European cyber exits report June 2025

Article by
Brice Lapouble
Alix François-Poncet
Article Date
June 2, 2025
Category
Article

European Cybersecurity Exits Report 2025: What the Data Really Says

At Axeleo Capital, we believe the European cybersecurity ecosystem is not only maturing, but proving its long-term strategic value. To validate that, we conducted a comprehensive analysis of every product-based cybersecurity exit in Europe between 2021 and 2024.

The backdrop in 2024 was tough: overall funding in the sector dropped 35%, with deal volume down in equal measure. France, in particular, experienced a sharp decline in early-stage activity (a 55% drop in deal count). Yet despite this, Q4 exit activity surged, pushing annual exit totals back to pre-2023 levels. It’s clear: acquirers remain hungry for European cyber innovation, even as investors become more selective.

Here’s a deeper look at some of the most relevant insights and new data from our 2025 report:

Exit Timing and Maturity

The average time to exit for European cybersecurity companies in 2024 was 9.3 years. For VC-backed companies, the average age at exit was slightly lower, at 8.7 years. These timelines highlight the deep technical nature of cybersecurity businesses and the long-term conviction required to support them.

Who’s Buying, and From Where?

More than 40% of all acquirers were based in the United States, underscoring continued US dominance in global cyber M&A. In contrast, acquisitions by French firms remain rare, with only three public acquisitions of European cybersecurity startups by French entities since 2021, despite France’s ambition to lead in tech sovereignty. These include:

  • Ekinops acquired SixSq (Switzerland, Cloud Security, 2021) 
  • Orange Cyberdefense acquired SCRT (Switzerland, Detection & Incident Response, 2022)
  • Thales acquired Onewelcome (Netherlands, IAM, 2024)

A closer Look at Recent Cybersecurity Exits

Between 2021 and 2024, eight public exits of French-founded cybersecurity companies were announced, three of them coming from Axeleo’s portfolio, spanning a broad range of categories from cloud and application security to GRC and email protection. These exits highlight the strength and adaptability of the French cyber ecosystem. The details of the acquisitions are available in the report.

Sector Focus and Strategic Rationale

The majority of cybersecurity acquisitions fall within a few core categories:

  • Cloud & Application Security
  • Identity and Access Management (IAM)
  • Threat Intelligence

Buyers are focusing on expanding AI-driven endpoint protection, IaC security, phishing defense, threat surface monitoring, and secure cloud access. These acquisitions aren’t just financial. They reflect deep product synergies and roadmap acceleration.

French Cyber Exits: Modest but Global

Only eight public exits of French cybersecurity startups have been recorded since 2021. Yet these companies were acquired by a diverse range of international buyers (US, UK, Switzerland, Germany), which confirms that while deal volume may be limited, the quality of innovation in the French market remains globally relevant.

What Changed in 2024?

Historically, Q2 has been the most active period for cybersecurity exits in Europe. But in 2024, this shifted significantly to Q4, which accounted for the majority of exits. This temporal concentration may reflect macroeconomic hesitation earlier in the year, followed by a reacceleration as market confidence returned.

What’s Happening in 2025 So Far?

Even before the mid-point of the year, we’ve tracked six exits in areas such as:

  • Cloud Security
  • Identity Access Management
  • Threat & Actor Intelligence
  • Data Security
  • Security Awareness

Companies were acquired at varying stages (Seed, Series A, Series B), and across diverse geographies, including the US, UK, France, Israel, and Italy.

__

Methodology:

The Cybersecurity Exit Report is based on data from Axeleo Capital's analysis as well as databases,  such as Crunchbase in particular. These data sources mainly gather information on deals and  rounds that have been publicly disclosed - many other raises are taking place, but without  announcements or communications on amounts (thus difficult to track). The analysis is limited  to companies headquartered in Europe, and with a value proposition focused on  Cybersecurity. As far as recorded fundraising is concerned, this refers to equity venture capital  fundraising only (i.e. excluding debt fundraising, subsidies and aid other than equity).

About Axeleo Capital:

Axeleo Capital 2 is a €70 million venture capital fund dedicated to B2B Tech start-ups,  including cybersecurity, across Europe. Axeleo Capital is a venture capital firm active on the  European technology scene and backed by a large pool of entrepreneur-investors. The fund  offers startup founders a unique support framework that combines equity investment,  operational and strategic coaching and an active ecosystem of over 100 high-level partners  and mentors. Its Cybersecurity investments include Symbiotic Security, Zygon, Seedata, Trustpair, Citalid, Mantra (exit),  Yogosha (exit) and Alsid (exit).

Related posts

Browse all articles
Article
April 28, 2022

Axeleo Capital is committed to its environmental approach !

With the help of WeCount, we were able to carry out our 2020 carbon footprint and define the main areas where we want to evolve to reduce our impact.

Article
April 28, 2022

State of Proptech & Contech in Europe – Q3 2021

Following the recent publication of our Q2 infographics, we’ve compiled the data of the 80+ proptech & contech venture deals from Q3 2021 (July – August – September).