September 2021 Cyber Funding & M&A Brief
Published by Pinpoint Search Group — the cybersecurity executive search firm that tracks every disclosed vendor funding round and acquisition in the sector.
At a glance
Get the full September 2021 dataset — every named company, round, investor, and segment.
What September told us
September 2021 ran the identity-fraud verification consolidation thread at full volume. TransUnion's $3.10B acquisition of Nuestar in Fraud was the largest disclosed M&A event of September and the largest Fraud-segment acquisition the workbook had tracked through this point. The deal extended TransUnion's identity and fraud verification stack at scale and continued the broader pattern of credit-bureau and financial-services strategic buyers moving into cyber-adjacent identity verification — a thread that had begun with Mastercard's $850M Ekata acquisition in April. Below Nuestar, four further disclosed M&A events cleared in size: Kape Technologies acquired ExpressVPN at $936M (the first VPN-segment workbook entry), Akamai acquired Guardicore at $600M in the first Segmentation-segment workbook entry, LG picked up Cybellum at $240M in OT/ICS, and Tenable acquired Accurics at $160M in AppSec.
Funding activity ran $1.49B across 24 disclosed funding rounds — back inside the year's $1B+ disclosed-funded pattern after August's thin reading. Snyk at $300M Series D+ in AppSec returned the company to the workbook for its third tracked event in twelve months — a $200M Series D+ in September 2020 and a $300M Series D+ in March 2021 preceded the September round. Three Snyk rounds at $200M-or-larger inside twelve months is one of the workbook's clearer late-stage same-segment cadence patterns. BitSight at $250M Series D+ in Ratings, Coalition at $205M Series D+ in Cyber Insurance, JumpCloud at $159M Series D+ in Identity, Saviynt at $130M Series B in Zero Trust, and Corelight at $75M Series D+ in Detection/Response rounded out the funded headline cohort. Identity vendor ForgeRock also completed its IPO in September, extending the public-market reopening that began earlier in the year.
The Segmentation and VPN segments both make their first workbook appearances this month — Guardicore (via Akamai) for Segmentation and ExpressVPN (via Kape Technologies) for VPN — both segments debuting through large strategic M&A rather than via funded rounds. The pattern of category debuts arriving alongside their largest priced events continues across the year.
Stage and segment breakdown

| Stage | Count |
|---|---|
| Series A | 11 |
| Series B | 6 |
| Series D+ | 5 |
| Growth Funding | 2 |
| Acquisition | 14 |
| Top segments | Transactions |
|---|---|
| AppSec | 4 |
| Ratings | 3 |
| Detection/Response | 3 |
| GRC | 3 |
| Identity | 3 |
| Data | 3 |
New segment in the taxonomy this month: "Segmentation", "VPN" enter the Pinpoint segment taxonomy for the first time in September 2021. Emergent categories are added when they first appear in vendor positioning; this is the first workbook event in this classification.
Two deals worth your attention
TransUnion's $3.10B acquisition of Nuestar. TransUnion acquired Nuestar at $3.10B, the largest disclosed M&A event of September and the largest Fraud-segment acquisition the workbook had tracked through this point. The deal extended TransUnion's identity verification and fraud-prevention stack at scale and continued the broader pattern of credit-bureau and financial-services strategic buyers moving into cyber-adjacent identity verification — a thread that began with Mastercard's $850M Ekata acquisition in April.
Snyk — $300M Series D+ in AppSec. Snyk raised $300M Series D+ for its developer security platform, the largest funded round of September and the company's third workbook event in twelve months. The three Snyk rounds — $200M Series D+ in September 2020, $300M Series D+ in March 2021, $300M Series D+ in September 2021 — all cleared inside AppSec at consistent same-segment classification, making Snyk one of the workbook's clearest late-stage AppSec compounding patterns through this point.
Companies we've covered before
Snyk first appeared in September 2020 with a $200M Series D+ in AppSec, returning in March 2021 with a $300M Series D+ in the same segment. The September 2021 $300M Series D+ is Snyk's third tracked event — same segment classification across all three — and one of the cleanest late-stage same-segment compounding trajectories the workbook tracks.
Coalition first appeared in March 2021 with a $175M Series D+ in Cyber Insurance. The September 2021 $205M Series D+ is Coalition's second tracked event, same segment classification, and a clean same-stage follow-on inside the cyber-insurance MGA category.
JumpCloud first appeared in January 2021 with a $25M Series D+ in Identity. The September 2021 $159M Series D+ is JumpCloud's second tracked event, same segment classification, and a 6.4x step-up over the prior round in eight months.
The other 37 transactions are in the data feed — including the 14 acquisitions whose values never hit the press. Get September's details and more →
Methodology
Every transaction in this brief was sourced from a primary public report and dedupe-checked against the master Pinpoint funding workbook, which now contains ~2,600 transactions back to May 2020. Funding totals reflect disclosed capital only; acquisition values are included where publicly available.
Each deal is classified against Pinpoint's normalized cybersecurity segment taxonomy — read directly off what the company says they protect and mapped to one of the canonical segments. The taxonomy has been maintained continuously since 2020 and currently covers roughly 55 segments. Identity, Data, Detection / Response, and Threat Intel have been tracked from the first month of the series; AppSec and GRC entered the following month; emergent categories (AI/LLM, Supply Chain, Quantum, Browser) are added when they first appear in vendor positioning. That normalization layer is what makes multi-year, cross-segment comparisons possible against an otherwise inconsistent vocabulary in the broader market.
About Pinpoint Search Group
Cybersecurity innovators work with Pinpoint Search Group to identify, attract, and land professionals that enable maturation, scale, and successful outcomes. As start-ups continue raising millions in funding and established vendors make acquisitions to round out their offerings, Pinpoint Search Group is keeping track.
Get the underlying data
The narrative above is the free version. The paid Pinpoint Cyber Funding Data feed gives you every named transaction, every disclosed investor, every segment classification — exportable, filterable, and updated as the deals close.
