March 2026 Cyber Funding & M&A Brief
Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.
At a glance
Get the full March 2026 dataset — every named company, round, investor, and segment.
What March told us
March was defined by a single transaction: Palo Alto Networks closed its $25B acquisition of CyberArk, the deal it had announced the previous summer. At $25B it is the largest identity-security acquisition this series has tracked, and the third-largest acquisition of any kind since the series began in 2020 — behind only Google's $32B purchase of Wiz and Cisco's $28B purchase of Splunk. Privileged access management, CyberArk's core, moves inside a platform that already spans network, cloud, and SOC tooling — and identity becomes the explicit ground on which the largest security vendors now compete.
The deal did not crowd out the funding market; it sat on top of it. March recorded $2.30B in disclosed funding — more than double the $1.0B of March last year — across 53 rounds. Cloaked led with a $375M growth round for consumer fraud and privacy (General Catalyst), followed by TENEX at $250M for security services (Crosspoint Capital), Armadin Security at $190M — an unusually large Series A — for vulnerability management (Accel), and Kai at $125M for AI-native security (Evolution Equity Partners). OpenAI's acquisition of Promptfoo, an AI red-teaming and evaluation tool, added a second signal worth noting: the model labs are now buying security tooling directly, not just partnering for it.
Segment activity was led by Vulnerability and GRC at eight transactions each, with Fraud close behind at seven — the last concentrated in Cloaked's outsized round. Thirty-two of the 53 rounds were Seed or Series A; the early-stage base stayed wide even as the headline dollars clustered in a few large late-stage and growth checks.
Stage and segment breakdown

| Stage | Count |
|---|---|
| Acquisition | 6 |
| Seed | 16 |
| Series A | 16 |
| Series B | 6 |
| Series C | 2 |
| Series D+ | 1 |
| Growth Funding | 5 |
| Debt | 1 |
| Top segments | Transactions |
|---|---|
| Vulnerability | 8 |
| GRC | 8 |
| Fraud | 7 |
| Data | 5 |
| Endpoint | 5 |
| Detection / Response | 5 |
Two deals worth your attention
Palo Alto Networks' $25B acquisition of CyberArk. The largest identity acquisition the series has tracked closed in March, folding CyberArk's privileged-access platform into Palo Alto's. The price — third only to Google/Wiz and Cisco/Splunk among all acquisitions since 2020 — reprices identity as a platform-defining category rather than a point product. For every other identity vendor, the deal sets the terms of the next conversation: independent path, or acquisition target.
Cloaked — $375M growth round led by General Catalyst. Cloaked's consumer privacy and fraud platform drew the largest funding round of the month, a $375M raise that stood well clear of the field. The size — in a year where most rounds stayed early-stage — marks consumer-facing fraud and privacy as a segment investors are willing to fund at scale, distinct from the enterprise-security mainstream that dominates the rest of the workbook.
Companies we've covered before
Palo Alto Networks has been among the most active acquirers in the series, and the CyberArk deal is the apex of a long trajectory: Expanse (2020), Cider Security (2022), Dig Security and Talon (2023), Protect AI and Chronosphere (2025), and Koi just last month. The pattern — steady tuck-ins punctuated by a category-defining purchase — now sets the scale every other platform vendor is measured against.
The other 57 transactions are in the data feed — including the five acquisitions that closed without a disclosed price. Get March's details and more →
Methodology
Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,700 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.
Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.
About Pinpoint Search Group
Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.
Get the underlying data
The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.
