https://www.esecurityplanet.com/products/top-cybersecurity-companies/
As the demand for robust security defense grows by the day, the market for cybersecurity technology has exploded, as well as the number of available solutions.
To help you navigate this growing marketplace, we provide our recommendations for the world’s leading cybersecurity technology providers, based on user reviews, product features and benefits, analyst reports, independent security tests, and use cases. Between high-profile ransomware attacks and mergers, it is a time of high stakes and great change for the industry. Here are our picks for the top 20 cybersecurity vendors plus 10 honorable mentions – with the caveat that three of those 30 companies could soon become one. Read on.
The Best Cybersecurity Companies
Fortinet
Fortinet has been steadily building a reputation as one of the top security companies around. Its revenues are increasing at a fast clip, it comes up repeatedly in eSecurity Planet top vendor lists, has high customer satisfaction ratings and does well in analyst ratings. Gartner gave it top place in unified threat management (UTM), and it was named a Leader in next-gen firewalls (NGFW).
KnowBe4
KnowBe4 is on a rocket ride. A startup getting to Unicorn status (valued at a billion or more) on the back of security training is quite a feat. But constant breaches of organizations large and small, and a trail of victims to ransomware and phishing opened a massive opportunity. This company has risen from Niche Player a couple of years back to being number one in security training, according to Gartner.
CrowdStrike
CrowdStrike Falcon is popular with analysts and users alike. Falcon is near the top in raw security scores, but when factoring in the product’s advanced features, it wound up with an overall Detection score well above any other vendor on this list. It also scored high in Response, Management, Ease of Use, and Support. Users score it high in capabilities, implementation, cloud-based management, and Linux and technical support, among other areas.
Malwarebytes
Among Malwarebytes’ suite of cybersecurity products, their EDR solution has grown significantly in terms of feature offerings. Brute Force Protection focusses on Windows machine weaknesses created by the increasing number of remote employees at most enterprises. Their cloud solution receives positive reviews from users, and the platform works well alongside other security tools.
Cisco
Cisco’s roots are in networking but by necessity it has expanded into security and storage. Over the years, it has built up a wide range of security products, including firewalls, intrusion prevention systems (IPS), UTM, malware protection and cloud protection.
Splunk
Splunk is the darling of the IT Service Management (ITSM) market. But it has expanded from ITSM into security and operations management. The Splunk platform is used by many to perform security analytics and for SIEM.
Microsoft
Microsoft has quietly built up a large security portfolio. This includes Active Directory for identity and access management, Windows Defender, Azure cloud security services such as Security Center, Key Vault, Azure DDoS Protection, Azure Information Protection and Application Gateway for protecting Web applications.
IBM
IBM offers plenty of cybersecurity solutions, including Security Information and Event Management (SIEM), orchestration and incident response platform, cloud security and lots more. It isn’t the fastest in adding updates, and customer ratings aren’t great; but it is well rated by analysts (Gartner Leader in access management and managed security services), graded high by Cybersecurity Ventures and comes up continually in eSecurity Planet top product lists.
Palo Alto Networks
Palo Alto may not have the revenue totals of some of the big boys, but like Fortinet, it is very much on the rise. It offers firewalls, endpoint protection, cloud access and more. It boasts 50,000 customers, including more than 85 of the Fortune 100.
McAfee
McAfee has been a major player in security for a long time. It doesn’t seem to dominate any particular slice of the market, but it offers a lot of products that do consistently well in diverse areas. This includes antivirus, identity protection, SIEM (where Gartner names it a Leader), endpoint protection (graded a Visionary by Gartner) and secure web gateways (Gartner Challenger).
Trend Micro
Trend Micro is another big name that has sagged in terms of brand appeal and market dominance. But the company still boasts a big revenue base and a broad array of security solutions that protect more than half a million organizations and a huge number of endpoints.
Proofpoint
Proofpoint offers email protection, network sandboxing, security awareness training, cloud protection and more. Its only appearance on Gartner MQs is as a Leader in security awareness training. It lags KnowBe4 in that category, but its acquisition of Wombat is a statement that it intends to challenge KnowBe4 in that market.
Imperva
Imperva has made three eSecurity Planet Top Vendor lists and its profile is growing. Gartner ranks it far above the competition in web application firewalls and its customer satisfaction scores are very good. If it can sustain this while broadening its product portfolio, it can move higher in the standings.
RSA
RSA has been a subsidiary of Dell for many years. As such, it may be suffering from a lack of attention within the sprawling Dell empire. It made it into the Leader category in only one Gartner MQ (SIEM) and comes up consistently in our Top Vendor lists.
Product profiles in depth
- Palo Alto Networks
- Fortinet
- Cisco
- Crowdstrike
- IBM
- OneTrust
- Okta
- Zscaler
- KnowBe4
- Darktrace
- Proofpoint
- Rapid7
- Check Point
- Trend Micro
- Broadcom
- McAfee Enterprise
- RSA
- Sophos
- Splunk
- Microsoft
- Honorable Mentions
Palo Alto Networks
Headquarters: Santa Clara, California
Founded: 2005
Annual Revenue: $4.2 billion
Cybersecurity product categories: Next-generation firewall, UEBA, cloud security, endpoint protection, threat detection and prevention, application framework
Appearances on eSecurity Planet‘s Top Vendors lists: 12
Topping our list is Palo Alto Networks (PANW), and for one very good reason: No vendor offers better security. The company’s results in rigorous independent tests have been stellar, whether in next-gen firewalls (NGFW), endpoint detection and response (EDR) or any other area. Its endpoint security tests have been consistently excellent, including in the new MITRE protection tests. And cybersecurity buyers have taken notice. Revenue at the 16-year-old Santa Clara firm is expected to grow 23% this year to top $4 billion. In all, we’ve named Palo Alto to 12 top product lists, and we expect that number to grow in the coming months. In addition to NGFW and EDR, these are the other areas where Palo Alto ranks among the best:
- Cloud security
- Network security
- Zero trust
- Threat intelligence
- Cloud access security broker (CASB)
- User and entity behavior analytics (UEBA)
- Intrusion detection and prevention systems (IDPS)
- Extended detection and response (XDR)
- Container and Kubernetes security
- Cybersecurity products
Fortinet
Headquarters: Sunnyvale, California
Founded: 2000
Annual Revenue: $2.6 billion
Cybersecurity product categories: Network firewalls, anti-virus, intrusion prevention, Network access control (NAC), web application firewalls and endpoint security.
Appearances on eSecurity Planet‘s Top Vendors lists: 11
With $2.6 billion in revenue and growing at a healthy 17%, Fortinet is expected to hit $3 billion in sales this year. The network security vendor is another that doesn’t shy away from rigorous testing, and that’s landed the company on 11 of our top cybersecurity product lists. Fortinet has been steadily building a reputation as one of the top security companies around. Customer satisfaction ratings are high and analysts have lauded the company too. Gartner gave it top place in unified threat management (UTM), and it was named a Leader in next-gen firewalls (NGFW). And the company continues to evolve and look to the future: it ranked well in the Gartner Magic Quadrant for WAN Edge Infrastructure, and has earned another year near the top of our list.
- Security information and event management (SIEM)
- Network access control (NAC)
- Web application firewalls (WAF)
- Unified threat management (UTM)
- Enterprise VPNs
- NGFW
- EDR
- UEBA
- CASB
- Network security
- Cybersecurity products
Cisco
Headquarters: San Jose, California
Founded: 1984
Annual Revenue: $49.7 billion
Cybersecurity product categories: Next-generation firewalls, next-generation intrusion prevention, CASB, web gateway, NAC, advanced malware protection, email security, endpoint security, security management, VPN, security services
Appearances on eSecurity Planet‘s Top Vendors lists: 10
Cisco (CSCO) is a perennial favorite on this list. The networking pioneer has used its market dominance to move into adjacent markets, among them network security. With $3.2 billion in revenue and double-digit growth, security is one of Cisco’s strongest markets. Customers are often Cisco shops gravitating toward its firewall, endpoint and other products, but when you have nearly $50 billion in annual sales, your existing customers are a pretty big market, and Cisco has had its wins elsewhere too. Cisco has made 10 of our top security product lists: identity and access management (IAM), web gateways, NGFW, IDPS, CASB, NAC, cybersecurity products, XDR, network security and zero trust, with the company’s early leadership in the emerging and important zero trust market its most impressive recent accomplishment.
Crowdstrike
Headquarters: Sunnyvale, California
Founded: 2011
Annual Revenue: $1.4 billion
Cybersecurity product categories: EDR and XDR
Appearances on eSecurity Planet‘s Top Vendors lists: 4
While CrowdStrike (CRWD) made four of our lists – EDR, XDR, MDR and cybersecurity – coming out on top of the very competitive EDR market is no small accomplishment, and the company’s XDR platform leaves it well positioned for the future too. Apparently IT security buyers agree: Analysts expect stunning 56% revenue growth this fiscal year to rocket past the $1 billion sales mark. The 10-year-old Sunnyvale company could further gain after successfully fending off a SolarWinds-related attack, a distinction shared with Palo Alto Networks.
IBM
Headquarters: Armonk, New York
Founded: 1911
Annual Revenue: $74.3 billion
Cybersecurity product categories: Security analytics, services, patch management, encryption, SIEM, security orchestration, mobile security, fraud protection, network security, data protection, threat intelligence, application security, endpoint protection, identity and access management, authentication, database security, mainframe security
Appearances on eSecurity Planet‘s Top Vendors lists: 9
IBM’s deceptively large security business is spread across a number of business lines, like software and services, and the company doesn’t break out security revenues separately, but Big Blue is a powerhouse, making nine of our top security product lists: SIEM, IAM, encryption, database security, threat intelligence, single sign-on, patch management, managed security services, and cybersecurity products. Customer ratings are about average and the company’s speed in adding updates isn’t the best, but it remains popular with analyst firms like Gartner. IBM’s biggest strength might be its research depth, witness its impressive recent strides in homomorphic encryption.
OneTrust
Headquarters: Atlanta, Georgia
Founded: 2016
Annual Revenue: Privately held; GrowJo estimates $221 million
Cybersecurity product categories: privacy and compliance tools
Appearances on eSecurity Planet‘s Top Vendors lists: 1
Rocketing up the list this year is OneTrust. Startups crave unicorn status, a mark of success that means the private equity market has valued the company at $1 billion or more. OneTrust has done way better than that, raising $920 million in actual funding, for a $5.3 billion valuation. The privacy compliance technology company has ridden data privacy laws like GDPR and CCPA to become the fastest-growing company in America, according to Inc., number 4 on the Deloitte Technology Fast 500, and has earned a spot on our hot cybersecurity startups list too. A stunning rise for the 5-year-old Atlanta-based company.
Okta
Headquarters: San Francisco
Founded: 2009
Annual Revenue: $1.2 billion
Cybersecurity product categories: Zero trust, IAM, SSO, network security
Appearances on eSecurity Planet‘s Top Vendors lists: 4
Okta has a unique value proposition as a quick and easy way for organizations to get started implementing zero trust. With easy to use, deploy and manage products, it’s no wonder revenues are expected to soar 46% to $1.2 billion this year. In addition to zero trust, the 12-year-old San Francisco-based company also made our top IAM, network security and single sign-on lists.
Zscaler
Headquarters: San Jose, CA
Founded: 2007
Annual Revenue: $663 million
Cybersecurity product categories: Web gateways, zero trust, cloud security, edge security
Appearances on eSecurity Planet‘s Top Vendors lists: 2
Zscaler (ZS) is another one with outsized growth for an established company: analysts are expecting sales to surge 53% to $663 million this year. Zscaler, now in its 14th year, offers a broad cloud security platform that positions the San Jose-based company well for important emerging trends like zero trust, edge security and secure access service edge (SASE). Zscaler made our top web gateways list and received a mention for its zero trust efforts too.
KnowBe4
Headquarters: Clearwater, Florida
Founded: 2010
Annual Revenue: $240 million
Cybersecurity product categories: Cybersecurity awareness training
Appearances on eSecurity Planet‘s Top Vendors lists: 1
KnowBe4 (KNBE) recently went public, so we can get a look at its finances for the first time. Not surprisingly, the numbers are impressive, with recurring annual revenue up 42% to $240 million in the company’s most recent earnings report. Founder and CEO Stu SJouwerman turned his vision for employee cybersecurity training into a dominant position in the all-important market. It’s a pretty secure market too, given that employees are the weakest link in the cybersecurity chain and ransomware and phishing remain top threats. The company boasts deep cybersecurity experience, leading to forays into other markets like compliance and email security.
Darktrace
Headquarters: Cambridge, UK
Founded: 2013
Annual Revenue: $278 million
Cybersecurity product categories: AI, threat detection, incident response, IDPS
Appearances on eSecurity Planet‘s Top Vendors lists: 2
UK-based Darktrace has made a name for itself as an innovator in AI-based security. We placed the company on our top IDPS list, but with broad detection and response capabilities, the 8-year-old venture between British intelligence agencies and Cambridge University mathematicians is not easy to categorize. A recent IPO gave investors a good look at the company’s finances, and 40% revenue growth suggests plenty of demand for this pioneering product.
Proofpoint
Headquarters: Sunnyvale, California
Founded: 2002
Annual Revenue: $1.2 billion
Cybersecurity product categories: Advanced threat protection, email protection, encryption, data loss prevention, CASB, threat intelligence
Appearances on eSecurity Planet‘s Top Vendors lists: 4
Proofpoint’s (PFPT) revenues are expected to grow 15% to clear the $1 billion mark this year, as the Sunnyvale-based company rides a SECaaS product portfolio that has landed it on our top CASB, data loss prevention (DLP), zero trust and threat intelligence lists. Proofpoint offers email protection, network sandboxing, security awareness training, cloud protection and more. It lags KnowBe4 in security awareness training, but its acquisition of Wombat is a statement that it intends to take that market seriously.
Rapid7
Headquarters: Boston, Mass.
Founded: 2000
Annual Revenue: $503 million
Cybersecurity product categories: SIEM, vulnerability management, application security, UEBA
Appearances on eSecurity Planet‘s Top Vendors lists: 7
Rapid7 (RPD) is a top SIEM, MDR, vulnerability management, vulnerability scanning, breach and attack simulation, application security and UEBA vendor, a broad portfolio that will lead the Boston-based cybersecurity company to 22% growth this year and more than $500 million in sales.
Check Point
Headquarters: Tel Aviv, Israel, and San Carlos, California
Founded: 1993
Annual Revenue: $2.14 billion
Cybersecurity product categories: Advanced threat prevention, next generation firewall, UTM, encryption, secure gateway appliances, endpoint protection, remote access, cloud security, mobile security, zero trust, incident response
Appearances on eSecurity Planet‘s Top Vendors lists: 12
Check Point’s 4% revenue growth may not turn heads, but it offers as complete a security portfolio in the industry, and with strong security and value too. Firewalls, gateways, UTM, EDR, threat intelligence, incident response, encryption and data loss prevention are just some of the areas the company ranks highly in. It is a Leader in Gartner MQs for UTM and NGFW. Customer satisfaction ratings are about average, but it comes up in eSecurity Planet top vendor lists regularly and has established a sound revenue base. Its EDR offerings are among the biggest bargains in the industry.
Trend Micro
Headquarters: Tokyo, Japan
Founded: 1988
Annual Revenue: $1.75 billion
Cybersecurity product categories: hybrid cloud security, intrusion prevention, advanced threat protection, encryption, endpoint security, email security, Web security, SaaS security, IoT security, threat intelligence
Appearances on eSecurity Planet‘s Top Vendors lists: 7
Trend Micro is another big name with modest growth and a dependable revenue base, with a broad array of security solutions that protect more than half a million organizations and a huge number of endpoints. The one area where it excels is in endpoint protection, where Gartner has included it as a Leader for 15 years, and impressive independent tests back that up. Customer satisfaction ratings appear to be on the rise and a bit above average even. IDPS, endpoint security, encryption, XDR, cloud security, and DLP are areas we’ve rated the company’s products highly in. Forrester just scored it highest in cloud workload security. With its AWS relationship and the release of a security services platform for organizations building applications in the cloud, Trend Micro is gradually making its way up the standings.
Broadcom
Headquarters: San Jose, California
Founded: 1991
Annual Revenue: $27.25 billion
Cybersecurity product categories: Advanced threat protection, managed services, endpoint security, encryption, web gateway, email security, network security, cloud security, antivirus, identity theft protection, website security, mainframe security
Appearances on eSecurity Planet‘s Top Vendors lists: 13
Getting acquired by chipmaker Broadcom hasn’t been a bad thing for the Symantec enterprise security business. With more than $27 billion in revenue and a 14% growth rate, there’s plenty of cash to bankroll promising investments. Symantec has made 13 of our top product lists, including endpoint security, CASB, WAF, web gateways, managed services, encryption, XDR, access management, DLP and zero trust. Symantec does well in Gartner MQs, tops in secure web gateways and a Leader in endpoint protection and managed security services. It even has decent product satisfaction scores. A longtime leader that’s not content to rest on its laurels.
McAfee Enterprise
Headquarters: Santa Clara, California
Founded: 1987
Annual Revenue: Privately held
Cybersecurity product categories: consumer antivirus and privacy protection, identity theft prevention, IDPS, web gateways, mobile security, enterprise cloud security, data protection, encryption, endpoint security, network security, security management, server security, security analytics, SIEM, web security, consulting, database security
Appearances on eSecurity Planet‘s Top Vendors lists: 12
Speaking of acquisitions, these next two should be considered together, because McAfee’s enterprise business and RSA are now both owned by Symphony Technology Group – which has also acquired FireEye’s products business in the Mandiant spinoff, creating speculation that STG could merge the three into a giant security products company. McAfee has been a major player in security for a long time. It doesn’t seem to dominate any particular slice of the market, but it offers a lot of products that do consistently well in diverse areas. We’ve named McAfee products to top security products lists a dozen times, among them IDPS, SIEM, endpoint protection, secure web gateways, XDR, CASB, threat intelligence, encryption and DLP. Its customer satisfaction ratings are decent, too. Whatever the future holds, it’s sure to be interesting.
RSA
Headquarters: Bedford, Massachusetts
Founded: 1982
Annual Revenue: Undisclosed
Cybersecurity product categories: SIEM, GRC, threat intelligence, network traffic analysis and forensics, endpoint security, security orchestration, UEBA, malware detection, fraud prevention, identity and access management
Appearances on eSecurity Planet‘s Top Vendors lists: 5
RSA is another big name facing a period of uncertainty, but it has strong products, a respected name and its eponymous conference in its favor. We’ve given the company high marks in GRC, threat intelligence, encryption, SIEM and UEBA, among other areas. Customer ratings have been solid. The company has strong name recognition, but hasn’t stood out as much as that name would suggest. Further, weaknesses in RSA keys have called into question the security of its platform.
Sophos
Headquarters: Abingdon, United Kingdom
Founded: 1985
Annual Revenue: Privately held; most recent data suggests $544 million in fiscal 2020
Cybersecurity product categories: Firewalls, unified threat management, secure web gateway, secure email gateway, security management, anti-phishing, endpoint protection, mobile security, encryption, server security, consumer antivirus and Web filtering
Appearances on eSecurity Planet‘s Top Vendors lists: 9
Sophos is one of the oldest security vendors on this list, from the 1980s era that also saw the founding of RSA, McAfee, Symantec and Trend Micro. It offers strong security in a number of areas, often at value pricing. That combination has landed Sophos on nine of our top products lists: WAF, NGFW, UTM, EDR, encryption, XDR, MDR, and even antivirus. Unlike Symantec and McAfee, which have separated their consumer and enterprise businesses, Sophos and Trend Micro have retained control of their consumer products, and Sophos offers a very good one that even uses some of its enterprise EDR artificial intelligence (AI). Other areas of strength include firewalls and network and cloud security, giving the company a good base for the emerging XDR market. It made the Leaders quadrant of Gartner’s MQs for endpoint protection and UTM. Customer satisfaction has improved recently and is now even a little above average in some areas. Its acquisition by Thoma Bravo makes financial visibility murkier, an unfortunate trend in security in general with the number of private takeovers that have happened.
Splunk
Headquarters: San Francisco, California
Founded: 2003
Annual Revenue: $2.53 billion
Cybersecurity product categories: Security analytics, SIEM, user behavior analytics (UEBA), ransomware prevention, security automation
Appearances on eSecurity Planet‘s Top Vendors lists: 2
Splunk is primarily an IT management vendor, but the company changed the security market with its cloud-based SIEM solution, and it’s still gaining traction, with double-digit growth expected the next couple of years. The Splunk platform can get pricey, but it’s also a low-upfront cost way for organizations to get into security analytics and SIEM. The company came up tops in Gartner’s MQ for SIEM but customer satisfaction ratings have slipped recently, in part because of pricing. Still, the company has taken a good chunk of business from long-term market incumbents and it looks like it will continue to do so for the next few years. We rate Splunk highly in both SIEM and security analytics.
Microsoft
Headquarters: Redmond, Washington
Founded: 1975
Annual Revenue: $166.2 billion
Cybersecurity product categories: Identity and access management, UEBA, threat protection, information protection, security management, cloud security, DDoS protection, application gateway
Appearances on eSecurity Planet‘s Top Vendors lists: 4
Rounding out our list of the top security companies is Microsoft, which has quietly built up a large security portfolio. This includes Active Directory for identity and access management, Microsoft Defender, Azure cloud security services such as Security Center, Key Vault, Azure DDoS Protection, Azure Information Protection and Application Gateway for protecting Web applications. Its position in our rankings comes due to its general strong showing in all areas considered, and its overall analyst rating. Gartner placed Microsoft as tops in its Magic Quadrants (MQs) for endpoint protection and access management. What’s been really surprising is Defender’s very strong showing in the rigorous MITRE ATT&CK testing, with an unbroken string of stellar results. With the impressive security capabilities the software giant has developed, we can all hope the company uses some of that expertise to make Windows more secure.
See our picks for top cybersecurity startups
Honorable Mentions
The cybersecurity industry is loaded with great companies. The following didn’t quite make our cut for the top cybersecurity companies, but that doesn’t mean they don’t have great products. Some haven’t quite gained traction yet, while in other cases mergers, private equity takeovers, and in the case of FireEye – the split with Mandiant and merger with STG – have limited our visibility. All these vendors have made our top product lists and will meet the needs of many users.
- FireEye/Mandiant (endpoint, XDR, incident response, BAS, MDR, cloud, SIEM, threat intelligence)
- Imperva (WAF, database security, threat intelligence, DDoS)
- Illumio (zero trust, microsegmentation, top startup)
- Micro Focus (SIEM, access management, encryption, patch management, application security, SSO)
- Tenable (vulnerability management, scanning, cloud security)
- Barracuda (WAF, NGFW, UTM, web gateway, email security)
- Netskope (CASB, zero trust, cybersecurity)
- SonicWall (WAF, UTM, NGFW, threat intelligence)
- LogRhythm (SIEM, UEBA, threat intelligence)
- Forcepoint (NGFW, CASB, DLP)
Methodology
Cybersecurity is the top spending priority of CIOs, ahead of more strategic IT investments like AI and cloud, according to a recent Gartner survey. With the damage a breach can do to a company’s intellectual property and reputation – not to mention heavy fines under data privacy laws – companies have been pouring money into the $150 billion enterprise security market. But who are the market leaders? To find out, eSecurity Planet routinely conducts an analysis of the world’s largest and hottest cybersecurity vendors and ranks the top ones.
The biggest surprises in this list are the number of smaller vendors that are rapidly moving up, ahead of some more established names. Specialization can be a good thing in cybersecurity, witness CrowdStrike’s 56% growth rate. The vendors at the top of the list shouldn’t surprise longtime readers – Palo Alto Networks and Fortinet have continued to impress us – and a number of other vendors have withstood the test of time to stay on the list.
Vendors were evaluated based on their annual revenue, growth rate, range and quality of products, appearance on eSecurity Planet‘s top security product lists, user reviews, independent test results, analyst reports and venture capital funding, among other factors.
eSecurity Planet Editor Paul Shread contributed to this research article