Top 25 Cybersecurity Companies of 2018

The SaaS Report (now The Software Report) is pleased to announce The Top 25 Cybersecurity Companies of 2018. A four month process was run to collect nominations from several hundred executives and professionals in the software industry. We gathered data on each nominee including adequacy of security technology, level of customer support, knowledge of the latest cyber threats, CEO leadership effectiveness and CTO proficiency among other key areas.

Notably, a few companies offering unique advanced solutions earned spots among the larger cybersecurity incumbents. For example, Synack provides crowdsourced security testing deploying hackers around the world to quickly detect a company’s vulnerabilities. Masergy is at the forefront of enterprise security technology and sustains 99% client retention across a sophisticated client base. Meanwhile Digital Defense focuses on verticals such as financial services, legal and healthcare where the need for security compliance is particularly acute.

Congratulations to this year's award winners.

Category: Cybersecurity Software, Services
Location: Mountain View, California

A leading provider of cybersecurity software and services, Symantec was founded in 1982 and has grown into a leader in cybersecurity across the globe, employing 13,000 people in more than 35 countries and generating $4.8 billion in revenue for the fiscal year 2017. The security company boasts more than 2,000 global patents with sales split between the U.S. and internationally.  It operates one of the world’s biggest cyber intelligence networks, identifying and protecting scores of people and companies from hackers and data breaches. Symantec’s software and services are used by corporations, government agencies and individuals to keep the ever-evolving attacks at bay.

Symantec, which went public on the Nasdaq on June 23, 1989, is led by Greg Clark, who took over the helm as president and CEO in August of 2016, following its acquisition of Blue Coat. Clark had been CEO of Blue Coat and a member of the company’s board since 2011.

Read more: Symantec Vows To Secure Critical Infrastructure With Neural Network

2. FireEye
Category: Cybersecurity Software, Services
Location: Milpitas, California

With a mission to relentlessly protect customers from the consequences of cyber attacks, FireEye develops security software and services that are aimed at meeting the rapidly changing cybersecurity environment where evolving cyber crimes are creating gaps that can be exploited.  FireEye offers a host of solutions for companies including its flagship Helix Security Operations Platform that applies threat intelligence, automation and case management on a security operations platform.  Its network security and forensics services provides companies with network visibility and protection against cyber attacks through comprehensive endpoint defense.  It protects users from common threats while detecting more sophisticated ones.  FireEye’s solutions also detect email-based cyber attacks and block the most dangerous email attacks such as phishing attempts and malicious attachments, among other services.

FireEye was founded in In 2004 and went public on the Nasdaq on September 20, 2013. The company had 2017 revenue of $751 million, up from $161.56 million in 2013, a recent market capitalization of $3.76 billion and more than 3,000 employees.

Read more: FireEye All In With Community Approach To Cyber Security

3. BlackBerry  
Category: Secure End-to-End Mobility

Location: Waterloo, Ontario

It's been a long time since BlackBerry was known as the handheld device icon. These days it's doing a brisk business in the cybersecurity market, recently inking a $1.4  billion acquisition of Cylance to further its goal to become the leader in providing end-to-end mobility services that are secure and trusted. The Waterloo, Ontario -based security company focuses on securing and managing Internet of Things endpoints. It boasts 37,500 patents, invests 23% of its revenue in research and development and counts all seven of the G7 governments as customers as well as all of the ten largest commercial banks and ten of the world’s largest insurance companies, among others.

Ever since current Chairman and Chief Executive John Chen took on the role of CEO back in November of 2013, Blackberry has been transitioning from a hardware icon to a mobile security player. Thanks to Chen’s vision and focus, the Blackberry of today has little to do with handheld devices and everything to do with becoming a leader in securing and accelerating the growth of the Enterprise of Things marketplace.

Read more: BlackBerry Beefs Up IoT Offering With $1.4B Acquisition of Cylance

4. Proofpoint
Category: Email Security

Location: Sunnyvale, California

Recognizing that employees conduct business outside of the confines of an office setting, Proofpoint aims to protect people, data and companies brands whether their staff is communicating via email, social media or on mobile devices.  The Sunnyvale, California’s cybersecurity cloud platform helps companies detect and block targeted attacks and respond quickly to potential compromises.

The company boasts a 99% success rate in stopping attachment-based attacks, detects and blocks advanced threats and compliance risks in more than 600 million emails, more than 7 million mobile apps and hundreds of thousands of social media accounts daily. Its cloud services also enable companies to share large files securely.  To have such a high success rate, Proofpoint collects and analyzes more than 100 billion data points a day, providing companies with visibility into an attack and actionable information to resolve it. Proofpoint has been public since April 20, 2012, now commanding a market capitalization of $5 billion. For 2017, the company reported revenue of $515.3 million.

Read more: Proofpoint's Director of Product Marketing Mark Guntrip on Company Hacks Through E-Mail

5. Fortinet
Category: Cybersecurity Software, Services
Location: Sunnyvale, California

Founded back in 2000, Fortinet’s mission has long been to deliver security products and services across the entire information technology infrastructure. The company develops cybersecurity software including firewalls, anti-virus, intrusion detection and protection, and endpoint security. To meet that end it relies on its Security Processors, which is a security-focused operating system and applied threat intelligence to give customers enhanced security and better visibility into where threats are coming from. FortiGate is its flagship firewall platform that provides next-generation security and networking functionality. Fortinet is tasked with protecting companies networks, clouds, web applications and emails. It also offers advanced threat protection, secure unified access, and endpoint security.

The publicly traded company since November 2009, was founded by Ken Xie, the founder and former CEO of NetScreen and boasts a market capitalization of more than $12 billion. It has more than 5,000 employees across the globe and posted $1.4 billion in revenue for all of 2017.

6. McAfee
Category: Cybersecurity Software, Services
Location: Santa Clara, Calif.

By far one of the most well-known cybersecurity companies in the market, McAfee has been churning out cybersecurity software since its inception in 1987. Today it is a global player in protecting corporate networks and consumers online and when connected to corporate networks.

The  Santa Clara, California-based security software company also works with governments around the globe, relying on its McAfee Global Threat Intelligence to keep businesses, governments, and consumers one step ahead of the hackers. On the business front, McAfee’s endpoint and mobile security products protect end-user devices from attacks while its network security products and services protect company servers, databases and data centers.  For home users, McAfee provides security software to protect mobile devices and personal computers. Its McAfee Total Protection and McAfee LiveSafe products give consumers access to antivirus and antimalware protection, as well as internet security that includes protection from adware, spyware, phishing scams, malicious websites, identity theft, and other threats.

Read more: Grant Bourzikas, Chief Security Officer at McAfee on Phishing Attacks

Read more: Cybercriminals To Team Up In The New Year Keeping Security Professionals Busy

7. Rapid7
Category: SecOps Cloud Security
Location: Boston, Mass.

Aiming to lead in the burgeoning  SecOps marketplace in which IT security and operations teams work together to integrate tools and processes to protect a company’s network and operations, Rapid7 provides companies with insight and protection via its analytics and automation cloud Rapid7 Insight. The cloud platform gives companies the tools necessary to monitor, investigate and resolve vulnerabilities, threats and performance issues that pose risks to companies.

Realizing that automating routine tasks and providing intelligence can boost productivity and free people up to innovate, Rapid7’s products have been resonating with all sort of customers. Through its technology, services, and research, Rapid7 provides incident detection and response to more than 7,400 organizations spanning 120 countries, with 52% of the Fortune 100 companies as clients. Founded in 2000 in New York, publicly held Rapid7 is now based in Boston, boasting a market capitalization of $1.5 billion and $200.9 million in full-year 2017 revenue, an increase of 28% year-over-year.

8. Synack 
Category: Crowdsourced Hacker Testing
Location: Redwood City, California

The leader in crowdsourced cyber security testing, Synack taps the minds of some of the world's top security researchers, providing them access to a platform of powerful tools to test the security of corporate networks and government agencies around the globe. Through Synack, this crowdsourced group of security professionals provides organizations with insight into their vulnerabilities and defenses to keep the hackers out.  

Based out of Redwood City, California Synack has grown from a small startup in May of 2013 to a 100 strong enterprise. It counts some of the nation’s biggest banks, retailers and healthcare providers as customers. Co-founded by Jay Kaplan and Mark Kuhr, who left their counterintelligence jobs at NSA to launch a safe way to crowdsource vulnerability testing and intelligence, Synack is well known for its Hack the Pentagon program in which the Department of Defense tapped it to find vulnerabilities missed by traditional security software. Synack is a global organization with offices throughout the U.S. and EMEA. Its Synack Red team researchers, highly regarded as leading ethical hackers, represent over 55 countries around the world.

Read more: Crowdsourcing Security Testing: Synack Takes Protection To The Next Level

9. Crowdstrike
Category: Endpoint Security
Location: Sunnyvale, California  

Founded in 2011, CrowdStrike was borne out of the realization that existing security solutions on the market weren’t enough to combat the sophisticated hackers that were infiltrating some of the nation’s largest and well-known corporations.  Co-founders George Kurtz and Dmitri Alperovitch made a bet that marrying advanced endpoint protection with intelligence would be a better way to identify the perpetrators behind the attacks. And that bet has paid off. Today CrowdStrike is a premier cyber security company with presence in the U.S., Europe, and India. It employs about 1,000 and counts ADP, Rackspace, and Hyatt among its clients. The company provides security services to 12 of the 20 Fortune largest global companies, ten of the 20 largest financial institutions and five of the top ten largest healthcare provides. It's also a leading cybersecurity provider for the energy market.

CrowdStrike CEO Kurtz, a serial entrepreneur, is an internationally recognized cybersecurity expert, holding executive roles at McAfee before creating CrowdStrike with Alperovitch. His company was also who the Democratic National Committee turned to when it suspected it was hacked during the run-up to the 2016 election. That attention has helped propel the company’s growth, with speculation now abounding that it will go public in the first half of 2019.

10. Digital Defense Inc.
Category: Vulnerability Management as a Service
Location: San Antonio, Texas

The Vulnerability Management as a Service platform company has been protecting the networks of all sized businesses for nearly two decades. Its flagship vulnerability management as a service platform, Frontline Vulnerability Manager, provides vulnerability scanning and penetration testing. Its patented technology is credited with eliminating nearly all the false positives that IT staff within an organization are forced to investigate, freeing them up to protect the network from real threats. Digital Defense’s employee security awareness training provides companies with an all-around approach to protecting their networks and data.

CEO Larry Hurtado, who joined Digital Defense as CEO in August of 2002 from Elastic Networks, is credited with steering the company from a regional niche security company to a leading player with a global presence. Its security tools and services are used by companies operating in a number of sensitive industries including financial services, retail, legal and healthcare, that rely on Digital Defense to assess vulnerabilities and conduct penetration testing.

Read more: Digital Defense Fights Malware With New Agentless Detection Tool

11. Trend Micro
Category: Network Security
Location: Tokyo, Japan

A leading cybersecurity company for more than thirty years, Trend Micro has been protecting the networks of companies around the globe since its founding in 1988. It has an impressive track record since starting out as a maker of antivirus software. Since then it has protected more than 250 million endpoints and 500,000 companies across the globe. The Tokyo, Japan-based security company offers a host of security solutions focused on the cloud, networks and user protection.

The company has more than $1 billion in annual revenue and a team of 5,000 employees focused solely on information security. Despite its large size, Trend Micro prides itself in keeping pace with cutting-edge technology to provide advanced threat intelligence and protection. The company, which counts Live Nation and Mazda among thousands of its customers, also claims to have the most advanced threat intelligence network in the world. Dubbed Trend Micro Smart Protection Network, it's constantly enhanced by big data and machine learning to pinpoint where threats are coming from.

12. Masergy 
Category: Cybersecurity Software, Services 
Location: Plano, Texas

For nearly twenty years, Plano, Texas-based Masergy has been using technology to churn out security software and services that takes the complexity out of information technology, becoming, in essence, an extension of the in-house IT teams at corporations around the globe. Masergy’s patented and globally available software defined platform provides customers with access to hybrid networking, managed security and cloud communications that can be customizable to the client's unique needs.  

Masergy was founded in 2001 and has grown into a global enterprise employing more than 500 people. It counts heavy hitters such as Entegris, Webber, and Unisys as customers. Its software and cloud services are resonating with its client base, given it boasts a 99% customer retention rate and has a Net Promoter Score of 71 in 2018. That compares to the business-to-business technology industry average of 21. The Net Promoter Score gauges customer loyalty at a firm. The company has also been on a fast growth trajectory as it develops advanced security products and services, enjoying double-digit growth over the past few years.

13. Imperva
Category: Data and Application Security
Location: Redwood City, California

Data is at the heart of what hackers are targeting and Imperva, the data and application security company has been protecting business-critical information in the cloud and on-premises for years. Founded in 2002, the company has been in growth mode, generating $321 million in revenue in 2017. It has a client list of more than 6,400 customers, boasts more than 500 partners and operates all over the world. Imperva has a myopic focus on protecting company data, realizing that while the cyber-criminals are constantly changing their tactics they are still after the main money maker: data. Protecting it from the ever-changing nature of attacks is its one and only focus.

With its software and services, Imperva is able to protect cloud applications, websites, apps, databases, big data repositories and SharePoint systems from theft and extortion attacks such as Ransomware. Companies are provided visibility into how users access data and apps, relying on tracking and classification technology to detect and stop attacks. Imperva also has The Imperva Threat Research Team research team that is made up of leading experts in data and security who are tasked with identifying new attack methods and stopping them before they reach their customers.

Read more: Terry Ray, CTO at Imperva on Security Talent

14. Forcepoint
Category: Human-Centric Cybersecurity
Location: Austin, Texas

Data protection is only as good as the behaviors of the employees accessing it and Forcepoint knows it, which is why it adopted a people-centric approach to cybersecurity for its scores of customers spanning 150 countries. Forcepoint is continuously adapting its security responses to the risks posed by users. After all, employees are often to blame for spreading malware that infects networks or for clicking on a link that initiates ransomware. Its Forecepoint Human Point system provides customers with Risk-Adaptive Protection to ensure data and systems are being used in the proper fashion. Its products secure the cloud, web, email, networks, and computers and offers insider threat assessment, diagnostics and mitigation among other services.

Forcepoint, previously known as Websense or Raytheon|Websense, is owned by Raytheon and Vista Equity Partners, the private equity firm. It was renamed Forcepoint in 2016 after acquiring the firewall business Stonesoft from Intel and is led by Matt Moynahan, who joined as CEO in 2016, bringing along more than twenty years of security, cloud services and tech leadership to the company. The company protects the human point for thousands of enterprise and government customers.

15. CyberArk
Category: Privileged Access Security
Location: Petah Tikva, Israel

Founded in Israel in 1999, publicly traded CyberArk is a global leader in providing companies with privileged access security software and services across the entire enterprise, in the cloud and throughout the DevOps that are in the pipeline, reducing the risk that is created by privileged credentials. For more than ten years CyberArk has been providing top companies, including half of the Fortune 500, with protection against malicious insiders and external hackers.

It has developed a category of targeted security solutions that it claims is a first, helping leadership at corporations around the world stop reacting to attacks and instead getting in front of them.  Its products and services are used by more than 4,200 businesses including Barclays, Revlon and Time, to name a few. It has offices in the U.S., Israel, U.K., Singapore, Australia, France, Germany, Italy, Japan, Netherlands, Spain, and Turkey, employing around 1,100. For 2017, CyberArk, which has a market capitalization of $2.8 billion, posted revenue of $261.7 million, up 21% compared with 2016.

16. Mimecast
Category: Email Security
Location: London, U.K.

Despite a lot of effort to build employee awareness of email scams, that digital form of communication is still a real security threat to organizations across the globe. Mimecast, the London-based security company, has made it its mission to protect corporate email from hackers even as other forms of mobile communication gain steam. It developed a cloud architecture that provides companies with comprehensive email security, service continuity and the ability to archive with one subscription service. Its Mimecast Email Security with Targeted Threat Protection offers customers a set of cloud services aimed at providing next-generation protection against advanced email-borne threats such as malicious URLs, malware, impersonation attacks, and internally generated threats.

Founded in London in 2003, Mimecast became a public company in November of 2015, trading on the Nasdaq and today commands a market capitalization of $2.2 billion. It is backed by Index Ventures, Dawn Capital and Insight Venture Partners and has twelve offices around the globe. Mimecast employs more than 1,300 and boasts a client roster of more than 32,200.

17. Palo Alto Networks
Category: Cybersecurity Software, Services 
Location: Santa Clara, California

Founded in 2005, Santa Clara, California-based Palo Alto Networks is a global cybersecurity company serving more than 54,000 customers across roughly 150 countries. Its advanced firewalls and cloud-based security products are used by more than 85 of the Fortune 100 companies and 63% of the Global 2000. The company, which went public in July of 2012 employs 5,100 worldwide and has a market capitalization of $18 billion.  

Palo Alto Network’s core Security Operating Platform helps keep hackers out by utilizing analytics to automate routine tasks and enforcement, simplifying security so customers can focus on securing users, applications and data. Through the Security Operating Platform threat identification and enforcement across the cloud, network and endpoints is automated, blocking ransomware, malware and fileless attacks. The platform is optimized for a bevy of industries be it financial services or healthcare. The global cybersecurity company also provides cloud security, advanced firewall, endpoint protection and threat detection and prevention.  The company underwent a management change this year, with new chairman and chief executive Nikesh Arora coming on board in June. He came from SoftBank, where he was president and chief operating officer. Prior to that, he held a number of positions at Google.

18. Arctic Wolf
Category: SOC-as-a-Service
Location: Sunnyvale, California

When co-founders Brian NeSmith and Kim Tremblay set out to create a cybersecurity company in 2012, they knew they couldn’t focus on just the latest and greatest defense against hackers. Recognizing that the methods used by cyber-criminals are constantly evolving, they set out to create a way to evolve too. Instead of buying and deploying the latest solution, Arctic Wolf developed a security platform that can adapt to the changing security needs of the organizations it serves.

The Sunnyvale, Calif.-based cybersecurity company works with companies to create a tailor fit SOC-as-a-service (Security Operations Center) platform to meet each customer's’ needs. Its flagship product AWN CyberSOC combines human expertise with machine intelligence to prevent, detect and respond to threats. It also offers cloud monitoring and advisory services to help companies better safeguard their networks and endpoints. Arctic Wolf, which serves mid-market enterprises, recently acquired RootSecure, the vulnerability assessment company and could eye even more buys. It has 176 employees and has raised $88.2 million in venture funding.

19. Coalfire
Category: Cybersecurity Services 
Location: Westminster, Colorado

With threats coming seemingly from everywhere, finding the right solution for businesses can be challenging. Coalfire aims to cut through all the noise, providing cyber security advice to private and public sector organizations to help them avert threats, close gaps in security and manage their cybersecurity risk. Coalfire provides independent, tailored advice and services that cover all aspects of cybersecurity. Its services include cyber risk assessment, cyber engineering, compliance services and Internet of Things security assessments. Its services are offered by a team of industry experts that help enterprise organizations get a handle on a wide range of compliance and risk management initiatives.

Founded in 2001, Coalfire is vendor agnostic, enabling it to provide unbiased and actionable advice to its clients.  The Westminster, Colorado security consulting company has roughly 500 employees and counts heavy hitters such as Concur, Diebold and Cole Haan as customers.  In 2015, The Carlyle Group and The Chertoff Group acquired a majority stake in the company.

20. Carbon Black
Category: Endpoint Security
                                                               Location: Waltham, Massachusetts

With mobile and cloud computing growing in popularity, the endpoint has become the new ground zero for hackers and security professionals. With new and emerging attacks getting past existing cybersecurity defenses, security companies protecting endpoints have to constantly evolve. Carbon Black, the newly public endpoint security company, is using big data and analytics to fight back. With the Waltham, Mass.-based endpoint security company’s CB Predictive Security Cloud platform, it is able to deliver a new generation of cloud-based security solutions to businesses that can protect against advanced threats. The cloud platform applies big data analytics across all endpoints within an organization and makes predictions, providing protection for current and future attacks.

Carbon Black, which had its initial public offering in May, has about 1,000 employees, managing more than 13 million endpoints for its roughly 4,000 customers which include 30 of the Fortune 100 companies.  Its Chief Executive Patrick Morley has led Carbon Black since 2007, growing the company from a startup to one of the leaders in next-generation endpoint security.

21. Okta
Category: Identity Management Security
Location: San Francisco, California

San Francisco-based Okta has three missions as an identity management security company: help companies modernize IT, enable them to move faster and automate and provide personalized and secured applications, all of which it aims to do with its Okta Identity Cloud. The flagship product of the cybersecurity company, the platform provides customers with a suite of products to manage and secure identities. Its cloud offering helps companies prevent data breaches, give single sign-on access to all of a company’s apps and prevent identity attacks with multi-factor authentication. It also offers lifecycle management by automating how people move into and out of the business and a universal directory to centrally manage every user, app, device and API within the organization.

The publicly traded company has a market capitalization of $7.4 billion and has thousands of customers including Jetblue, Experian and 21st Century Fox. For its fiscal year 2018 ending in March, Okta posted revenue growth of 62% year-over-year and subscription revenue growth of 67% compared to fiscal 2017.

Read more: Yassir Abousselham, Chief Security Officer at Okta on Hacking Tactics

22. Netscout
Category: Business Assurance Services
Location: Westford, Massachusetts

Companies looking for more than cybersecurity out of their partners have been turning to Netscout for years, relying on the business assurance company to provide cybersecurity and business intelligence services that not only protect a corporate network but unlocks the power of a company’s data. Its product portfolio covers it all from the enterprise to the service provider environment, providing companies with visibility, security, performance and usage insight by unlocking all of their data. That, in turn, enables the customer to deliver service that is uninterrupted and secure. Netscout offers products that cover service assurance, troubleshooting, diagnostics, and business analytics, designed to provide end-to-end visibility of physical and virtual environments as well as speed up the time it takes to resolve issues and deliver actionable intelligence.

Headquartered in Westford, Mass., publicly traded Netscout, which was founded in 1984 and went public in 1999, has 2,770 employees as of the end of September, $986.8 million revenue for its fiscal year 2018 and a market capitalization of $2.1 billion.

25. Lastline
Category: Email and Network Security
Location: Redwood City, California

With Chief Information Security Officers facing ever-increasing pressure to secure their company’s networks, Lastline is at the frontlines, arming security professionals with email and network security products aimed at keeping the criminals out. Founded in 2011 by Engin Kirda, Christopher Kruegel and Giovanni Vigna, three renowned cybersecurity academic researchers, today the company offers cutting-edge technology such as Lastline Defender, which relies on artificial intelligence to provide companies with insights into advanced threats within a network.

Lastline Defender not only protects cloud and hybrid environments but it provides a complete threat detection and elimination of false positives, freeing up the security team to respond to threats quicker and automate some of the threat responses. A leader in detecting and combating malware, Lastline’s Deep Content Inspection service evaluates files for malicious content and is designed to provide companies with insight into malware while remaining hidden. That stops malware, which is often created with evasion techniques, without the hacker knowing it.  With offices across the U.S., in Europe and Asia, Lastline’s products are used by global security providers, global 2000 enterprises and security vendors around the world.