The 20 Coolest Risk, Threat Intelligence And Security Operations Companies Of 2023: The Security 100

From vendors that provide cloud-native SIEM to those offering threat intelligence to stay ahead of the hackers, here’s a look at 20 top security operations, risk and threat intelligence companies.

A number of vendors now have products better equipped to meet the needs of any security teams struggling with traditional security information and event management (SIEM) tools. From vendors that provide cloud-native SIEM to those offering threat intelligence to stay ahead of the hackers, we’ve assembled 20 of the companies in the space that are making big moves with the help of partners.

[Related: 10 Hot Cybersecurity Companies You Should Watch In 2023]

When it comes to SIEM, Gartner’s 2022 Magic Quadrant includes Exabeam, IBM, Microsoft, Securonix and Splunk in the Leaders quadrant. Other companies landing on the latest Magic Quadrant for SIEM, which was released in October, include Devo, Fortinet, LogRhythm and Rapid7 in the Challengers quadrant, as well as Elastic, Gurucul, Micro Focus and Sumo Logic in the Visionaries quadrant.

Other vendors in the security operations space include Arctic Wolf, which last month unveiled a new offering that will allow partners to more easily supply their customers with rapid cyber incident response services. The Arctic Wolf Incident Response JumpStart Retainer features benefits such as a guarantee that cyber incidents will receive a response within one hour, backed by a service-level agreement. This response time guarantee is enabled in part by the fact that the rates for the service have already been prenegotiated with insurance companies, which expedites a part of the process that can often be drawn out, according to Jay Pasteris, CIO and CISO at Kittery, Maine-based GreenPages, No. 169 on the 2022 CRN Solution Provider 500.

In the area of threat intelligence, Google Cloud has become a leading provider through its acquisition of Mandiant last year, while Recorded Future, which recently disclosed surpassing $250 million in annual recurring revenue, is among the other major players. And in terms of risk management, major providers include BitSight, BlueVoyant and KnowBe4.

What follows are the 20 security operations, risk and threat intelligence companies that made our Security 100 for 2023.

Arctic Wolf

Nick Schneider

President, CEO

Arctic Wolf’s security operations platform has essen­tial capabilities such as 24/7 monitoring and threat detection, as well as response and recov­ery in the event of an attack. In addition to this managed detection and response offering, Arctic Wolf provides digital risk management and man­aged security awareness.


Dean Sysman

Co-Founder, CEO

With a wide range of offerings for cyber asset attack surface management and SaaS management, Axonius integrates with hundreds of data sources with the aim of providing a comprehensive asset inventory, uncovering gaps and automatically validating and enforcing policies.


Steve Harvey


Recent updates to Bitsight’s third-party risk man­agement platform have included the introduction of additional insight for uncovering and prioritiz­ing vulnerabilities and exposures among third-party vendors. BitSight also said that its fourth-party risk management product now provides increased supply chain risk visibility.


Jim Rosenthal

Co-Founder, CEO

BlueVoyant provides cyber-risk management across internal security with its managed detection and response offering and across external vendors. For external cyber-risk management, BlueVoy­ant has a unique supply chain defense product that aims to ensure issues are remedied by third-party vendors on behalf of BlueVoyant customers.

Cado Security

James Campbell

Co-Founder, CEO

With a focus on cyber investigation and automation, Cado Secu­rity delivers a digital forensics offering that is cloud-native, mak­ing it uniquely designed for cloud environments. Last summer, the startup unveiled cross-cloud support to help stream­line cloud investigations.

Devo Technology

Marc van Zadelhoff


As security is being rec­ognized as a data analyt­ics problem, Devo offers a cloud-native alternative to on-premises security information and event management sys­tems that many security teams depend upon. Devo’s technology prom­ises to enable the use of a greater amount of secu­rity data at a substantially reduced cost.


Michael DeCesare

President, CEO

With its New-Scale security information and event management offering, Exabeam brings together “cloud-scale” security log management with behavioral analytics and automation-driven cyber investigations. It is built on top of the cloud-native Exabeam Security Oper­ations Platform.

Google Cloud

Thomas Kurian


With its Chronicles Security Operations platform, Google Cloud brings together security analytics from its earlier Chronicle offering with automated response and remedia­tion for security issues. Google Cloud is further enhancing Chronicle Security Operations with threat intelligence from its acquisition of Mandiant.

IBM Security

Arvind Krishna

Chairman, CEO

Recent moves by IBM Security have included the acquisition of Randori, which brings attack surface management capabilities and offensive cybersecurity services into the IBM port­folio. Security teams can use insight from Randori fed into IBM Security QRa­dar extended detection and response for real-time attack surface visibility.


Stu Sjouwerman

Founder, CEO

A foremost vendor in the area of security awareness training products, KnowBe4’s flagship offering, Kevin Mitnick Security Awareness Train­ing, focuses on enabling organizations to assess their social engineering risks while providing secu­rity awareness training to mitigate these risks.


Vladir Sandler

Co-Founder, CEO

Cloud secu­rity startup Lightspin delivers context-driven security platform for cloud-native and Kubernetes environments. The company recently launched a free tier for its Cloud Native Applica­tion Protection Platform (CNAPP), which aims to quickly prioritize and reme­diate cloud security threats.


Corey Thomas

Chairman, CEO

Rapid7 introduced improved cloud detection and response, used to natively identify serious cloud threats with greater accuracy. The company also recently rolled out enhanced vulnerability assessment, which offers continuous visibility into vulnerabilities and is easier to deploy thanks to it being an agentless technology.

Recorded Future

Christopher Ahlberg

Co-Founder, CEO

As a threat intelligence powerhouse, Record Future’s Intelligence Cloud brings together continuous data collection with compre­hensive graph analysis and analysis from the com­pany’s research team. The platform aims to give “the most complete coverage of intelligence” about mali­cious adversaries.


Nayaki Nayyar


Securonix unveiled a new product it said is the industry’s first to integrate security information and event management, security orchestration, automation and response, and investi­gation capabilities. Dubbed Securonix Investigate, it aims to rapidly acceler­ate threat identification and response by security teams.


Bill McDermott

President, CEO

ServiceNow’s security orchestration, automation and response platform covers a lot of bases, including incident and vulnerability response. Key capabilities include AI-driven “smart“ workflows for faster response times and integrations with tools from Palo Alto Networks, CrowdStrike, Microsoft and Zscaler.


Gary Steele

President, CEO

Security updates in Splunk Enterprise 9.0 include the expansion of Feder­ated Search functionality to enhance and simplify security investigation and the introduction of Splunk Assist, a fully managed cloud service within the platform that can provide insight about a custom­er’s security environment.

Sumo Logic

Ramin Sayar

President, CEO

Sumo Logic recently launched support for Amazon Security Lake, which will enable the company to ingest data from the AWS security data lake and ultimately provide customers with improved detection, investigation and response across their AWS, hybrid and on-premises environments.


Amit Yoran

Chairman, CEO

In October, Tenable unveiled its exposure management platform, Tenable One, which aims to dramatically accelerate the identifica­tion and remediation of security vulnerabilities. The platform brings together vulnerability management with external attack sur­face management, identity management and cloud security data.


Jeff Hudson


Securing the use of machine identities is consid­ered critical in the age of their rapid growth. Venafi recently introduced Venafi Control Plane for Machine Identities, which enables better management and reduced security risk across cloud, on-prem­ises, hybrid and edge environments.


James Foster

Chairman, CEO

ZeroFox leverages AI-powered analytics and a variety of data sources to iden­tify and shut down major cyberthreats that originate externally—outside the typical security perimeter— such as targeted phishing and brand hijacking. The company’s technology works in part by analyzing millions of online posts and messages daily.