Selling to private equity was one of the most common ways for public cybersecurity vendors to cash out their chips during the early 2020s.
See Also: Beat the Breach: Outsmart Attackers and Secure the Cloud
Firms including Thoma Bravo capitalized on the economic downturn that took hold in spring 2022 by scooping up security companies that had gone public during headier times and were struggling to meet investor expectations for profitability. Thoma Bravo sought to capitalize on the market opportunity with the purchase of Darktrace, Exabeam, ForgeRock, Intel 471, Ping Identity, Proofpoint, SailPoint and Sophos.
These private equity deals continued into 2024, with pure play cybersecurity vendors Acronis, BioCatch, Black Duck Software and Darktrace getting acquired by EQT, Permira, Francisco Partners and Clearlake Capital and Thoma Bravo, respectively. But private equity activity in the cybersecurity market ground to a screeching halt in 2025 as firms struggled to exit existing investments amid continued IPO struggles.
Private equity's dry spell in cybersecurity might be coming to an end, with Bloomberg reporting Tuesday that Blackstone, Thoma Bravo and Vista Equity Partners have expressed preliminary interest in Miami-based data security vendor Varonis. The company is working with advisors and exploring options including a potential sale after receiving takeover interest, according to Bloomberg.
Varonis's stock is up $3.12 - or 9.54% - to $35.83 per share in trading Tuesday afternoon, which is the highest the company's stock has traded since June 2. The stock still hasn't recovered from an October 2025 disclosure of a sharp drop in renewal rates for its on-premises subscription business, with Varonis's stock today trading $27.53 - or 43.7% - lower than it did on Oct. 28, 2025. Varonis is worth $4.11 billion (see: Varonis Lays Off 5% of Staff, Stock Plunges as Renewals Drop).
The company declined an ISMG request for comment on the Bloomberg report on the potential sale. Varonis's stock struggles come as venture-backed data security rival Cyera increased its valuation from $6 billion in June 2025 to $9 billion in January 2026 to $12 billion earlier this month amid massive outside investment. Varonis in October cut its staff by 120 employees to better align expenses with revenue expectations.
How Varonis Has Fared in the Public Market
Despite the market challenges, Varonis is well-regarded by tech analysts, with Forrester recognizing the firm in 2025 as the best data security platform out of the 10 evaluated, scoring higher than the likes of Google, Thales and IBM.
Forrester praised Varonis for bringing the expertise and outcomes it had mastered for on-premises deployments into the cloud, and for excelling in data discovery, classification, access controls, and data threat and risk visibility. Customers told Forrester they didn't like Varonis' high cost and wished for minor user experience improvements to dashboard navigation.
Varonis has in recent months made a pair of acquisitions to expand the company's total addressable market. The company in February bought artificial intelligence security startup AllTrue.ai for $114.5 million to obtain deep visibility, guardrails and life cycle coverage for AI agents. And Varonis bought email security provider SlashNext for $105.1 million in August to halt sophisticated phishing and social engineering attacks (see: Varonis Acquires AllTrue.ai to Extend Security for AI Agents).
Reported suitors, Vista Equity Partners and Blackstone, have a more limited cybersecurity footprint, with the former maintaining stakes in MDR firm Critical Start, network security firm Infoblox, training vendor KnowBe4, web security vendor Menlo Security and SIEM vendor Securonix. Blackstone, meanwhile, led a $400 million Series F funding round for Varonis competitor Cyera earlier this month.
Varonis enjoyed healthy revenue growth in the quarter ending March 31, with sales surging to $173.1 million, up 26.9% from $136.4 million a year earlier. The company's revenue mix changed dramatically, with SaaS accounting for 93% of total sales in the most recent quarter, up from just 64.9% last year. Net loss worsened 3% to $36.9 million, or $0.32 per share, up from $35.8 million the year before.
Taking Varonis private could help investors drive continued improvement in the company's balance sheet, seek out new markets through an accelerated pace of M&A and perhaps combine the company with another data security vendor for cost efficiencies. The one thing that's certain is security vendors with valuations below $15 billion struggle mightily as public investors optimize their portfolio for scale.
With Cyera fast-approaching the $15 billion valuation mark, the company will likely be the preferred vehicle for public investors looking to get into data security as each cyber sector increasingly becomes winner-take-all in the public market. Unless Varonis has some way of getting big fast, the new economics of cybersecurity suggest the private market might be a better long-term home for the company.