CISOs and different safety execs usually discover themselves in a tough place. Attackers are all the time getting higher, and now they will use genAI to assist craft ransomware emails or create deepfakes. On the similar time, safety practitioners are bombarded by distributors with an alphabet soup of options: SSE, SASE, ZTNA, DLP, CASB, SWG, SOAR, DEM, XDR, CSPM — the listing goes on and on.
Enterprise clients have had it with level merchandise. They need platforms that shield the whole lot: finish customers, whether or not distant or within the workplace; units, together with IoT and OT; purposes, together with SaaS; information, at relaxation or in movement; growth environments, on-prem or within the cloud. They need automation, they need analytics, they usually need AI and generative AI.
The facility gamers in safety have gotten the message. Over the previous yr or so, important vendor consolidation has occurred. Cisco purchased Splunk. Broadcom purchased VMware. Fortinet is shopping for Lacework. Strategic alliances have been solid. IBM and Palo Alto Networks. CrowdStrike and Cloudflare.
The distributors on this listing have constructed platforms that provide cloud-based administration and superior information analytics, and that leverage AI and genAI to place real-time data on the fingertips of safety professionals.
1. Cisco: Buying Splunk for AI
Why they’re right here: Networking powerhouse Cisco has cobbled collectively — largely by way of acquisition — a broad portfolio of safety merchandise. (Viptela for SD-WAN. Meraki for cloud administration. Duo for authentication. Thousand Eyes for digital expertise monitoring. AppDynamics for observability.) Some would say too broad, as Cisco has been criticized for having overlapping product traces. Cisco has addressed these issues with the current launch of Cisco Safety Cloud, which replaces level merchandise with suites.
Energy strikes: Cisco made a significant splash with the acquisition of SIEM and information analytics vendor Splunk. The transfer offers Cisco a possibility to mix its networking, safety, and observability merchandise with Splunk’s AI-based information analytics prowess to ship full-stack safety safety for enterprises.
By the numbers: $28B: The quantity that Cisco paid for Splunk.
Outlook: Cisco’s safety income in its most up-to-date quarter was a wholesome $1.3B (together with income from Splunk.) Nonetheless, Gartner analyst Jon Forest says that safety contributes solely 7% of Cisco’s complete income, so there’s definitely alternative for development. And Cisco has recognized 5,000 of its clients who haven’t any Splunk presence in any respect, which creates potential for cross-selling. Cisco CEO Chuck Robbins says that with Splunk within the Cisco fold, “We are going to revolutionize the way in which our clients leverage information to attach and shield each facet of their group as we assist energy and shield the AI revolution.”
2. Broadcom: All of it comes all the way down to execution
Why they’re right here: When Broadcom introduced its intention to buy VMware in 2022, the main target was on VMware’s virtualization and hybrid cloud administration platforms. However the mixture of safety vendor Symantec, which Broadcom bought in 2019, and VMware’s safety belongings, creates the potential for a significant participant in safety. The questions have been: Is Broadcom going to promote endpoint safety powerhouse Carbon Black (owned by VMware), because it initially indicated? And the way is it going to deal with overlapping product traces between VMware and Symantec relating to scorching product areas resembling SSE and SASE? In a stunning about face, Broadcom introduced in March that it’s going to preserve Carbon Black, and can try and combine Symantec and VMware safety instruments. It’s too early to inform if these difficult integrations will probably be profitable, however the alternative is there for Broadcom.
Energy strikes: Determined not to promote endpoint safety vendor Carbon Black.
By the numbers: $49B: Quantity Broadcom paid for VMware.
Outlook: On the current Cell World Congress in Barcelona, Broadcom introduced its first integration: A single-vendor SASE providing that mixes VMware’s VeloCloud SD-WAN and Symantec’s SSE. There are definitely extra areas of potential integration. Forrester Analysis factors out that each Symantec and Carbon Black have sturdy endpoint safety choices, and each have zero belief platforms. However Broadcom has acknowledged its intention to dedicate important sources to innovation and integration.
3. Palo Alto Networks: Platformization is the phrase
Why they’re right here: Palo Alto Networks is among the established energy gamers in cybersecurity, from its roots because the creator of the application-aware firewall to its present management place based mostly on what it calls “platformization,” the deployment of an built-in safety platform. Palo Alto Networks is a Chief in Gartner’s Magic Quadrant for SSE, and a Chief within the just-released Forrest Wave for XDR.
Energy strikes: In Could, Palo Alto introduced a broad partnership with IBM that has many shifting components. Palo Alto will turn into IBM’s most popular safety companion, with IBM pledging to coach greater than 1,000 of its safety consultants on migration, adoption, and deployment of Palo Alto Networks merchandise. Palo Alto will incorporate IBM’s watsonx giant language mannequin in its Cortex XSIAM. And Palo Alto will purchase IBM’s QRadar SIEM software, migrating QRadar clients over to Palo Alto’s safety operations (SOC) platform.
By the numbers: 15%: Palo Alto reported income of $1.98B in its newest quarter, up 15% year-over-year.
Outlook: Palo Alto is betting that enterprise clients agree with its imaginative and prescient of an AI-based, all-in-one safety platform. Palo Alto CEO Nikesh Arora says, “The safety trade is at an inflection level the place AI will rework companies and ship outcomes not seen earlier than. It’s a second to speed up development and innovation. Along with IBM, we are going to capitalize on this pattern, combining our main safety options with IBM’s pioneering watsonx AI platform and premier providers to drive the way forward for safety platformization with full, AI-powered, secure-by-design choices.”
4. Microsoft: Making safety a high precedence
Why they’re right here: Microsoft has taken the platform route and consolidated scores of particular person instruments into six product traces: Defender, Sentinel, Entra, Purview, Priva, and Intune. A pacesetter in AI by way of its shut alliance with OpenAI (the creator of ChatGPT), Microsoft has launched Copilot for Safety, a generative AI answer that permits safety groups to simplify processes resembling incident remediation and guided response. Microsoft has an SSE providing, and it was named a frontrunner within the 2024 Forrester Wave for XDR platforms.
Energy strikes: In March, Microsoft introduced that it had employed the co-founders of AI startup Inflection (Mustafa Suleyman and Karen Simonyan) to run Microsoft’s AI operations. In April, Microsoft introduced its unified SOC platform designed to interrupt down silos and ship SIEM, XDR, SOAR, and different features beneath one roof.
By the numbers: $20B: Microsoft says its safety division generates $20B in annual income. And Microsoft places the annual development of its cybersecurity enterprise at over 30%.
Outlook: Microsoft has suffered some high-profile, embarrassing information breaches just lately which have been blamed on Chinese language and Russian hackers. In response, Microsoft CEO Satya Nadella instructed analysts: “Safety underpins each layer of the tech stack and it’s our No. 1 precedence. We’re doubling down on this essential work, placing safety above all else, earlier than all different options and funding.” And in an e mail to Microsoft workers, Nadella wrote: “In the event you’re confronted with a tradeoff between safety and one other precedence, your reply is obvious: Do safety.”
5. Fortinet: Safety and networking beneath one roof
Why they’re right here: Fortinet is exclusive amongst cybersecurity distributors for 2 causes: 1. Fortinet is ready to natively mix networking and safety in a seamless platform. In truth, Fortinet is a frontrunner within the newest Gartner Magic Quadrant for enterprise wired and wi-fi LAN networking. 2. In contrast to firms that develop by acquisition and have to combine new merchandise into their portfolio, Fortinet builds its personal chips, has its personal working system (FortiOS), and, for many half, develops merchandise in-house, offering full integration from community switches to firewalls to SASE.
Energy strikes: Fortinet introduced on June 10 that it has reached an settlement to accumulate cloud safety agency Lacework. Fortinet stated that it’s going to combine Lacework’s CNAPP (cloud-native utility safety platform) into its Unified SASE providing to create “one of the vital complete, full stack AI-driven cloud safety platforms accessible from a single vendor.”
By the numbers: 7%: On Could 2, Fortinet introduced Q1 income of $1.35B, up 7% year-over-year.
Outlook: Fortinet is making an enormous push to take a management place in single-vendor SASE. Says CEO Ken Xie, “We’re diligently executing on our technique to capitalize on the fast-growing unified SASE and safety operations markets whereas persevering with to realize market share in safe networking.” As well as, Fortinet is looking for the candy spot between clients who need a consolidated platform, however are cautious of vendor lock-in. Fortinet is now providing clients a collection of 5 platforms (hybrid mesh firewall, XDR, single-vendor SASE, SD-branch, and cloud e mail safety) that they will select from.
6. CrowdStrike: Cloud-native safety platform constructed to guard cloud information
Why they’re right here: CrowdStrike is a frontrunner in Gartner’s 2023 Magic Quadrant for Endpoint Safety Platforms. It’s a chief within the 2024 IDC MarketScape for worldwide managed detection and response providers. And CrowdStrike is a frontrunner within the 2024 Forrester Wave for Prolonged Detection and Response Platforms. IDC says, “There’s a push ‘to the platform’ that’s occurring in cybersecurity. That is worthy of point out as CrowdStrike has a large depth and breadth of capabilities constructed into its Falcon platform that gives the expertise muscle for its MDR providing. The added capabilities, resembling its managed cloud workload safety (CWP) and its totally managed identification menace safety service, present knowledgeable administration, monitoring, safety, and optimization of identities and identification shops.”
Energy strikes: Acquired Stream Safety, a frontrunner in information safety posture administration (DSPM).
By the numbers: 33%: On June 4, CrowdStrike introduced that income in its most up-to-date quarter elevated 33%, reaching $921M.
Outlook: CrowdStrike continues to innovate. It just lately delivered a Falcon Subsequent-Gen SIEM, and Falcon utility safety posture administration (ASPM). The Stream Safety acquisition is aimed toward boosting CrowdStrike’s DSPM capabilities and matches right into a broader technique to ship what CrowdStrike calls “essentially the most full information safety providing, from code to utility to gadget to cloud.”
7. Cloudflare: Teaming up with CrowdStrike
Why they’re right here: Cloudflare is a frontrunner in safe content material supply community providers, what it calls its “connectivity cloud,” with a unified platform of networking, safety, and utility supply providers. Launched in 2020, Cloudflare One is a quick rising platform for SASE and SSE providers. Cloudflare was named a “Chief” in 2023 IDC MarketScape for zero belief community entry (ZTNA), and is a Sturdy Performer in 2024 Forrester Wave for SSE.
Energy strikes: Purchased BastionZero, a zero belief infrastructure entry platform, to additional strengthen distant entry to core IT techniques for purchasers of Cloudflare One.
By the numbers: 30%: Cloudflare’s income for the primary quarter of 2024 was $378.6 million, a rise of 30% year-over-year.
Outlook: On Could 30, Cloudflare introduced a strategic partnership with CrowdStrike designed to mix their platforms to assist enterprise clients obtain vendor consolidation throughout its cybersecurity infrastructure. Particularly, the deal combines cloud-native, zero belief safety and connectivity from Cloudflare One with AI-native cybersecurity from CrowdStrike Falcon’s cybersecurity platform, together with its Subsequent-Gen SIEM. CrowdStrike and Cloudflare are leveraging channel partnerships to ship a completely built-in answer to world clients from a single API. The objective is to ship the full-scope capabilities SOC groups have to detect and reply to assaults throughout community, units, endpoints, cloud, identification, information, and purposes.
8. Zscaler: Zeroing in on zero belief
Why they’re right here: A pacesetter in Gartner’s newest Magic Quadrant for safe service edge, Zscaler is an innovator within the second wave of vendor cybersecurity — an organization that doesn’t construct its personal firewalls, however constructed a cloud-based platform designed to safe enterprise visitors. The corporate’s Zero Belief Change protects customers, workloads, and units by making use of zero belief rules together with superior machine studying and AI. The platform additionally now extends to IoT units, in addition to OT techniques.
Energy strikes: Purchased startup Avalor. The seller’s information material permits safety groups to combination, normalize, deduplicate, and observe threat information from discovery to remediation. Additionally purchased AirGap Networks, which permits Zscaler to introduce zero belief community segmentation inside branches, campuses, and factories for servers and IoT/OT units.
By the numbers: 2 billion: Variety of phishing makes an attempt that Zscaler’s platform blocked in calendar 2023.
Outlook: Zscaler Chairman and CEO Jay Chaudhry says the corporate’s benefits are its cloud-based structure, the way in which its choices are always evolving, and its velocity of innovation. Alongside these traces, Zscaler just lately launched its Zero Belief SD-WAN, an providing that applies genAI to utility safety, and is increasing AI performance into risk-based enterprise insights and unified vulnerability administration.
9. Netskope: Leveraging AI and genAI
Why they’re right here: Netskope is a frontrunner within the 2023 IDC MarketScape for community edge security-as-a-service (NESaaS) and ZTNA, and is cited as a frontrunner within the 2024 Forrester Wave for safety service edge (SSE) platforms. IDC analyst Chris Rodrigues says, “Our thorough evaluation of Netskope’s technique and capabilities led us to acknowledge the corporate as a Chief in each the NESaaS and ZTNA. Netskope leverages its intensive cloud structure to supply a ubiquitous, performant, edge-delivered zero belief entry mannequin throughout all customers and units. Netskope’s deep degree of experience in CASB inline and API safety is a key differentiator for organizations which are involved concerning the dangers represented by managed and unmanaged SaaS purposes.”
Energy strikes: Purchased digital expertise monitoring startup Kadiska.
By the numbers: $500M: On June 3, Netskope introduced that it had reached $500M in annual recurring income.
Outlook: Netskope lays declare to being the trade’s first SSE vendor to leverage generative AI for SaaS safety, the primary genAI-powered CASB, essentially the most superior DLP, all working on the Netskope One platform. The corporate is poised to reap the benefits of development within the SSE and SASE markets. Says Sanjay Beri, co-founder and CEO, “Netskope was based on the concept the whole enterprise technique for safeguarding important information from threats will depend on how properly safety and networking adapt to a cloud-first, AI-ready world. As cloud and SaaS app adoption soared, companies started altering their unreliable legacy expertise stacks to cut back dangers, decrease prices, and implement fashionable structure. We accurately anticipated {that a} converged, optimized platform method could be wanted to perform this, a possibility now often called SASE.”
10. Wiz: Startup with a whizbang cloud safety platform
Why they’re right here: Wiz addresses a key ache level for CISOs: With the whole lot shifting to the cloud, how do I preserve observe of it and safe it? The Wiz cloud safety platform provides prevention, detection, and response for information, workloads, utility growth environments, containers, Kubernetes, and so forth, throughout multicloud environments. The Wiz providing has created fairly a buzz: The corporate raised $1B in 2024 alone, at a valuation of $12B.
Energy strikes: Purchased startup Gem Safety, which focuses on real-time cloud detection and response.
By the numbers: $350M: Based in 2020, privately held Wiz reported that it achieved $350M in annual recurring income in 2023.
Outlook: Wiz is scorching. No query about it. The corporate has burst on the scene with a daring technique of promoting to the most important enterprises. The query is whether or not the corporate can proceed its torrid development fee. Assaf Rappaport, co-founder and CEO, isn’t missing in confidence. He says, “Consolidation is the way forward for the safety trade. With cloud infrastructure rising at an accelerated tempo, to not point out the broad adoption of AI purposes, the world’s largest organizations require consolidated, cloud-native safety platforms to successfully deal with a large and ever-changing vary of safety wants. We’re creating a robust real-time answer for SOC and Cyber Protection groups to fight rising threats and constructing the world’s main cloud safety platform.”
