The 20 Coolest Endpoint And Managed Security Companies Of 2023: The Security 100
From vendors providing endpoint detection and response tools to companies offering managed detection and response services, here’s a look at key endpoint and managed security companies.
Coolest Endpoint And Managed Security Companies
Amid intensifying cyberthreats, the ability to detect malicious activity across endpoints and other IT environments is now table stakes for most businesses. Endpoint security continues to be one of the fastest-growing segments of the cybersecurity market, with revenue surging 27.1 percent between the end of June 2021 and the end of June 2022, according to IDC figures. The research firm noted that while the attack surface is getting bigger for businesses, the damage that attackers can do by targeting endpoints is accelerating as well.
In the $8.6 billion endpoint security market, the leaders by share of revenue are CrowdStrike, Microsoft, Trellix, Trend Micro, VMware, Sophos and ESET, according to IDC. Just a bit further down the list is SentinelOne — which, while it’s No. 10 on market share, generated the fastest year-over-year revenue growth of any endpoint security vendor in the top 10 with 109.3 percent growth. CrowdStrike held the No. 1 spot with revenue growth of 62.4 percent, compared to the prior 12 months, while Microsoft held onto No. 2 with 59.2 percent growth, IDC reported.
Increasingly, many endpoint detection and response (EDR) providers have broadened their offerings to provide what‘s known as XDR, or extended detection and response. XDR platforms correlate data from across an organization’s environments and devices, prioritize the most serious threats and then offer the ability to carry out a response automatically. XDR, a term coined by Palo Alto Networks founder and CTO Nir Zuk in 2018, is seen as an important development due to the fact that many cyberattacks today take place over a number of different systems within an organization. The platforms aim to tie together the data from each environment in order to give a fuller picture of what‘s happening. Gartner has forecast that 40 percent of organizations will have deployed an XDR platform by 2027, up from 5 percent in 2021.
Likewise, for organizations that are looking to have threat monitoring, detection and response managed on their behalf, the managed detection and response (MDR) side of the market is growing fast as well. Gartner expects 60 percent of organizations to be receiving remote threat disruption and containment services from MDR providers as of 2025, compared to 30 percent currently.
What follows are the 20 endpoint and managed security companies that made our Security 100 for 2023.
Recent product updates from BitDefender include the introduction of GravityZone Integrity Monitoring, aimed at monitoring and correcting unwanted changes to data. Sources of data the offering helps to maintain include files, installed apps, registries, and directories, as well as unwanted escalation of user privileges.
Executive Chairman, CEO
BlackBerry recently unveiled a trust network access tool called CylanceGateway to provide users with a contextual correlation of network and device telemetry with continuous authentication to limit access to trusted, authenticated and known users and devices.
Co-Founder, President, CEO
While continuing to enhance the endpoint detection and response capabilities of its cloud-native unified security platform, Falcon, CrowdStrike has been doubling down on numerous other categories including identity protection and cloud security. Other recent product moves have included the introduction of Falcon LogScale for improved observability.
Cynet offers an end-to-end, natively automated extended detection and response platform backed by a 24/7 managed detection and response service. The Cynet 360 AutoXDR platform brings together detection, prevention, correlation, investigation and response across endpoints, users, networks and SaaS applications.
Deep Instinct says its technology can predict attacks prior to their occurrence, including for previously unseen attacks, thanks to its deep-learning algorithm that seeks to replicate the workings of a human brain. Recent moves included the debut of Deep Instinct Prevention for Applications, an agentless solution for preventing malware attacks.
ESET has made a number of updates recently to its products, including the launch of extended detection and response offerings for MSPs. The offerings aim to provide MSPs with a simplified and centralized platform that’s optimized for their unique needs.
Expel offers a 24/7 managed direction and response service across cloud, SaaS, networks and endpoints. It includes detection, rapid investigation and response, remediation and proactive threat hunting. Recent enhancements include accelerated phishing remediation to minimize the chances of a compromise.
Huntress provides a managed security platform aimed at SMBs and has added features including external port monitoring, a managed antivirus offering and host isolation functionality. The company also recently said it was adding new managed endpoint detection and response capabilities.
Kaspersky in June said that it was opening three new “transparency centers” around the globe where qualified personnel can review the company’s coding, software updates, threat detection rules and other engineering and data processing practices.
Malwarebytes provides antivirus, endpoint and other security products and services and said in September that it is looking to massively expand its MSP partnership program. The moves are meant to increase the number of the company’s global MSP partners to 10,000 within the next few years, up from 2,700 in September.
Vice Chair, CEO, CTO
Information management technology company OpenText offers numerous cybersecurity products within its sizable portfolio. As part of its “security cloud,” OpenText provides extended detection and response, data management, threat intelligence, digital investigations and information assurance.
Founder, Chairman, CEO
With a focus on providing security offerings for critical infrastructure providers, Opswat’s recent moves have included the acquisition of Bayshore Networks to extend critical infrastructure protection capabilities to operational technology and industrial control system environments.
A key player in endpoint detection and response with its AI-powered Singularity platform, SentinelOne’s recent moves have included the acquisition of Attivo Networks to target identity threat detection and response. SentinelOne has also leveraged its Scalyr acquisition to launch capabilities for correlation of security data.
Sophos debuted what it calls the first “agnostic” managed detection and response service that integrates telemetry from CrowdStrike, Microsoft, SentinelOne and others often considered rivals. It also launched Sophos Marketplace, which it described as an “open ecosystem“ of numerous technology integrations.
Tanium has launched a new category that it has dubbed “converged endpoint management,” or ”XEM.” The offering integrates security and risk capabilities along with those of IT and operations, providing a centralized set of controls.
ThreatLocker aims to improve enterprise-level server and endpoint security by blocking exploits of unknown application vulnerabilities through application whitelisting, ringfencing, storage control, privileged access management and network access control offerings.
Formed through the merger of McAfee Enterprise and FireEye, Trellix has brought a focus on securing customers with its extended detection and response platform. The platform supports ingestion and correlation of data from hundreds of third-party tools in addition to the company’s own native security tools.
Trend Micro recently unveiled Trend Micro One, a unified cybersecurity platform aimed at making it easier for partners and customers to view and assess their attack surfaces and risk postures. The platform can pull data from third-party products to enhance customers’ view of potential threats.
In addition to its Carbon Black endpoint security offering, VMware provides products for modernizing Security Operations Centers, multi-cloud workload security and application security. The company recently launched VMware Contexa, which is a cloud-delivered threat intelligence offering.
Mobile security specialist Zimperium’s zIPS mobile endpoint security offering aims to detect threats across device, network, phishing and application attacks. The offering works across both Apple iOS and Android devices.