LevelBlue announced Tuesday it has signed a definitive agreement to acquire Cybereason, a Boston-based cybersecurity firm specializing in extended detection and response platforms and digital forensics. 

Dallas-based LevelBlue, a managed security services provider formerly known as AT&T Cybersecurity, will fold Cyberreason’s extended detection and response (XDR) platform, threat intelligence team, and digital forensics and incident response (DFIR) capabilities into its managed detection and response (MDR) offerings.

“The addition of Cybereason is a strategic leap forward in our mission to become the most complete cybersecurity partner for our clients and strategic partners,” Bob McCullen, CEO and chairman of LevelBlue, said in a release. “By combining Cybereason’s world-class XDR and DFIR capabilities with our AI-powered MDR and incident response, we can deliver unified protection that’s proactive, scalable, and purpose-built for today’s fast-evolving threats.”

The acquisition follows a trend of industry consolidation, as cybersecurity companies aim to offer a variety of products and services under singular brands. Cybereason merged with managed service provider Trustwave earlier this year. 

For Cybereason, the acquisition bookends a turbulent seven-year period that saw the company swing from near-IPO status to dramatic valuation declines and multiple restructurings. Founded in 2012 by former members of the Israeli Defense Forces signals intelligence unit, the company competes with firms like CrowdStrike and SentinelOne in providing endpoint detection services and threat intelligence capabilities.

Cybereason appeared to reach its apex in 2021, when it raised $325 million in a funding round led by Liberty Strategic Capital. That round valued the company at approximately $3.1 billion, and Cybereason confidentially filed for an initial public offering with an expected valuation of $5 billion. At its peak, the company employed roughly 1,500 workers and had raised $850 million in total funding, with Japanese multinational investment holding company SoftBank as its primary investor.

However, the economic downturn of 2022 fundamentally altered the company’s trajectory. The shifting market conditions, combined with pressure from SoftBank following its significant losses on investment in WeWork, forced Cybereason to acknowledge it had over-hired at unsustainable wage levels. The company conducted two major rounds of layoffs, cutting more than 300 employees. In early 2022, Cybereason eliminated approximately 10% of its workforce, citing what it called a “seismic shift” in private and public markets. The IPO was eventually scrapped. 

As part of Tuesday’s announced transaction, SoftBank Corp. and Liberty Strategic Capital will become investors in LevelBlue. Additionally, Steven Mnuchin, former U.S. Treasury secretary and managing partner of Liberty Strategic Capital, will join LevelBlue’s board of directors. 

The post LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation appeared first on CyberScoop.

Significant cybersecurity M&A deals announced by Check Point, CrowdStrike, F5, Mitsubishi Electric, and SentinelOne. 

The post Cybersecurity M&A Roundup: 40 Deals Announced in September 2025 appeared first on SecurityWeek.

Check Point Software Technologies announced Monday it will acquire Lakera, a specialized artificial intelligence security platform, as entrenched cybersecurity companies continue to expand their offerings to match the generative AI boom.

The deal, expected to close in the fourth quarter of 2025, positions Check Point to offer what the company describes as an “end-to-end AI security solution.” Financial terms were not disclosed.

The acquisition reflects growing concerns about security risks as companies integrate large language models, generative AI, and autonomous agents into core business operations. These technologies introduce potential attack vectors including data exposure, model manipulation, and risks from multi-agent collaboration systems.

“AI is transforming every business process, but it also introduces new attack surfaces,” said Check Point CEO Nadav Zafrir. The company chose Lakera for its AI-native security approach and performance capabilities, he said.

Lakera, founded by former AI specialists from Google and Meta, operates out of both Zurich and San Francisco. The company’s platform provides real-time protection for AI applications, claiming detection rates above 98% with response times under 50 milliseconds and false positive rates below 0.5%.

The startup’s flagship products, Lakera Red and Lakera Guard, offer pre-deployment security assessments and runtime enforcement to protect AI models and applications. The platform supports more than 100 languages and serves Fortune 500 companies globally. The company also operates what it calls Gandalf, an adversarial AI network that has generated more than 80 million attack patterns to test AI defenses. This continuous testing approach helps the platform adapt to emerging threats.

David Haber, Lakera’s co-founder and CEO, said joining Check Point will accelerate the company’s global mission to protect AI applications with the speed and accuracy enterprises require.

Check Point already offers AI-related security through its GenAI Protect service and other AI-powered defenses for applications, cloud systems, and endpoints. The Lakera acquisition extends these capabilities to cover the full AI lifecycle, from models to data to autonomous agents.

Upon completion of the deal, Lakera will form the foundation of Check Point’s Global Center of Excellence for AI Security. The integration aims to accelerate AI security research and development across Check Point’s broader security platform.

The acquisition is another in a flurry of bigger cybersecurity companies moving to acquire AI-focused startups. Earlier this month, F5 acquired CalypsoAI, Cato Networks acquired Aim Security, and Varonis acquired SlashNext. 

The deal remains subject to customary closing conditions.

The post Check Point acquires AI security firm Lakera in push for enterprise AI protection appeared first on CyberScoop.

F5, a Seattle-based application delivery and security company, announced Thursday it will acquire Dublin-based CalypsoAI for $180 million in cash, highlighting the mounting security challenges enterprises face as they rapidly integrate artificial intelligence into their operations.

The acquisition comes as companies across industries rush to deploy generative AI systems while grappling with new categories of cybersecurity threats that traditional security tools struggle to address. CalypsoAI, founded in 2018, specializes in protecting AI systems against emerging attack methods, including prompt injection and jailbreak attacks.

“AI is redefining enterprise architecture and the attack surface companies must defend,” said François Locoh-Donou, F5’s president and CEO. The company plans to integrate CalypsoAI’s capabilities into its Application Delivery and Security Platform to create what it describes as a comprehensive AI security solution.

Companies are embedding AI into products and operations at an unprecedented pace, but this rapid adoption has created compliance gaps and heightened regulatory scrutiny. CalypsoAI addresses these challenges through what the company calls “model-agnostic” security, providing protection regardless of which AI models or cloud providers enterprises use. 

The platform conducts automated red-team testing against thousands of attack scenarios monthly, generating risk assessments and implementing real-time guardrails to prevent data leakage and policy violations.

“Enterprises want to move fast with AI while reducing the risk of data leaks, unsafe outputs, or compliance failures,” said CalypsoAI CEO Donnchadh Casey. The company’s approach focuses on the inference layer where AI models process requests, rather than securing the models themselves.

The acquisition comes during a flurry of similar moves by established companies in the cybersecurity space that are looking to add AI-powered offerings to their customers. 

F5 has also been active this year with what it considers strategic purchases. The company acquired San Francisco-based Fletch in June and observability firm MantisNet in August, demonstrating a pattern of building capabilities through acquisition rather than internal development.

The deal is expected to close by Sept. 30. 

The post F5 to acquire AI security firm CalypsoAI for $180 million appeared first on CyberScoop.

Industrial conglomerate Mitsubishi Electric has agreed to acquire OT and IoT cybersecurity specialist Nozomi Networks in a transaction that values the San Francisco-based firm near the $1 billion mark. The deal, slated to close in the fourth quarter of 2025, will see Nozomi Networks become a wholly owned subsidiary while continuing to operate independently.

The acquisition represents Mitsubishi Electric’s largest to date, with the company set to purchase the 93% of Nozomi shares it does not already own for $883 million in cash. Mitsubishi Electric previously acquired a 7% stake through Nozomi’s $100 million Series E funding round in early 2024, a relationship that laid the foundation for the takeover.

Following the transaction’s closure, Nozomi Networks will retain its brand, leadership, and personnel, maintaining its headquarters in San Francisco and its research and development hub in Switzerland. Both parties have indicated there will be no disruption to operations, roadmaps, or external partnerships.

Nozomi Networks focuses on security in operational technology (OT), Internet of Things (IoT), and cyber-physical systems (CPS). Its platform, designed for critical infrastructure and industrial organizations, focuses on asset discovery, continuous monitoring, anomaly detection, and vulnerability management. The company generated $75 million in revenue in 2024, an increase from $62 million the previous year.

The integration of Nozomi’s cloud-first, AI-powered solutions into Mitsubishi Electric’s portfolio grants the Japanese industrial giant a stake in advanced industrial cybersecurity at a time when OT and IoT environments are seeing increased attention due to rising threats of cyberattacks and operational disruptions. 

“By becoming part of Mitsubishi Electric, we will combine our strengths to drive the next generation of industrial security and innovation to bring additional value for customers around the world,” said Edgard Capdevielle, president and CEO of Nozomi Networks. “With the combined global reach and resources of both companies, we can supercharge our innovation engine, helping industrial organizations secure and accelerate their own digital transformations.”

Mitsubishi Electric, which brings more than a century of experience in industrial technology, sees the purchase as a way to accelerate the digital transformation of critical infrastructure clients globally. Combining its operational expertise with Nozomi’s technology is expected to result in the development of new AI-powered solutions tailored for OT and IoT use cases.

“This acquisition will enable us to co-create valuable new services while supporting Nozomi’s commitment to innovation and customer flexibility,” said Satoshi Takeda, Mitsubishi Electric’s senior vice president. “Together, we can help our customers achieve their digital transformation goals while enhancing security, efficiency, and resilience.”

The transaction is expected to receive all necessary regulatory approvals and is anticipated to close by the end of 2025. 

The post Mitsubishi Electric to acquire Nozomi Networks in $1 billion deal appeared first on CyberScoop.

Israeli cybersecurity company Cato Networks has acquired AI security startup Aim Security in its first ever acquisition, reflecting the broader industry rush to address security challenges posed by artificial intelligence adoption.

The deal combines Cato’s Secure Access Service Edge (SASE) networking platform with Aim’s AI security capabilities, allowing the company to protect customers from threats associated with generative AI tools and applications. Financial terms were not disclosed. 

The acquisition underscores how cybersecurity companies are scrambling to develop solutions for AI-related risks as enterprises rapidly adopt AI tools without fully understanding potential vulnerabilities. Aim’s technology addresses three key areas: securing employee use of public AI applications, protecting private AI systems, and managing security throughout AI development lifecycles.

“AI transformation will eclipse digital transformation as the main force that will shape enterprises over the next decade,” said Shlomo Kramer, CEO and co-founder of Cato Networks. “With the acquisition of Aim Security, we’re turbo-charging our SASE platform with advanced AI security capabilities to secure our customers’ journey into the new and exciting AI era.”  

Cato’s move comes as the company also extended its Series G funding round with an additional $50 million from Acrew Capital, bringing the total round to $409 million.

The acquisition reflects broader consolidation in the cybersecurity sector as companies seek to expand their capabilities to address evolving threats. Palo Alto Networks agreed in June to acquire CyberArk Software for approximately $25 billion, primarily to gain identity security tools that can be integrated with AI programs. Earlier this week, Varonis announced it has acquired SlashNext, an AI-driven email security company, for $150 million.

Aim Security, founded in 2022 and backed by YL Ventures and Canaan Partners, has positioned itself at the forefront of enterprise AI security. The company’s research team recently identified the first reported zero-click AI vulnerability in Microsoft 365 Copilot, dubbed “EchoLeak,” demonstrating the emerging nature of AI-specific security threats.

Cato plans to offer Aim’s capabilities as part of its SASE platform beginning in early 2026, providing existing customers with a migration path from standalone AI security solutions to integrated platform capabilities.

The post Cato Networks acquires AI security startup Aim Security appeared first on CyberScoop.

Palo Alto Networks has agreed to acquire identity security firm CyberArk for approximately $25 billion, marking the cybersecurity giant’s largest acquisition and its formal entry into the identity security market as the industry continues consolidating amid rising cyber threats.

The transaction ranks among the largest technology acquisitions this year and underscores the market’s focus on identity security in an era of increasing artificial intelligence adoption.

CyberArk, founded over two decades ago, specializes in privileged access management technology that helps organizations control and monitor access to critical systems and accounts. The company’s customers include major corporations such as Carnival Corp., Panasonic, and Aflac. Its technology addresses what security experts consider one of the most vulnerable aspects of enterprise security: managing privileged credentials for both human users and machine identities.

The acquisition comes as cybersecurity companies face pressure to offer comprehensive solutions rather than point products, with customers seeking to streamline their vendor relationships following high-profile breaches. Recent cyberattacks, including Microsoft’s SharePoint vulnerabilities that affected over 100 organizations including U.S. government agencies, have heightened focus on identity protection and privileged access management.

For Palo Alto Networks, the acquisition represents a strategic expansion beyond its traditional network security roots. The company has evolved from a next-generation firewall provider into a multi-platform cybersecurity leader, and identity security represents what CEO Nikesh Arora describes as an inflection point in the market.

“The rise of AI and the explosion of machine identities have made it clear that the future of security must be built on the vision that every identity requires the right level of privilege controls,” Arora stated in a release.

The timing reflects broader industry dynamics driven by artificial intelligence adoption. As organizations deploy autonomous AI agents and systems, these technologies require sophisticated privileged access controls similar to human users, but at machine scale. The combined companies position themselves to address what they term “agentic AI” security, applying just-in-time access and least privilege principles to AI systems.

Industry analysts view the acquisition as addressing a gap in Palo Alto Networks’ portfolio while potentially accelerating growth in areas where the company has seen some deceleration. 

“Over the past several years, Palo Alto Networks has been on a mission to become a huge platform player in the security market,” said Allie Mellen, a principal analyst with Forrester. “Given its product portfolio as it stands today, identity security capabilities are a missing piece of that puzzle. This acquisition rounds out its approach, given its existing cloud, network, and endpoint security products.” 

The transaction follows other major cybersecurity consolidations, including Google’s $32 billion acquisition of Israeli startup Wiz earlier this year. This consolidation trend reflects customer preferences for integrated security platforms over managing multiple specialized vendors, particularly as cyber threats have grown more sophisticated and frequent.

Both companies’ boards have unanimously approved the transaction, which remains subject to regulatory clearances and CyberArk shareholder approval. The deal is expected to close during the second half of Palo Alto Networks’ fiscal 2026.

The post Palo Alto Networks to acquire CyberArk for $25 billion appeared first on CyberScoop.