Security Private Equity: Top Firms in 2026

Key Facts: Security Industry PE at a Glance

• The security industry divides into two primary PE investment categories: physical security (guard services, alarm monitoring, access control, surveillance) and cybersecurity (managed security services, identity management, security software), each attracting distinct fund strategies.
• Thoma Bravo, managing $160 billion in assets under management (AUM), has acquired or invested in more than 490 software and technology companies, making it the dominant buyout platform in security software globally.
• GTCR, with approximately $50 billion in AUM, has made five separate investments in the security alarm sector including SimpliSafe, Everon, Protection1, SecurityLink, and HSM, establishing itself as the most active physical security consolidator in private equity.
• Tower Arch Capital manages $722 million in AUM with a $450 million fund targeting lower-middle-market security consolidation, representing the growing wave of new entrants pursuing fragmentation arbitrage.
• Egis Capital Partners focuses exclusively on the security and protection industry, targeting enterprise values of $30 million to $200 million across physical and cyber sectors.
• The security sector is broadly recession-resistant due to strong recurring monthly revenue (RMR) models in alarm monitoring, managed security services, and subscription-based security technology.
• Capital is shifting from labor-intensive guard services toward technology-enabled hybrid models featuring AI-driven video analytics, IoT infrastructure, and managed security platforms.

Security Private Equity: Market Overview

Security PE encompasses investment across two structurally distinct subsectors. Physical security covers guard services, alarm monitoring, access control, surveillance, and systems integration. Cybersecurity spans managed security services, software platforms, identity management, and network defense.

Both subsectors attract PE capital for similar structural reasons. The physical security market remains highly fragmented, with thousands of small and mid-sized companies competing for local and regional contracts. This fragmentation creates consolidation opportunity. Roll-up strategies allow PE buyers to build scale quickly and exit at higher multiples than any single acquisition would support.

The US is the primary hub for security PE deal activity, with New York as the dominant center for general partner (GP) offices. Europe represents a secondary market, particularly for cross-border cybersecurity investments subject to GDPR compliance requirements. New lower-middle-market entrants joined the sector in 2024 and 2025, drawn by subsiding inflation, expected rate cuts, and the demonstrated success of earlier consolidation platforms. PE fund managers are now betting on businesses that combine traditional security services with AI-driven analytics and cloud-native infrastructure. Capital is shifting away from pure labor models toward higher-margin technology-enabled hybrids.

Firm Comparison at a Glance

The table below maps the leading PE and venture capital investors in the security sector by strategy, sector focus, and key differentiator. Use it to identify which fund managers align with your company's size, subsector, and preferred deal structure.

The table reveals a clear divide. Buyout-oriented fund managers such as Thoma Bravo, GTCR, and Egis concentrate on mature businesses with established earnings before interest, taxes, depreciation, and amortization (EBITDA). Venture-stage investors including Evolution Equity, Ballistic, and Forgepoint back earlier-stage cybersecurity companies with high growth potential and earlier revenue profiles.

Top Picks by Investment Strategy

Largest AUM in Security Software: Thoma Bravo ($160 billion) has invested in more than 490 software and technology companies, building the deepest cybersecurity software buyout portfolio of any PE firm globally.

Physical Security Consolidator: GTCR (~$50 billion AUM) is the most proven consolidator in alarm and monitoring, with five security alarm investments including the 2025 acquisition of SimpliSafe from Hellman & Friedman.

Sector Specialist: Egis Capital Partners is the only PE firm exclusively focused on the security and protection industry, targeting enterprise values between $30 million and $200 million across physical security and cybersecurity.

Growth Equity Leader: LLR Partners (Philadelphia) invests $25 million to $150 million per equity transaction in mid-sized security companies with scalable, proven business models and recapitalization options.

National Security Cybersecurity: Option3 (New York) pursues control investments in mid-market cybersecurity addressing national security priorities, backed by former Department of Defense, CIA, and NSA executives.

Top Cybersecurity Venture Investor: Evolution Equity Partners has backed Arctic Wolf, Pentera, ProtectAI, SecurityScorecard, and SNYK, covering threat detection, vulnerability management, and application security.

Lower-Middle-Market Entry: Tower Arch Capital ($722 million AUM, $450 million fund) targets fragmented smaller security operators where consolidation arbitrage produces the largest valuation step-ups.

Top Security PE Firms in Detail

GTCR: The Serial Alarm Consolidator

GTCR's commitment to the security alarm sector is unmatched among buyout firms. Managing approximately $50 billion in AUM from Chicago, the firm has completed five separate investments in security alarm and monitoring: SimpliSafe, Everon, Protection1, SecurityLink, and HSM. Each deal followed a platform acquisition model, using the initial company as a base for tuck-in acquisitions. The 2025 acquisition of SimpliSafe from Hellman & Friedman, which held the company from 2018, added a leading residential and commercial monitoring brand to GTCR's portfolio. Alarm and monitoring businesses evaluating potential PE partners will find GTCR's sector experience, operating playbooks, and established add-on pipeline difficult to replicate elsewhere in the market.

Thoma Bravo: The Security Software Empire

Thoma Bravo's $160 billion in AUM backs the largest technology and software buyout portfolio in private equity, with cybersecurity representing one of its most active investment themes. The firm has acquired or invested in more than 490 software and technology companies across its history. Its investment thesis centers on operational improvement and product rationalization within mature software businesses. Security software companies facing competitive pressure from well-capitalized incumbents will find Thoma Bravo the most capable consolidator in the segment, particularly for businesses with defensible recurring revenue, enterprise customer bases, and clear paths to margin expansion.

Egis Capital Partners: The Pure-Play Specialist

No PE firm in the market applies a narrower, more deliberate focus to security than Egis Capital Partners. The Summit, New Jersey firm targets enterprise values between $30 million and $200 million across physical security services, identity solutions, and IT security, covering both growth equity and buyout transactions. Its successful exit of ACRE, a global provider of access control security systems, demonstrates proven ability to grow and realize value in specialist security technology businesses. Egis co-acquired ACRE alongside LLR Partners, reflecting comfort with co-investment structures. Security company owners whose enterprise values fall within this range should treat Egis as their most directly sector-relevant PE option.

LLR Partners: The Growth Equity Mid-Market Operator

LLR Partners targets mid-sized security companies with proven, scalable business models, investing $25 million to $150 million in equity per transaction from its Philadelphia base. The firm deploys growth capital, buyout financing, and recapitalization structures, giving security company founders multiple paths to liquidity without requiring a full exit. Its co-investment in ACRE with Egis Capital Partners demonstrates comfort with sector-specialist collaborations and security industry deal flow. Founders who want institutional capital to accelerate geographic expansion or technology investment will find LLR's flexible deal structures well-suited to their goals. The firm allows founders to retain operational involvement and partial equity without a clean ownership break.

Option3: The National Security Cyber Investor

Option3's positioning in the cybersecurity market is genuinely distinct. The New York firm pursues control investments in mid-market cybersecurity companies that specifically address national security priorities, staffed by executives who previously served in the Department of Defense, CIA, and National Security Agency. Its acquisition of Onclave Networks, a zero trust cybersecurity platform, demonstrates its focus on defense-relevant technology. The firm also backed Dark Cubed before selling it to Celerium, showing active portfolio management and a disciplined hold period approach. Cybersecurity companies building products for government, defense, or critical infrastructure markets will find Option3's team uniquely capable of providing sector validation and regulatory market access.

Evolution Equity Partners: The Cybersecurity Venture Leader

Evolution Equity Partners has built one of the most respected cybersecurity venture and growth equity portfolios globally, backing companies that now span threat detection, application security, risk scoring, and AI-driven defense. Portfolio companies include Arctic Wolf, Pentera, ProtectAI, Quantexa, SecurityScorecard, and SNYK. The New York firm invests across venture and growth equity stages, giving it reach from early-stage cybersecurity innovators through to scaling companies approaching profitability. Founders building cybersecurity platforms with commercial traction will find Evolution Equity's sector network, co-investor relationships, and portfolio depth a meaningful competitive advantage in both fundraising and go-to-market execution.

Hellman & Friedman: The Long-Hold Growth Investor

Hellman & Friedman's investment in SimpliSafe, held from 2018 through 2025, illustrates the San Francisco firm's preference for high-quality growth businesses with durable competitive positions. The firm acquired SimpliSafe as a residential and commercial security platform and supported it through significant product development and market expansion before selling to GTCR. While Hellman & Friedman does not focus exclusively on security, its execution in the sector reflects a large-scale equity investment approach suited to security companies with strong brand positions and demonstrated growth trajectories. Limited partners (LPs) evaluating PE funds with security exposure will note its patient hold periods exceeding five years and successful realizations in competitive markets.

Tower Arch Capital: The Fragmentation Play

Tower Arch Capital targets the lower-middle market, where the security industry's fragmentation is most pronounced and consolidation arbitrage yields the highest relative valuation step-ups. The firm manages $722 million in AUM with a $450 million fund, deploying capital into smaller security operators that become building blocks for larger platforms. Its investment thesis mirrors the approach of earlier-generation security PE investors but applies it earlier in the company lifecycle, at sub-scale businesses that larger funds cannot efficiently target. Security businesses with strong local market positions and sub-$10 million EBITDA represent Tower Arch's natural target. Founders wanting to accelerate growth through add-on acquisitions will find its lower-middle-market expertise directly relevant.

Investment Trends and Capital Flows

Technology Convergence and the Hybrid Security Model

Physical security companies integrating AI-driven video analytics, IoT infrastructure, robotics, and drones are commanding premium valuations from PE buyers. The investment thesis has shifted from owning headcount to owning recurring technology contracts. Fund managers now prioritize businesses that combine people, processes, and tech-enabled monitoring over pure labor delivery models. Video analytics platforms and AI-powered surveillance software represent some of the fastest-growing subsectors attracting new deal flow from both buyout and venture capital investors.

Roll-Up and Consolidation Arbitrage

The security sector's extreme fragmentation, with thousands of small and mid-sized operators competing locally, makes it a natural target for roll-up strategies. New lower-middle-market entrants arrived in 2024 and 2025, following the blueprint established by GTCR and earlier consolidators. Platform companies absorb tuck-in acquisitions, capturing operational efficiencies and improving EBITDA margins before exiting at higher multiples than any single company could achieve independently.

Cybersecurity as a Value Creation Lever

Leading PE fund managers now treat cybersecurity not as a compliance cost but as a measurable driver of portfolio company value. Apollo Global Management runs an active cybersecurity governance program across more than 35 portfolio companies. Gridiron Capital operates a structured cyber program across its 20 portfolio companies. LP pressure is reinforcing this shift: a 2025 survey of more than 120 private fund finance leaders found that LPs are asking detailed questions about cyberattack readiness. They now treat strong cybersecurity protocols as a must-have requirement. Serious cyber incidents at portfolio companies cost an average of $3.4 million per event across US and European PE firms.

Recurring Revenue and Managed Services Premium

Capital is concentrating in security businesses with strong recurring monthly revenue. The focus spans alarm monitoring, managed security services, and subscription-based access control platforms. PE buyers scrutinize customer retention rates, contract length, and revenue churn before pricing deals. Companies with subscription or managed services revenue models attract meaningfully higher valuation multiples than project-based or one-time installation businesses, making contract quality a direct driver of deal terms.

Macro Tailwinds and Deal Rebound

Subsiding inflation is expected to lower the cost of capital and drive a rebound in security PE deal activity through 2026. Nation-state cyber threats and organized ransomware campaigns continue to elevate demand for both physical security and cybersecurity services. Regulatory frameworks including GDPR, the California Consumer Privacy Act (CCPA), and the Investment Adviser Rule are adding compliance-driven spending to the addressable market, supporting revenue growth across managed security services and risk management platforms.

How to Evaluate PE Investors in This Space

Sector specialization depth is the most important differentiator to assess first. Firms like Egis Capital Partners and Option3 have built their entire investment programs around the security industry. By contrast, Apollo Global Management and Gridiron Capital apply security-relevant expertise across broader, diversified portfolios. Specialist investors typically bring deeper deal networks, more relevant operating partners, and more accurate EBITDA benchmarks for security-specific businesses.

EBITDA and enterprise value thresholds determine which fund can actually write a check for your company. Some specialist lower-middle-market investors require a minimum of $2 million to $5 million EBITDA for initial qualifying conversations. Egis Capital Partners targets enterprise values between $30 million and $200 million. LLR Partners invests $25 million to $150 million in equity per transaction. Matching your financial profile to a fund's stated appetite eliminates misaligned conversations before they consume significant management time.

Strategy fit matters as much as fund size. A roll-up specialist like GTCR brings operational playbooks for platform acquisition and add-on integration. A growth equity investor like LLR Partners provides capital without requiring full ownership transfer. Minority investment structures allow founders to retain partial ownership while granting the PE firm governance authority over key decisions. Misalignment between a PE firm's preferred deal structure and the founder's goals is among the most common causes of contentious post-close governance and failed partnerships.

Cybersecurity due diligence standards have risen sharply across all security PE transactions. Strong PE buyers now conduct penetration testing, cloud configuration audits, and identity and access management (IAM) reviews before closing. They benchmark targets against the NIST Cybersecurity Framework or ISO 27001 standards, incorporating gaps into valuation models as remediation costs. Red flags that reduce deal value or halt transactions include unresolved prior breaches, absence of multi-factor authentication, and no documented incident response plan. Strong cyber posture has become a direct driver of deal terms, not just a compliance checkbox.

For LPs evaluating security-focused PE funds, track record in the specific subsector matters more than general PE performance. Count actual security investments: GTCR's five alarm deals and Thoma Bravo's 490-plus software acquisitions reflect genuine depth. Request portfolio-wide cybersecurity maturity reporting as part of your due diligence, since regulatory pressure from LPs on this issue has intensified significantly through 2024 and 2025.

Which Firm Fits Your Needs?

Security company founders seeking sector-fluent partners should start with Egis Capital Partners or Tower Arch Capital, depending on company size. Egis targets enterprise values between $30 million and $200 million and brings a proven exit track record through its ACRE investment, a global access control platform. Tower Arch Capital serves operators at earlier stages, deploying capital into fragmented smaller security businesses where consolidation arbitrage produces the largest valuation step-ups.

Mid-market operators planning a full exit should match their business type to the right buyer. GTCR is the strongest acquirer for alarm monitoring and residential security businesses, with five completed investments in the sector and active add-on pipelines. Thoma Bravo is the natural home for security software companies with strong recurring revenue and enterprise customer bases. LLR Partners serves growth-stage operators seeking $25 million to $150 million in equity with recapitalization options that preserve partial founder ownership rather than requiring a clean break.

Cybersecurity companies targeting government or defense markets should engage Option3 first. Its former DoD, CIA, and NSA executives provide regulatory market access and sector validation that generalist PE fund managers cannot replicate. Earlier-stage cybersecurity ventures with commercial traction will find Evolution Equity Partners or Ballistic Ventures more appropriate, given their dedicated focus on backing cybersecurity innovators before they reach buyout scale.

LPs building allocations to security-focused PE should consider Thoma Bravo ($160 billion AUM) for security software exposure and GTCR (~$50 billion AUM) for physical security consolidation track record. Egis Capital Partners offers pure-play specialist exposure for LPs seeking concentrated security industry positioning outside the diversification of a large generalist fund.

Methodology

This guide covers security PE across both physical security and cybersecurity subsectors, including guard services, alarm monitoring, access control, surveillance, managed security services, and security software. Data came from company websites, PE industry deal databases, SecurityInfoWatch, a Q3 2024 security industry association report, a security industry market analysis published in October 2025, the S-RM Cyber Incident Insights Report 2025, and a global leadership survey published in H1 2025.

Selection criteria included documented security industry investments, publicly available deal activity, stated sector focus, and AUM data where disclosed. AUM figures reflect public disclosures available as of early 2026: Thoma Bravo ($160 billion), GTCR (approximately $50 billion), and Tower Arch Capital ($722 million, $450 million fund) are sourced figures. All other firms lack publicly disclosed AUM and appear as N/A in the comparison table.

This list is not exhaustive. The analysis excluded generalist PE firms with incidental security holdings but no stated sector focus, in favor of investors with demonstrated specialization, repeated deal history, or significant AUM deployed in the security industry.