Proofpoint Closes $1.8B Hornetsecurity Deal, Targeting MSPs and the Expanding M365 Security Market

Proofpoint Closes $1.8B Hornetsecurity Deal, Targeting MSPs and the Expanding M365 Security Market

Key Takeaways

• Proofpoint has completed its $1.8 billion acquisition of Hornetsecurity, adding a major MSP- and SMB-focused Microsoft 365 security portfolio.
• Hornetsecurity will operate as a dedicated business unit led by founder Daniel Hofmann, continuing its multi-tenant MSP platform strategy.
• The deal expands Proofpoint’s reach in Europe and deepens its investment in human- and agent‑centric security for organizations of all sizes.

Proofpoint’s acquisition of Hornetsecurity, now officially closed at a total consideration of $1.8 billion, lands squarely at the intersection of a few realities B2B security leaders have been debating for years: Microsoft 365’s role as the primary business productivity layer, the growing dependence on MSPs for small and midsize organizations, and the need to protect people and data in environments where cloud services and AI agents increasingly make the decisions. It is a massive combination, even if the companies frame it as a natural progression.

The move gives Proofpoint a sizable expansion into the SMB and MSP ecosystem, a segment where the company has historically had a lighter presence compared to its dominance in the enterprise market. Hornetsecurity brings roughly $200 million in annual recurring revenue—growing 20 percent year-over-year—plus a strong European footprint anchored by more than 12,000 MSPs and channel partners serving over 125,000 customers. It is a scale few MSP-focused security providers can match. And it hints at why Proofpoint made the jump rather than trying to build a comparable platform from scratch.

Sumit Dhawan, Proofpoint’s CEO, framed the acquisition around extending what he calls the company’s “human- and agent-centric security leadership.” The phrase is doing a lot of work. It captures long-standing Proofpoint themes—protecting people from email threats and data loss—while acknowledging the newer challenge of AI-driven agents acting semi-autonomously inside business systems. If you squint a bit, you can see the company laying groundwork for a future where AI assistants and workflow bots become both customers and attack surfaces. It’s a small detail, but it shows where Proofpoint thinks the security conversation is heading.

Dhawan also emphasized reach: getting enterprise-grade protection to organizations “of every size.” For MSPs trying to standardize offerings and minimize tool sprawl, that might be the line that hits closest to home.

Hornetsecurity’s flagship product, 365 Total Protection, is built exactly for that audience. It wraps email security, backup, compliance, awareness training, and access control around Microsoft 365 and delivers all of it through a multi-tenant control panel. MSPs can manage dozens or hundreds of tenants there instead of juggling multiple vendors. Any MSP leader who has ever tried to stabilize margins while stitching together five narrow point solutions will understand the appeal immediately.

Daniel Hofmann, Hornetsecurity’s founder and CEO, is staying on to run the new business unit as executive vice president and general manager. His team remains intact, which matters more than press releases usually admit. When a channel-centric business changes hands, MSPs often watch carefully for signs of cultural friction—especially around pricing, support responsiveness, and partner program stability. Keeping Hofmann’s leadership group in place is a signal to the channel that Proofpoint knows better than to rewrite the operating model on day one.

Still, acquisitions are rarely seamless. Aligning Proofpoint’s enterprise-heavy product strategy with Hornetsecurity’s MSP-first approach won’t be a trivial exercise. What happens, for instance, when enterprise customers want the multi-tenant simplicity MSPs already rely on? Or when MSPs ask for deeper integrations with Proofpoint’s traditional portfolio? Those are implementation questions, not strategy questions—but they determine whether the combination actually works in practice.

For now, the companies are promising continuity. Customers and partners should expect consistent service and support, backed by Proofpoint’s broader global resources and its threat intelligence capabilities. It sounds straightforward enough. And yet, anyone who has lived through a platform consolidation knows the nuance: continuity is easy to promise and harder to deliver during the first six to twelve months of systems integration.

The market implications are interesting in their own right. Microsoft 365 security continues to be a magnet for both attackers and vendors, and the overlap between email, collaboration tools, and AI-driven workflows creates more operational complexity than many organizations expected. Research groups like Gartner have pointed to this consolidation trend before, and Proofpoint is clearly leaning into it. Even so, the MSP segment has its own logic—and its own pace. A multi-tenant architecture isn’t a nice-to-have; it’s the economic engine of an MSP’s business.

It is also worth noting how explicitly Proofpoint is positioning this deal as part of its European growth strategy. Hornetsecurity’s footprint spans more than 120 countries, but its strongest partner base is in Europe, where data sovereignty rules, customer expectations, and regulatory structures often differ from U.S. norms. For Proofpoint—long dominant among U.S. enterprises—this is a chance to embed more deeply into a market where trust and local presence matter. If you look at the regional context discussed in the European Union Agency for Cybersecurity’s recent analysis of cloud service dependencies, the strategic logic becomes even clearer.

Proofpoint also benefits from the maturity of Hornetsecurity’s awareness training, backup, and compliance tools. Those are not afterthoughts; they are part of how MSPs build recurring revenue and deliver consistent value downstream. Because Hornetsecurity’s platform is already tuned for high-volume, multi-tenant delivery, Proofpoint gains operational leverage rather than another standalone product line to reconcile.

Will enterprise-grade threat intelligence meaningfully strengthen SMB defenses? That is an open question. Threat data only helps if it is delivered in a way that busy MSPs can operationalize quickly. However, Proofpoint seems confident that its scale on the intelligence side will add real benefit—something Dhawan highlighted when discussing the combined innovation roadmap.

Hofmann called the acquisition “a new chapter” for Hornetsecurity, which sounds like the kind of phrasing most CEOs use after a deal closes. But given his continued leadership of the dedicated business unit, it serves as a practical signal that the company’s core identity isn’t being dissolved into Proofpoint’s broader brand.

Both organizations are framing the combination as an accelerant: deeper threat intelligence, broader reach, and a commitment to protecting people, data, and AI‑driven agents across Microsoft 365. For MSPs and SMBs, the value will ultimately show up in whether the combined platform makes protection easier to deliver—because that is the metric that matters when your teams are juggling dozens of tenants under real-world time pressure.

For now, the deal is done, the structure is set, and the enterprise and SMB halves of the Microsoft 365 security market just got a little closer together.