The 20 Coolest Identity Access Management And Data Protection Companies Of 2023: The Security 100

From vendors offering robust identity security capabilities to those focused on securing the data itself, here’s a look at 20 identity management and data protection companies to watch.

Coolest Identity Management And Data Protection Companies

With so many workers now outside the corporate firewall, hackers have increasingly been targeting identity credentials as the means to access a company‘s sensitive data. Misuse of identity credentials is by far the largest source of breaches, according to data from Verizon. That has prompted a number of industry analysts to declare that its the erosion of the firewall-based corporate perimeter, the new perimeter is really identity.

[Related: Microsoft’s 5 Latest Updates On Data Security]

As a result, tools for identity and access management (IAM) have been in high demand, and vendors that can help control access to an organization’s applications and other resources have been generating strong growth. In Gartner’s 2022 Magic Quadrant for Access Management, which was released in November, the Leaders quadrant consists of CyberArk, ForgeRock, Microsoft, Okta and Ping Identity. Research firm MarketsandMarkets forecasts that the IAM market will surge to $25.6 billion by 2027, up from $13.4 billion in 2022.

Another key element to consider when securing against modern cyberattacks is perhaps a no-brainer: Data protection. While solutions such as data loss prevention (DLP) have existed for years, the technologies are considered increasingly critical as a way to stop both external attempts at data theft and insider threats. In fact, many businesses are now being prompted to deploy DLP to get a better rate on their cyber insurance, said Doug Wilfred, corporate security practice lead at SHI, No. 13 on CRN’s 2022 Solution Provider Provider 500. And ransomware also persists as a serious threat to data, he said, given that attackers will typically try to copy data before deploying ransomware and encrypting the victim’s systems. Ultimately, the issue of “how do I keep my data from leaving” is among the biggest questions that customers are asking today, Wilfred said.

What follows are the 20 identity management and data protection companies that made our Security 100 for 2023.


Patrick Pulvermueller


Acronis recently introduced its Advanced Data Loss Prevention pack for the Acronis Cyber Protect Cloud platform. Notably, the offering aims to help MSPs protect their cus­tomers from the threat of data leakage.


Janine Seebeck

Board Member, CEO

Privileged access management specialist BeyondTrust brings together privileged password management, endpoint privilege man­agement and secure remote access into a unified platform offering centralized management as well as reporting and analytics.


Dimitri Sirota

Co-Founder, CEO

BigID has enhanced its privacy and data protec­tion platform with new features designed to reduce vulnerabilities that could pose a security threat. The company said it is offering an “industry first” with the launch of automatic remediation around management of access and permissions on overexposed data and over-privileged users.

Broadcom Software

Hock Tan

President, CEO

Broadcom offers identity and access management capabilities via its acquisition of Syman­tec, including verification of user and device access requests and enforcement of least privileged access. It also provides automa­tion for user provisioning and access governance as well as privileged access management.


Joe Payne

President, CEO

Code42’s security product port­folio includes the Incydr data protection offering, which enables security teams to detect, investi­gate and respond to insider threats. Features include identification of data expo­sure, prioritization of risks and forensic search capa­bilities.


Udi Mokady

Founder, Chairman, CEO

Within the portfolio of privileged access and identity secu­rity company CyberArk, notable products include its Identity Secure Web Sessions offering. The product records, audits and protects end-user activity within designated web applications, provid­ing efficient identification of anomalous activity and enabling investigation.

Dell Security

Michael Dell

Founder, Chairman, CEO

Dell recently launched Dell Pow­erProtect Cyber Recovery for Microsoft Azure, which allows organizations to deploy an isolated cyber vault in Azure to protect against ransomware attacks, as well as Dell Apex Cyber Recovery Services, which aim to simplify recovery from cyberattacks.


Fran Rosch


The ForgeRock Identity Platform pro­vides identity and access management security capabilities in on-premises and multi-cloud environ­ments, as well as in hybrid scenarios for workers, customers, workflows and devices. The plat­form aims to deliver zero trust security and protect against account takeover and fraud.


Kate Bolseth


Fortra, which changed its name from HelpSystems in Novem­ber, has a number of data protection offerings that leverage technology from several of the company’s acquisitions, including that of Digital Guardian. Offerings include data classification, data loss prevention and digital rights management.


Matthew Carroll

Founder, CEO

With a focus on enabling data security and privacy, Immuta offers capabilities includ­ing centralized data access control, cloud data discovery and clas­sification, and consistent data privacy controls. The offerings aim to provide greater automation of controls for data access and privacy within cloud-based data platforms.


Satya Nadella

Chairman, CEO

Microsoft ‘s focus within the realm of identity management is on its Entra product family, which launched last year and includes its widely used Azure Active Directory identity service as well as cloud infrastructure entitlement management and decentralized iden­tity offerings.


Todd McKinnon

Co-Founder, CEO

Okta has been work­ing to build out its port­folio beyond its flagship identity and access management lineup, including with the recent introduction of Okta Identity Governance and the forthcoming launch of Okta Privileged Access. The company is integrating them as a unified offering, the Okta Workforce Identity Cloud.


Kabir Barday

Founder, CEO

OneTrust’s cloud-based platform unites a number of products in the realm of data security and pri­vacy. Those include data governance capabilities such as data discovery and cataloging as well as privacy management, governance and policy management, third-party risk management and compliance management.

Ping Identity

Andre Durand

Founder, CEO

With its PingOne for Workforce offering, Ping Identity pro­vides an authentication hub that is centrally man­aged and can serve as the basis for a zero trust strategy. Key capabilities include no-code identity orchestration, single sign-on for all apps, adaptive multifactor authentication and centralized access security.


Rohit Ghai


RSA last year pivoted to focus its busi­ness entirely on identity security, which it’s doing across its flagship SecurID identity and access man­agement platform along with the recently intro­duced ID Plus, which delivers identity and access management as a SaaS offering with an option for cloud, on-prem­ises or hybrid versions.

SailPoint Technologies

Mark McClain

Founder, CEO

SailPoint has been branching out beyond its roots in identity governance and administration to add cloud access management, password management, access risk management and more. New capabilities have included AI-driven automated discovery and remediation for anomalous identities and high-risk user access permissions.


Sachin Nayyar

Founder, Chairman, CEO

Offering what it calls a “converged identity platform,” Saviynt is focused on governance of employee access to business resources—ultimately aiming to improve the control that a partner or customer has over iden­tity access across both cloud and on-premises environments.


Mickey Bresman

Co-Founder, CEO

Semperis provides products that seek to prevent malicious access to Microsoft Active Direc­tory and Azure Active Directory. Key features include the ability to spot changes to AD and Azure AD that would bypass security logs and then automatically remediate any changes deemed malicious.

Skyhigh Security

Gee Rittenhouse


SkyHigh Security, formerly the McAfee Enterprise security service edge business, offers a data-driven approach to cloud data loss prevention as well as secure web gate­way, zero trust network access, cloud access security broker, remote browser isolation and more.


Yaki Faitelson

Co-Founder, Chairman, President, CEO

Varonis launched a SaaS ver­sion of the company’s data security platform, with the aim of enabling simplified deployment, faster updates to threat models and policies, more proactive detection and response to threats and “autonomous” reduction of cyber risk.