Funding/M&A Cybersecurity M&A Roundup: 42 Deals Announced in February 2026 Significant cybersecurity M&A deals announced by Check Point, Booz Allen, Proofpoint, Sophos, Palo Alto Networks, and Zscaler. By Eduard Kovacs | March 9, 2026 (11:54 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Forty-two cybersecurity-related merger and acquisition (M&A) deals were announced in February 2026. For a detailed view of the more than 420 acquisitions announced in 2025, check out SecurityWeek’s annual M&A report . Here are some of the most important cybersecurity M&A deals announced in February 2026: Arctic Wolf acquires Sevco Security SOC provider Arctic Wolf acquired US cybersecurity company Sevco Security, with no financial details disclosed. The acquisition aims to enhance Arctic Wolf’s attack surface management capabilities and provide customers with more comprehensive visibility and risk reduction in managed security operations. Booz Allen to acquire Defy Security Advertisement. Scroll to continue reading. Technology consulting giant Booz Allen Hamilton acquired cybersecurity services and consulting firm Defy Security. The acquisition aims to expand Booz Allen’s cybersecurity capabilities, as well as support its growing business in the UK and the European Union. Check Point acquiring Cyata, Cyclops Security, and Rotate Check Point announced three strategic acquisitions to accelerate its push into AI-driven security and exposure management: Cyata, Cyclops, and Rotate. Cyata will help Check Point enhance its end-to-end AI security platform, while Cyclops helps the company strengthen exposure management with AI-driven asset discovery. Rotate brings talent and capabilities to accelerate workspace momentum. Endor Labs acquires Autonomous Plane Software security company Endor Labs acquired application security firm Autonomous Plane. The acquisition aims to enhance Endor Labs’ reachability capabilities across applications and container images. Experian acquires AtData Experian has acquired identity and data intelligence solutions provider AtData. The acquisition aims to strengthen Experian’s capabilities in identity verification and fraud detection, with a focus on email. Palo Alto Networks to acquire Koi Palo Alto Networks has entered into a definitive agreement to acquire endpoint security company Koi. Financial details have not been officially disclosed, but the deal is reportedly valued at $400 million. Palo Alto Networks said it’s buying Koi for its agentic endpoint security technology, aiming to enhance its Prisma AIRS AI security platform and Cortex XDR endpoint security solution. Proofpoint acquires Acuvity Proofpoint acquired AI security and governance company Acuvity. The integration of Acuvity’s technology will allow Proofpoint to provide real-time visibility and granular controls over how employees and systems interact with AI applications. This deal aims to prevent the accidental exposure of sensitive data while ensuring compliance. Quantum eMotion to acquire SKV Technology Quantum eMotion (QeM) is acquiring SKV Technology (SecureKey), a developer of specialized cryptographic software and hardware. The deal integrates SecureKey solutions into QeM’s portfolio to deliver quantum-resistant security, rapid PQC migration, and policy-driven P2P communication. Sophos acquires Arco Cyber Sophos has acquired UK-based Arco Cyber, a cybersecurity assurance company that helps organizations improve their security posture. Sophos said the acquisition enables it to deliver AI-powered cybersecurity governance capabilities, through its CISO Advantage offering, to organizations that lack dedicated security leadership. Varonis acquires AllTrue Data security company Varonis Systems has acquired AllTrue.ai for its AI trust, risk, and security management (TRiSM) solutions. The deal has been valued at $150 million. By integrating AllTrue.ai’s capabilities into its own platform, Varonis will enable customers to monitor and control AI behavior, reduce risks, and maintain and demonstrate compliance. Zscaler acquires SquareX Zscaler announced that it has acquired browser security firm SquareX for an undisclosed sum. With the technology provided by SquareX, Zscaler will extend security to unmanaged devices, enabling organizations to secure users within their preferred browser without the need for a full agent or the limitations of a separate, third-party browser. Other cybersecurity M&A deals announced in February 2026: AEA acquires majority stake in Magna5 Arc acquires Skye Cloud Arctiq acquires Verinext Astreya acquires Reliant Information Services Aura acquires Qoria By Light Professional IT Services acquires Dignitas Technologies Ctrl:cyber acquires ElevenM CyberCatch acquires Atriarch Ekco acquires Datalogix Everpure (formerly Pure Storage) acquires 1touch Future Standard acquires majority stake in Velonex Technologies Guardsquare acquires Verimatrix XTD HaystackID Acquires eDiscovery AI IT Solutions acquires Tech Superpowers Keycard acquires Anchor.dev Littlefish Group acquires Stripe OLT Logicalis US acquires Maple Woods Enterprises Markon acquires Millennium Myriad360 acquires Advizex Nexus IT acquires DamonTeK Quantum Leap acquires Veros Technologies QuickStart acquires IronCircle RevSpring acquires TrustCommerce Scale Computing acquires Adaptiv Networks Semperis acquires MightyID TransUnion to acquire mobile division of RealNetworks TruthScan acquires Imagedetector.com Valiant Solutions acquires Abile Group Woven Solutions acquires Valence Related : Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance Related : Cybersecurity M&A Roundup: 34 Deals Announced in January 2026 Written By Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks James ‘Aaron’ Bishop Tapped to Serve as New Pentagon CISO Data Security Firm Evervault Raises $25 Million in Series B Funding Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Russian Ransomware Operator Pleads Guilty in US Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild LeakBase Cybercrime Forum Shut Down, Suspects Arrested Tycoon 2FA Phishing Platform Dismantled in Global Takedown Latest News ClickFix Attack Uses Windows Terminal to Evade Detection Internet Infrastructure TLD .arpa Abused in Phishing Attacks Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies Over 100 GitHub Repositories Distributing BoryptGrab Stealer Pentagon’s Chief Tech Officer Says He Clashed With AI Company Anthropic Over Autonomous Warfare FBI Investigating ‘Suspicious’ Cyber Activity on System Holding Sensitive Surveillance Information Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Virtual Event: Supply Chain Security and Third-Party Risk Summit March 18, 2026 Join the event where top security experts unpack the biggest software supply chain risks. Register People on the Move ArmorCode has named Phil Venables to its Board of Directors. James ‘Aaron’ Bishop has been appointed as new Pentagon CISO. Sonalee Parekh has joined SentinelOne as Chief Financial Officer. More People On The Move Expert Insights Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Living off the AI: The Next Evolution of Attacker Tradecraft Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP. (Etay Maor) Why We Can’t Let AI Take the Wheel of Cyber Defense The fastest way to squander the promise of AI is to mistake automation for assurance, and novelty for resilience. (Steve Durbin) Flipboard Reddit Whatsapp Whatsapp Email