyperscaler-led cyber acquisitions the workbook had tracked through July 2021. Rapid7's $335M acquisition of Intsights added a second Threat Intel deal inside the same month, with a strategic public-cyber buyer absorbing a digital risk protection vendor. Two Threat Intel acquisitions inside one month signaled clear strategic interest in standalone threat intel infrastructure after FireEye's June split left Mandiant as the largest standalone Threat Intel asset in the data set.
Fourteen acquisitions cleared overall; the remaining 12 cleared without disclosed values. The Security Services segment makes its first substantive workbook appearance this month, anchored by Sentek Global's acquisition (undisclosed) and several smaller events — a debut taxonomy entry that grows into one of the workbook's recurring M&A-side service-provider categories.
Stage and segment breakdown

| Stage | Count |
|---|---|
| Seed | 2 |
| Series A | 10 |
| Series B | 6 |
| Series C | 2 |
| Series D+ | 4 |
| Acquisition | 14 |
| Top segments | Transactions |
|---|---|
| Identity | 4 |
| AppSec | 3 |
| Data | 3 |
| Threat Intel | 3 |
| Fraud | 2 |
| Zero Trust | 2 |
New segment in the taxonomy this month: "Security Services" enters the Pinpoint segment taxonomy for the first time in July 2021. Emergent categories are added when they first appear in vendor positioning; this is the first workbook event in this classification.
Two deals worth your attention
Microsoft's $500M acquisition of RiskIQ. Microsoft acquired RiskIQ at $500M, the largest disclosed M&A event of July. The deal extended Microsoft's cloud security tooling into external attack surface management and threat intelligence and is one of the larger hyperscaler-led cyber acquisitions the workbook had tracked through July 2021. RiskIQ had been in the workbook since June 2020 with a $15M Series D+, making the July 2021 acquisition a roughly 13-month workbook arc.
Netskope — $300M growth round in SASE. Netskope raised $300M growth funding (stage H) for its secure access service edge platform, the largest funded round of July. The round confirmed that SASE was clearing nine-figure capital at growth scale and that the broader category was running as one of the funded-side leaders inside cyber infrastructure through July 2021.
Companies we've covered before
At-Bay first appeared in December 2020 with a $34M Series C in Cyber Insurance. The July 2021 $185M Series D+ is At-Bay's second tracked event, same segment classification, and a 5.4x step-up over the prior round in roughly seven months.
Arctic Wolf first appeared in October 2020 with a $200M Series D+ in MSSP. The July 2021 $150M Series D+ is Arctic Wolf's second tracked event, same segment classification, and a same-stage follow-on inside managed detection and response.
RiskIQ first appeared in June 2020 with a $15M Series D+ in Threat Intel. The July 2021 $500M acquisition by Microsoft closes a roughly 13-month workbook arc and is one of the larger hyperscaler-led Threat Intel acquisitions the data set tracks.
The other 39 transactions are in the data feed — including the 14 acquisitions whose values never hit the press. Get July's details and more →
Methodology
Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.
Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.
About Pinpoint Search Group
Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.
Get the underlying data
The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.
