December's M&A News Roundup

Written by

M&A activity was still busy in the cybersecurity industry in the first half of December. However, for the last month of 2022, a majority of the deals came with an undisclosed fee. Among the most notable transactions were IBM’s acquisition of US government contractor Octo and the identity threat detection and response firm Illusive being officially integrated into Proofpoint’s portfolio. Here’s Infosecurity’s final M&A roundup of the year.


Chile-Based Consultancy Makros Joins Deloitte

London-based consultancy firm Deloitte has been very active in M&A this year, with nearly an acquisition per month. It continued this trend in December with the purchase of Makros, a Chilean cybersecurity consulting business specializing in perimeter security, cloud security and identity management, which was confirmed on December 5. Makros, a partner of companies such as Sophos, Netskope, Centrify, ManageEngine, Qualys and Guardicore, will join Deloitte’s Chilean division. The acquisition fee was not made public.


AlgoSec Purchases Prevasio to Secure Applications in the Cloud

AlgoSec, an application security vendor based in New Jersey, announced on December 6 that it had acquired Prevasio for an undisclosed fee. Prevasio provides a software-as-a-service (SaaS) cloud-native application protection platform (CNAPP) that includes an agentless cloud security posture management (CSPM) platform, anti-malware scan, vulnerability assessment and dynamic analysis for containers. With this purchase, AlgoSec wants to better answer its clients’ cloud migration.


IBM Acquires US Federal Agencies Contractor Octo

Continuing its acquisition spree since Arvind Krishna became CEO in 2020, IBM announced on December 8 its intention to buy US-based digital transformation services provider Octo for an undisclosed amount from private equity firm Arlington Capital Partners. Octo, which provides services across artificial intelligence, cloud and infrastructure, DevSecOPs, data management and analytics, and cybersecurity, exclusively serves the US federal government in areas like defense, health and civilian agencies. It also runs a 14,000-square-foot innovation center called oLabs, which IBM plans to use for co-creation with federal agencies and rapid prototyping. The deal is expected to close by the end of the year.


Security On-Demand and Booz Allen’s Managed Threat Services Give Birth to DeepSeas

December 8 also saw Security On-Demand acquire Booz Allen Hamilton’s commercial managed threat services (MTS) business, with backing from equity firm Nautic Partners, for an undisclosed amount. Together, MTS and Security On-Demand will operate as one unified organization and brand called DeepSeas. “Booz Allen and DeepSeas will maintain a strategic and close alignment that enables continued collaboration between the two companies in the commercial market,” the announcement reads.


DLH Acquires Fellow US Government Contractor GRSi for $185m

In another deal announced on December 8, US federal agencies contractor DLH bought Maryland-based Grove Resource Solutions, Inc. (GRSi) for $185m. GRSi provides cloud-based enterprise modernization and cybersecurity solutions to numerous civilian and military federal agencies, including the National Institutes of Health (NIH), the US Navy (USN) and the US Marine Corps (USMC).


Proofpoint Finalises Acquisition of Illusive

Thoma Bravo-owned Proofpoint signed a definitive agreement to acquire identity threat detection and response Illusive on December 12. With this deal, which is expected to be closed in January 2023, Proofpoint will add Illusive Spotlight, an automatic discovery and remediation of identity vulnerabilities solution, and Illusive Shadow, a detection tool, to its portfolio. At this point, both parties have yet to share the acquisition fee.


US Firm Veracode Buys Germany-Based Crashtest Security

Massachusetts-based firm Veracode, which offers application security testing solutions, announced on December 12 that it was acquiring Crashtest Security for an undisclosed fee. Crashtest Security is a developer-oriented dynamic application security testing (DAST) provider founded in Munich, Germany, in 2017. The investment will enhance the existing DAST capabilities as part of Veracode’s Continuous Software Security Platform and broaden customer access globally.


ATSG Expands its MDR Portfolio With Xentaurs’ Solution

On December 13, New York-based Cisco partner ATSG announced its acquisition of Miami-based Xentaurs, bolstering its managed detection and response (MDR) capabilities across micro-segmentation, software-defined networks (SDN) and firewall platforms. The parties didn’t share the amount of the deal.


Pratum Bought by Heartland Business Systems

Consultancy and tech integration firm Heartland Business Systems (HBS) purchased cybersecurity consultancy and MSSP Pratum on December 15. “The joining of Pratum with HBS enables us to bring to market an end-to-end cybersecurity and technology service that strengthens security, improves operations, and simplifies the lives of our clients,” said Jordan Engbers, president of Pratum. He and HBS representatives did not comment on how much the acquisition cost.


What’s hot on Infosecurity Magazine?