CyberArk to Acquire Venafi from Thoma Bravo at $1.54 billion
Takeaway Points
- CyberArk to Acquire Venafi from Thoma Bravo at $1.54 billion
- The boards of directors of both CyberArk and Venafi have approved the transaction.
- The transaction is expected to close in the second half of 2024.
CyberArk acquires Venafi
The identity security company CyberArk on Monday announced its plans to acquire Venafi, a leader in machine identity management, from Thoma Bravo in a deal of about $1.54 billion in a combination of cash and CyberArk shares (approximately $1 billion in cash and approximately $540 million in shares). This acquisition will combine Venafi’s best-in-class machine identity management capabilities with CyberArk’s leading identity security capabilities to establish a unified platform for end-to-end machine identity security at enterprise scale.
Matt Cohen, Chief Executive Officer of CyberArk, said that by combining with Venafi, they are increasing their ability to secure machine identities in a cloud-first, post-quantum world.
“This acquisition marks a pivotal milestone for CyberArk, enabling us to further our vision to secure every identity – human and machine – with the right level of privilege controls. By combining forces with Venafi, we are expanding our abilities to secure machine identities in a cloud-first, GenAI, post-quantum world. Our integrated technologies, capabilities and expertise will address the needs of global enterprises and empower Chief Information Security Officers to defend against increasingly sophisticated attacks that leverage human and machine identities as part of the attack chain. Venafi brings world-class talent who shares CyberArk’s customer-centric, people-first culture and a security-first mindset. We are thrilled to work with the Venafi team to capitalize on the tremendous growth opportunity in the identity security market.” Matt said.
Chip Virnig, a partner at Thoma Bravo, said, “It has been a pleasure to work with the Venafi team, leveraging our operational expertise to further cement Venafi as a leading force in machine identity management. Over the course of our investment, Venafi has accelerated SaaS growth, expanded margins, and successfully created a best-in-class SaaS offering, setting the stage for continued innovation. We believe CyberArk is a great partner for Venafi and that the scaled end-to-end machine identity security platform created by this strategic combination will deliver significant value to shareholders.”
The acquisition details
According to the report, the boards of directors of both CyberArk and Venafi have approved the transaction, and the transaction is expected to close in the second half of 2024.
Venafi is expected to add approximately $150 million in annual recurring revenue (ARR). The transaction is expected to be accretive to margins immediately, with significant revenue synergies through cross-sell, up-sell, and geographic expansion, the company said.
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in identity security. Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity – human or machine—across business applications, distributed workforces, hybrid cloud environments, and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets.
About Venafi
Venafi is a cybersecurity market leader and the category creator of machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile, and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud, and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.
