In April 2026, a total of 33 mergers and acquisitions tied to cybersecurity were made public.
To explore a comprehensive overview of the over 420 deals announced throughout 2025, visit SecurityWeek’s yearly M&A report.
Below are several of the most notable cybersecurity M&A deals from April 2026:
Airbus to acquire Quarkslab
Airbus has signed a deal to purchase Quarkslab, a cybersecurity firm established in 2011 in France, with a workforce of around 100 people. The financial details of the transaction remain undisclosed. This move aligns with Airbus’s wider plan to strengthen Europe’s sovereign cybersecurity infrastructure. Quarkslab’s flagship product, QShield, is built to protect software and digital systems against threats powered by AI as well as reverse engineering, with special emphasis on the defense and aerospace sectors.
Cyera acquires Ryft
Cyera, a data security company valued at $9 billion, has revealed its acquisition of Ryft, a 2024-launched Israeli startup known for developing a secure, automated data lake platform tailored for AI agents. While the official terms were not shared, industry estimates place the deal’s value between $100 million and $130 million. This purchase strengthens Cyera’s commitment to agentic AI security by expanding its ability to manage data lakes, helping enterprises safely adopt autonomous AI systems that rely on trusted, well-managed data.
Everfield acquires Rhebo
Landis+Gyr, a Swiss energy technology firm, has reached a definitive agreement to sell Rhebo, its operational technology (OT) security division, to Everfield Germany, a European buy-and-hold investor in B2B software. This is part of Landis+Gyr’s strategic shift to concentrate on its primary business operations. The deal puts Rhebo’s enterprise value in the high single-digit million-dollar range and is pending regulatory clearance. Rhebo specializes in intrusion detection and anomaly monitoring solutions for OT and IIoT networks.
Fortra acquires Zero-Point Security
Fortra has purchased Zero-Point Security, a UK-based specialist in cybersecurity training. The purchase broadens Fortra’s offensive security training services, adding specialized skills in red team tactics, adversary simulation, and penetration testing education. It will also enhance training programs connected to Fortra’s Cobalt Strike, Core Impact, and Outflank Security Tooling products.
Fortreum acquires Kovr.ai
Fortreum, a cybersecurity assessment and advisory firm supported by Gryphon Investors, has announced the purchase of Kovr.AI, a compliance platform focused on the US defense and national security sector. The combined platform is crafted to manage the entire compliance lifecycle — including readiness, documentation, formal evaluations, and continuous oversight — covering frameworks such as FedRAMP, CMMC 2.0, DOD SRG, NIST CSF 2.0, and GovRAMP.
Palo Alto Networks to acquire Portkey
Palo Alto Networks has stated its intention to acquire Portkey, an AI Gateway company based in San Francisco (founded in Bengaluru). The acquisition is intended to position an AI Gateway as the essential control layer for securing and managing autonomous AI agents within Palo Alto’s Prisma AIRS platform. The deal is reportedly valued at approximately $120–140 million.
Silverfort acquires Fabrix Security
Silverfort, a Texas-based (Israeli-founded) identity security company, has acquired Fabrix Security, a Tel Aviv-based startup, in a deal reportedly worth tens of millions of dollars. The acquisition merges Silverfort’s runtime access protection with Fabrix’s AI-powered decisioning engine, creating an autonomous identity security platform for human, machine, and agentic identities.
Socket acquires Secure Annex
Socket, a company specializing in software supply chain security, has acquired Secure Annex, a startup focused on extension security. The acquisition extends Socket’s security coverage to browser, IDE, and AI tool extensions, improving visibility throughout the software development lifecycle. Secure Annex’s founder, John Tuckner, is joining Socket as part of the deal.
Spin.AI acquires Revyz
Spin.AI, a SaaS security provider, has acquired Revyz, a company specializing in Jira and Confluence backup and configuration management. This allows Spin.AI to extend its data resilience and security posture management into the Atlassian ecosystem, complementing its existing protection for Google Workspace, Microsoft 365, and Salesforce.
Additional cybersecurity M&A deals announced in April 2026:
ABS acquires RMC Global
ADVANS Group acquires CORALIUM
Alchemy Technology Group acquires IOvations
Applus+ Laboratories to acquire Teron Labs
Bridgepoint to acquire majority stake in iC Consult
Cisco acquires Galileo Technologies
Cloudcomputing acquires Innovate IT
ControlCase acquires CyberNINES
Corporate Technologies acquires RPM Technologies
DeleteMe acquires Block Party
iCOUNTER acquires ParseIntel
Netum Group acquires Cyberwatch Oy
Nexus IT acquires Imagis
PentenAmio acquires Armour Communications
Protecht acquires VISO TRUST
Remote acquires Bravas
Scale AI acquires ICG Solutions
Self Labs acquires Loam
Suzu Labs acquires Emulated Criminals
TekStream acquires ImagineX Cybersecurity Business
VerifyVASP acquires Sygna
Virtual IT Group acquires Security Centric
WhiteHawk acquires Quixxi
Related: Cybersecurity M&A Roundup: 42 Deals Announced in February 2026
Related: Cybersecurity M&A Roundup: 38 Deals Announced in March 2026
