Awesome Business of Cybersecurity

Exploring the cybersecurity market with a focus on publicly traded companies, industry strategy, and AI capabilities. Organized by core solutions and specialized domains, it offers a structured way to analyze how cybersecurity companies operate, compete, and evolve across 18 solution categories and beyond.

Cybersecurity Market Snapshot
Specialists ("Pure Play") vs. Multiservice Cybersecurity
Business Intelligence
Key Cybersecurity Startup Competitions
Cybersecurity Stock Lists
Non-US Traded Cybersecurity Companies
Cybersecurity ETFs
Cybersecurity Solutions Categories
Contributing
License

Cybersecurity Market Snapshot

Funding Recovery: Cybersecurity companies raised $25.1B across 743 deals in 2025.
M&A Activity: The market recorded $76.4B across 320 disclosed deals, led by Google’s $32B acquisition of Wiz, the largest deal in industry history.
Capital Concentration: 48 mega-rounds of $100M+ captured 65% of all cybersecurity funding in 2025.
AI Security Reality Check: Despite the hype, AI Security accounted for just 2.6% of total cybersecurity funding in 2025, reaching about $661M and remaining outside the top 10 funding categories.
Geographic Concentration: The U.S. accounted for ~74% of global cybersecurity funding ($18.5B of $25.1B). Europe reached $1.33B.
Public Market Performance: Only 5 of 14 pure-play cybersecurity stocks finished 2025 in positive territory.

Specialists ("Pure Play") vs. Multiservice Cybersecurity

This list categorizes companies into two main types, reflecting how cybersecurity aligns with their overall business model:

🎯 Specialists ("Pure Play"): Focus exclusively on cybersecurity, dedicating their entire business to developing security solutions.
🌐 Multiservice: Offer cybersecurity as part of a broader range of technology solutions, such as networking, cloud services, or application delivery.

Exclusion: Tech giants like Microsoft or AWS are not included, as cybersecurity is just one part of their diverse operations. Additionally, this list does not include micro-cap or low-cap stocks to ensure focus on established companies and ETFs with significant market presence.

↑Business Intelligence

Explore resources that offer insights into the business, strategy, and trends shaping the cybersecurity industry. These blogs, newsletters, reports, and podcasts provide valuable perspectives for professionals, founders, and investors looking to deepen their understanding of this dynamic field.

↑Blogs and Newsletters

Venture in Security
Ross Haleliuk explores the business of cybersecurity, focusing on the ecosystem, players, angel investing, venture capital, go-to-market strategies, and product-led growth.
Strategy of Security
Cole Grolmus analyzes the business and strategy of cybersecurity, covering trends, companies, products, and case studies relevant to cybersecurity leaders and operators.
Anton on Security
Dr. Anton Chuvakin shares analysis on market sub-segments, with a focus on log management and emerging cybersecurity challenges.

↑Podcasts

The Cyber Brain
Weekly conversations with tech buyers on motivations, challenges, and strategies for cybersecurity marketers and founders.
Hacker Valley
Features discussions with cybersecurity marketers about effective go-to-market strategies and lessons from successes and failures.

↑Market Insights and Research

Awesome Cybersecurity Stocks Watchlist
A curated list of publicly traded cybersecurity companies.
Cybersecurity Ventures
Research and reports on cybercrime and market trends.
Momentum Cyber
Industry reports, news, and insights on mergers, acquisitions, and market movements in cybersecurity.
Statista: Global Cybersecurity Spending Forecast
Shows current and projected spending in the cybersecurity market.
CB Insights: Cybersecurity Reports
Offers data-driven insights on the cybersecurity market.
TechCrunch: Cybersecurity
Provides updates on startup news, market trends, and developments within the cybersecurity industry.
Forrester: Cybersecurity Trends
Insights on cybersecurity strategies, technologies, and market trends from industry experts.
Gartner: Cybersecurity Trends
Research on emerging challenges, solutions, and strategic insights shaping the cybersecurity landscape.
CyberSeek Interactive Heatmap
Visualizes supply, demand, and career pathways in the cybersecurity job market.
Solganick: Cybersecurity and Tech M&A Reports
Quarterly reports covering M&A activity in cybersecurity, cloud, AI, and IT services. Includes deal volume, valuation multiples, sector breakdowns, strategic buyer trends, and forward-looking outlooks. Useful for tracking consolidation patterns, acquisition themes, and investment momentum across enterprise tech.
Pinpoint Search Group: Cybersecurity Industry Reports
Publishes monthly and quarterly reports on cybersecurity vendor funding, M&A activity, and IPOs. Tracks early-stage investment trends, market segments, and lead investors across domains like automation, GRC, detection/response, and quantum.
Cybersecurity Pitch Deck Examples
A collection of pitch deck examples from startups.

↑Top Cybersecurity Investors

These firms are among the most active and influential investors in the cybersecurity space. Their portfolios and track records help shape the future of security innovation, often backing many of the industry's most successful startups.

Firm	HQ Location	Investments	Median Deal Size	Backed Exits	Select Portfolio Companies
Insight Partners	New York	92	$56M	13	Mate Security, Abnormal AI, Torq
Sequoia Capital	Menlo Park, CA	86	$37.1M	6	Kela, Irregular, Island
Accel	Palo Alto	70	$50M	13	Prophet Security, Legion, Vega
Ten Eleven Ventures	Burlingame, CA	60	$17.3M	13	VulnCheck, Guardare, HiddenLayer
Andreessen Horowitz	Menlo Park, CA	55	$29M	7	Material Security, Wiz, Yubico
Lightspeed	Menlo Park, CA	55	$50.8M	10	Virtue AI, Wiz, Axonius
Bessemer Venture	Redwood City, CA	55	$40M	11	Doppel, Eye Security, Torq
Alumni Ventures	Manchester, NH	54	$8.4M	5	Lacework, Elastio, Akto
Gaingels	Burlington, VT	51	$7M	6	Jericho, AttackIQ, Corelight
Forgepoint Capital	San Mateo, CA	49	$19M	13	Huntress, Cyberhaven, SPHERE

↑Key Cybersecurity Startup Competitions

Cybersecurity startup competitions like RSA Innovation Sandbox, Black Hat Startup Spotlight, and GISEC Cyber Stars are more than just exposure — they’re credibility accelerators. Finalists often go on to raise significant capital, secure design partners, and attract top-tier talent. For practical tips on how to stand out, see: How to Pitch at RSA, Black Hat, and GISEC Cyber Stars

RSA Innovation Sandbox — San Francisco, USA
Black Hat Startup Spotlight — Las Vegas, USA
GISEC Cyber Stars — Dubai, UAE
SC Awards — US / Europe
ECSO STARtup Award — Europe
SINET16 Innovator Award — US

Cybersecurity Stock Lists **(TradingView 📈)**

Endpoint Protection and Threat Detection

Secures devices such as laptops, mobile devices, and servers from threats like malware and ransomware. Common solutions include Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) for real-time monitoring and response.

Company (IR)	Twitter	Revenue Growth (Fiscal 2025)
CrowdStrike - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@CrowdStrike \| $CRWD	29%
SentinelOne - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@SentinelOne \| $S	32%
Gen Digital - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@GenDigitalInc \| $GEN	4%

Network Security

Protects an organization’s network perimeter and internal traffic. Typical measures include firewalls, Intrusion Prevention Systems (IPS), Virtual Private Networks (VPNs), and DDoS mitigation to block unauthorized access and attacks.

Company (IR)	Twitter	Revenue Growth (Fiscal 2025)
A10 Networks - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@A10Networks \| $ATEN	11%
Check Point - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@CheckPointSW \| $CHKP	6%
Cisco - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Cisco \| $CSCO	5%
Fortinet - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Fortinet \| $FTNT	14%
Palo Alto Networks - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@PaloAltoNtwks \| $PANW	15%
Radware - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@radware \| $RDWR	10%
NETSCOUT - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@NETSCOUT \| $NTCT	-0.8%

Identity and Access Management

Controls user identities, authentication, and authorization. This category commonly includes solutions such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Privileged Identity Management (PIM) to ensure that only the right individuals have appropriate access.

Company (IR)	Twitter	Domains	Revenue Growth (Fiscal 2025)
Okta - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@Okta \| $OKTA		15%
Telos - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@telosnews \| $TLS		52.2%

Cloud and Application Security

Secures cloud services, applications, and containers. It often involves technologies like Web Application Firewalls (WAF), Zero Trust frameworks, and Secure Access Service Edge (SASE) to enforce consistent security policies and monitor for threats in cloud environments.

Company (IR)	Twitter	Revenue Growth (Fiscal 2025)
Akamai - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Akamai \| $AKAM	5%
Cloudflare - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Cloudflare \| $NET	30%
F5 - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@F5 \| $FFIV	10%
Zscaler - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@Zscaler \| $ZS	23%
Synopsys - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Synopsys \| $SNPS	15%

Data Protection and Governance

Safeguards data through backup, encryption, and access controls while ensuring compliance with regulations such as GDPR or HIPAA. It covers data integrity, recovery, and lifecycle management.

Company (IR)	Twitter	Revenue Growth (Fiscal 2025)
Broadcom - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Broadcom \| $AVGO	24%
Commvault - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@Commvault \| $CVLT	19%
Varonis - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@Varonis \| $VRNS	13.2%
Rubrik - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@RubrikInc \| $RBRK	41%

Security Analytics and Threat Intelligence

Uses solutions like Security Information and Event Management (SIEM) and vulnerability management solutions, often supplemented with machine learning/AI, to detect, analyze, and respond to cyber threats by correlating security data from various sources.

Company (IR)	Twitter	Revenue Growth (Fiscal 2025)
Elastic N.V. - Stock Info • SEC Filing • Earning Transcripts • More 🌐	@elastic \| $ESTC	17%
Qualys - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@Qualys \| $QLYS	10%
Rapid7 - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@Rapid7 \| $RPD	2%
Tenable - Stock Info • SEC Filing • Earning Transcripts • More 🎯	@TenableSecurity \| $TENB	11%

↑Non-US Traded Cybersecurity Companies

These cybersecurity companies are listed on international stock exchanges outside of the United States, offering a wide range of security solutions across various domains.

Company (IR)	Ticker / Stock Exchange	Twitter	Description	Revenue Growth (Latest Reported 2025)
Cyberoo More 🎯	$CYB.MI - Borsa Italiana	@CYBEROO_ITALIA \| $CYB	Provides managed detection and response (MDR) and threat intelligence services for businesses.	-0.4%*
NCC Group More 🎯	$NCC.L - LSE	@NCCGroupplc \| $NCC	Cybersecurity consulting, managed services, and software security testing.	-7.2%
Thales 🌐	$HO.PA - Euronext Paris	@ThalesGroup \| $HO	Develops digital security solutions (encryption, IAM, secure communications).	7.6%
Trend Micro More 🎯	$4704.T - Tokyo Stock Exchange	@TrendMicro \| $4704	Threat detection, cloud security, and endpoint protection.	2%
Yubico AB 🎯	$YUBICO.ST - Nasdaq Stockholm	@Yubico \| $YUBICO	Hardware-based authentication (YubiKeys) for orgs and individuals.	-4.7%
AhnLab Inc. 🎯	$053800.KQ - KOSDAQ	@AhnLabGlobal \| $053800.KQ	Endpoint security, network security, and threat intelligence.	2.7%
Digital Arts Inc. 🎯	$2326.T - Tokyo Stock Exchange	@DA_IDL \| $2326.T	Network and data security for business and education.	7.2%
HENNGE K.K. 🎯	$4475.T - Tokyo Stock Exchange	@henngepr \| $4475.T	Cloud security and email security solutions for business.	30.6%
secunet Security Networks AG 🎯	$YSN.DE - XETRA	@secunet_AG \| $YSN	Secure networking, identity access management, and cybersecurity consulting.	11%

↑Cybersecurity ETFs

These exchange-traded funds invest in diversified portfolios of companies operating across various cybersecurity domains, offering investors broad exposure to the cybersecurity market.

ETF Name	Ticker	Description	Total Return for 2025	AUM (USD)
Amplify Cybersecurity ETF	$HACK	Tracks the Nasdaq ISE Cyber Security™ Select Index, focusing on companies directly involved in the cybersecurity industry.	8.0%	$1.93 billion
First Trust NASDAQ Cybersecurity ETF	$CIBR	Aims to match the Nasdaq CTA Cybersecurity Index™, targeting cybersecurity-focused tech and industrials firms.	13.1%	$9.55 billion
Global X Cybersecurity ETF	$BUG	Invests in companies benefiting from cybersecurity tech adoption, specifically those developing and managing security protocols to prevent intrusions and attacks.	-5.19%	$820.37 million

↑Cybersecurity Solutions Categories

This section outlines 18 cybersecurity solution categories, each supported by real-world vendor examples and AI-driven offerings to address diverse security challenges. Maturity models often used by security engineering teams help measure and track how capabilities across these categories are structured and scaled in organizations.

1. Network Security

Network Traffic Analysis (NTA): Monitors/analyzes network traffic for suspicious activity (e.g., Cisco Stealthwatch, ExtraHop Reveal(x)).
Firewalls: Secures network perimeters/controls traffic flow (e.g., Palo Alto Networks NGFW, Cisco ASA).
Intrusion Detection/Prevention Systems (IDS/IPS): Detects/prevents unauthorized access (e.g., Snort, Suricata).
Micro-Segmentation: Restricts lateral movement within networks by enforcing security policies at a granular level, enhancing zero-trust architectures (e.g., Illumio Core).
Network Access Control (NAC): Enforces security policies by controlling device access to enterprise networks, ensuring compliance before granting access (e.g., Aruba ClearPass).
Zero Trust Network Access (ZTNA): Provides identity- and context-based access to specific applications rather than broad network-level access (e.g., Zscaler Private Access, Cloudflare Access, Netskope ZTNA).
Secure Web Gateway (SWG): Protects users from malicious web traffic and enforces web access policies (e.g., Cloudflare Gateway, Zscaler Internet Access, Netskope SWG).
DDoS Protection: Detects and mitigates distributed denial-of-service attacks against networks and internet-facing services (e.g., Cloudflare DDoS Protection, Akamai Prolexic, Radware DefensePro).

2. Endpoint Security

Endpoint Detection and Response (EDR): Real-time endpoint threat detection with capabilities for proactive identification of advanced threats (e.g., CrowdStrike Falcon, Carbon Black).
Extended Detection and Response (XDR): Cross-layer detection and response, providing unified threat visibility and action across endpoints, networks, and cloud environments (e.g., Microsoft Defender XDR, Palo Alto Cortex XDR).
Mobile Threat Defense (MTD): Protects mobile devices (e.g., Lookout, Zimperium).
Endpoint Protection Platforms (EPP): Comprehensive device security (e.g., Symantec Endpoint Security, Trend Micro Apex One).
Device Management: Centralized endpoint compliance/security (e.g., Microsoft Intune, Workspace ONE).
Mobile Device Management (MDM): Centralized management and security of mobile devices, supporting diverse needs such as corporate fleets, personal devices in BYOD environments, and large-scale deployments (e.g., Cisco Meraki, VMware Workspace ONE, Jamf Pro, Ivanti, SOTI MobiControl, ManageEngine Mobile Device Manager Plus).

3. Monitoring and Operations

SIEM (Security Info and Event Management): Centralized platforms for collecting, analyzing, and correlating security data to uncover potential threats (e.g., Splunk, IBM QRadar).
XIEM (Extended IEM): Enhances traditional SIEM capabilities with advanced analytics and machine learning for deeper insights. (e.g., LogRhythm XIEM, Exabeam).
Behavioral/Insider Threat Analytics: Detects anomalous and malicious activity by analyzing user and entity behavior patterns (e.g., Varonis, Securonix).
Network Detection and Response (NDR): Continuously analyzes network telemetry to detect suspicious behavior, lateral movement, and hidden threats (e.g., ExtraHop RevealX, Vectra AI, Darktrace /TREIS).

4. Change Management

Configuration Monitoring: Ensures authorized configurations only (e.g., Chef InSpec, Puppet Enterprise).
Patch Management: Automates vulnerability patches (e.g., ManageEngine Patch Manager Plus, Ivanti Patch).

5. Orchestration and Automation

SOAR: Platforms to automate incident investigation, containment, and remediation (e.g., Splunk Phantom, Palo Alto Cortex XSOAR).
XOAR: Extended Orchestration for complex environments (e.g., IBM Resilient, Google Chronicle SOAR).
Autonomous SOC Solutions: AI-driven systems to automate security operations, including detection and response processes (e.g., StrikeReady, Arcanna.ai).

6. Threat Intelligence

Threat Intelligence Platforms (TIPs): Aggregate/analyze threat data (e.g., Recorded Future, ThreatConnect).
AI-Driven Threat Detection: Uses AI for threat detection (e.g., Vectra AI, Cynet).
User/Entity Behavior Analytics (UEBA): Analyzes activity patterns to detect potential security incidents before they escalate (e.g., Securonix UEBA, Exabeam).
Deepfake Detection: Identifies AI-generated content for media integrity (e.g., Reality Defender, Truepic).

7. Data Center Security

Physical Security Controls: Prevents unauthorized data center access (e.g., HID Global, Bosch).
Data Center Firewalls: Monitors/protects traffic within DCs (e.g., Fortinet FortiGate DC Firewall, Cisco Secure Firewall).

8. Data Security and Protection

Data Loss Prevention (DLP): Prevents data leakage.
- Endpoint DLP, Network DLP, Storage DLP, Email DLP, etc.
AI-Based Data Flow Mapping: Automates the discovery of sensitive data flows and risks (e.g., 1Touch.io, Cyberhaven).
Cloud Access Security Broker (CASB): Provides visibility, compliance enforcement, and data protection for cloud-based services, ensuring secure usage of SaaS, IaaS, and PaaS environments (e.g., Cisco Cloudlock, Forcepoint CASB).
Airgap Security: Utilizes physical or virtual isolation to protect systems from network threats, ensuring no direct network connectivity for critical systems.
Data Security Posture Management (DSPM): Discovers, classifies, and monitors sensitive data exposure across cloud and hybrid environments (e.g., Varonis DSPM, Microsoft Purview DSPM, Symmetry Systems).

9. Identity and Access Management

Privileged Access Management (PAM): Secures privileged accounts (e.g., Delinea, BeyondTrust).
Multi-Factor Authentication (MFA): Multiple identity verifications (e.g., Duo, Okta MFA).
IGA (Identity Governance/Admin): Manages user permissions (e.g., SailPoint, IBM Security IGA).
IAM: Controls system/data access (e.g., Okta, Azure AD).
Single Sign-On (SSO): Allows users to authenticate once and securely access multiple connected applications and services (e.g., Okta SSO, Microsoft Entra ID, Ping Identity).
Secure Mobile Access: VPN/MFA for mobile users (e.g., Palo Alto Prisma Access, Zscaler Private Access).
AI for Identity Security: Enhances identity verification processes with behavior analysis and fraud detection (e.g., Twine Security, RedBlock.ai).
Customer Identity & Access Management (CIAM): Manages customer authentication, consent, and security for external users (e.g., Auth0, Ping Identity, ForgeRock).
Identity Verification (IDV) & Identity Proofing: Uses biometrics and document validation to verify real-world identity (e.g., Onfido, Jumio, ID.me, Persona).
Identity Threat Detection and Response (ITDR): Detects, investigates, and responds to identity-based attacks, including compromised credentials and attacks against identity infrastructure (e.g., Microsoft Defender for Identity, CrowdStrike Falcon Identity Protection, Silverfort).

10. Application Security

DAST: Tests running apps for vulnerabilities (e.g., Burp Suite, OWASP ZAP).
SAST: Analyzes source code (e.g., SonarQube, Checkmarx).
IAST: Combines DAST + SAST (e.g., Contrast Security, Synopsys Seeker).
RASP: In-app runtime protection (e.g., Imperva RASP, Signal Sciences RASP).
SCA: Open-source vulnerability tracking (e.g., Snyk, WhiteSource).
WAF: Web app firewall (e.g., Akamai Kona, Imperva WAF).
API Security: Protects APIs from abuse, attacks, and data exposure through discovery, schema validation, authentication controls, and traffic inspection (e.g., Cloudflare API Shield, Salt Security, Noname Security).
WAAP (Web Application and API Protection): Unified protection layer for web apps and APIs, typically combining WAF, API protection, bot mitigation, and DDoS defenses (e.g., Cloudflare WAAP, Akamai App & API Protector, F5 Distributed Cloud WAAP).
Mobile App Security: Dev-time & runtime protection (e.g., Veracode Mobile, NowSecure).
Cloud Workload Protection Platforms (CWPP): Provides comprehensive security for cloud-native workloads, including containers, virtual machines, and serverless functions. Features include vulnerability scanning, runtime monitoring, and compliance enforcement (e.g., Aqua Security, Sysdig Secure, Prisma Cloud).
Software Supply Chain Security: Protects against risks in software development pipelines, including vulnerabilities, misconfigurations, and secrets in code repositories (e.g., GitGuardian, JFrog Xray, Sonatype Nexus).
SBOM Tracking: Manages and tracks Software Bill of Materials for transparency and security in software components (e.g., Anchore, CycloneDX).
AIBOM (AI Bill of Materials): Tracks and documents datasets, models, and dependencies in AI systems to enhance transparency and ensure secure deployment.
AI for Application Security: Identifies vulnerabilities during development and deployment (e.g., Mobb.ai, Pixee.ai).

11. Email Security

Secure Email Gateway (SEG): Filters malicious email (e.g., Proofpoint, Mimecast).
Anti-Phishing: Educates/detects phishing (e.g., KnowBe4, Cofense).
Cloud Email Security: Secures hosted email (e.g., Microsoft Office 365 Defender, Google Workspace).
AI-Enhanced Email Threat Detection: Identifies AI-crafted phishing attempts using advanced NLP and behavioral analysis (e.g., Tessian, Abnormal Security).

12. Security Awareness & Training

Phishing Simulation: Tests staff on phishing recognition (e.g., KnowBe4, Cofense PhishMe).
Security Awareness: Ongoing staff education (e.g., SANS Security Awareness).
AI-Based Training Solutions: Personalizes awareness programs using behavior analysis (e.g., Culture.ai, Outthink.io).

13. Professional Services & Consulting

Risk Assessment Services: Evaluate and mitigate cybersecurity risks (e.g., Qualys Risk, Rapid7 Risk).
Compliance Readiness: Prepare organizations for regulatory requirements (e.g., Deloitte, PwC).
Adversarial Simulation and Vulnerability Assessments: Simulates real-world attack scenarios and conducts detailed assessments to uncover vulnerabilities in applications, systems, and networks, offering actionable insights for improving security resilience (e.g., NCC Group, Trustwave).
AI-Driven Compliance Management: Leverages AI for automating compliance with regulatory standards (e.g., Styrk.ai, SurePath.ai).
Managed Detection and Response (MDR): Combines advanced threat detection, 24/7 monitoring, and response services to identify and mitigate threats (e.g., CrowdStrike Falcon Complete, Rapid7 MDR).
Incident Response Services: Expert-led investigation, containment, and recovery during or after security incidents, minimizing impact and reducing recovery time (e.g., Palo Alto Networks Unit 42).

14. Vulnerability Management

Continuous Vulnerability Management: Regular scans/remediation (e.g., Qualys VM, Nessus).
CAASM (Cyber Asset Attack Surface Mgmt): Reduces overall attack surface (e.g., CyCognito, RiskIQ).
Attack Surface Management (ASM): Continuously discovers and monitors internal and external assets that expand the organization’s attack surface (e.g., Tenable Attack Surface Management, Palo Alto Cortex Xpanse, CrowdStrike Falcon Exposure Management).
External Attack Surface Management (EASM): Focuses on internet-facing assets, shadow IT, and externally exposed weaknesses (e.g., Microsoft Defender EASM, Palo Alto Cortex Xpanse, Mandiant Advantage Attack Surface Management).

15. Incident Detection and Response

Breach & Attack Simulation (BAS): Tests security defenses through real-world attack scenarios to uncover vulnerabilities and gaps (e.g., SafeBreach, AttackIQ).
Incident Response Platforms: Streamlines and automates workflows to manage and contain security incidents effectively (e.g., IBM Resilient, ServiceNow Security IR).

16. Industrial Control Systems

ICS Security Platforms: Protect operational tech from cyber threats (e.g., Nozomi Networks, Claroty).
SCADA Security: Secures critical infrastructure (e.g., Siemens SCADA, Honeywell Industrial Cybersecurity).
Operational Technology (OT) Security: Protects industrial and operational environments such as plants, utilities, and manufacturing systems from cyber threats (e.g., Nozomi Networks, Claroty, Dragos).
IoT Security: Protects connected enterprise and industrial devices by improving visibility, posture, and threat detection across unmanaged device fleets (e.g., Microsoft Defender for IoT, Armis, Forescout).

17. Governance, Risk, and Compliance

Compliance Management: Tracks adherence to standards (e.g., RSA Archer GRC, LogicManager).
Risk Management: Identifies/mitigates organizational risks (e.g., ServiceNow GRC, MetricStream).

18. Third-Party Risk Management

Vendor Risk Assessment: Evaluates third-party security posture (e.g., BitSight, RiskRecon).
Supply Chain Security: Monitors dependencies/supply chain (e.g., CyberGRX, Venafi).
AI-Driven Third-Party Risk Insights: Offers automated insights into vendor vulnerabilities (e.g., Prevalent AI, Panorays AI).

↑Contributing

🌟 Star this repository if you found it helpful.
🐛 Report Issues to suggest fixes or improvements.
🚀 Submit a Pull Request to add new stocks or insights.

↑Disclaimers

Investment Disclaimer: This list is for informational purposes only and should not be construed as financial advice. Always do your own research before making investment decisions.
Trademark Disclaimer: All product or company names are trademarks™ or registered® trademarks of their respective holders. Use does not imply endorsement.

↑Contact

Email: [email protected]
LinkedIn: Tal Eliyahu
Twitter: @EliyahuTal

awesome-business-of-cybersecurity

About awesome-business-of-cybersecurity

Platforms

Links

README.md