2019 Security 100: 20 Coolest SIEM, Risk And Threat Intelligence Vendors

Thwarting Threats

A rise in interconnectivity due to the Internet of Things and Bring Your Own Device trends coupled with an increasing number of targeted attacks and ubiquitous Advanced Persistent Threats (APTs) is driving significant growth in the threat intelligence market.

Cloud-based threat intelligence offerings are gaining traction in the SMB segment since they're cost effective and don't require purchasing, installing, or maintaining hardware or software. Growth has been most pronounced in the banking, financial services, and insurance vertical, where increased instances of spyware, Trojans, viruses, ransomware, and other malware are driving greater adoption.

Here's a look at 20 SIEM, risk and threat intelligence vendors that made this year's annual CRN Security 100 list.

AlienVault, an AT&T Company

Barmak Meftah, President, AT&T Cybersecurity Solutions and CEO, AlienVault

San Mateo, Calif.

AT&T doubled down on cybersecurity in July with its purchase of AlienVault to help expand the reach of enterprise-grade security offerings to smaller businesses. A month later, AT&T debuted a stand-alone cybersecurity business unit tasked with making AlienVault’s technology and AT&T’s existing security capabilities available to all businesses.


Hugh Njemanze, CEO

Redwood City, Calif.

Anomali inked a deal with Microsoft to integrate threat intelligence from its ThreatStream platform with the security insight customers can obtain from the new Microsoft Graph security API. The company also launched Anomali Threat Platform, a comprehensive threat detection and response offering that identifies cyberthreats.


Tom Turner, CEO and President

Boston, Mass.

BitSight in June closed a $60 million Series D round led by Warburg Pincus to continue its rapid global expansion and extend its portfolio of security risk management solutions. Three months later, it unveiled BitSight Forecasting so customers can model various security scenarios and project how changes will impact their environment.


Jim Rosenthal, CEO

New York, N.Y.

BlueVoyant teamed up with anti-evasion technology provider Minera Labs to successfully defend against a highly evasive banking Trojan called Emotet. The company also partnered with Fiserv to deliver a managed security platform that addresses the needs of financial institutions from threat detection, response and remediation to regulatory compliance.


Rohyt Belani, CEO and Co-Founder

Leesburg, Va.

Cofense in July introduced its Phishing Specific Orchestration, Automation and Response (SOAR) platform to help organizations identify and disrupt active phishing attacks. Six months later, the company launched its MSSP program to provide SMBs across the globe with essential human-driven phishing defense solutions.


Nir Polak, CEO and Co-Founder

San Mateo, Calif.

Exabeam in August completed a $50 million Series D funding round to expand its presence and strengthen its offerings for systems integrators and larger VARs. Three months later, it rolled out a Smart Timelines feature that automates timeline creation and stitches together normal and abnormal events to help pinpoint anomalous activity.


Paul Hooper, CEO

Santa Clara, Calif.

Gigamon announced the general availability of GigaSecure Cloud for Microsoft Azure, which enables organizations to acquire, optimize and distribute selected traffic to security and monitoring tools. The company also acquired ICEBRG, whose SaaS offering empowers customers to leverage the power of network traffic analytics.

IBM Security

Ginni Rometty, Chairman, President and CEO

Armonk, N.Y.

IBM Security in August unveiled a network of four secure facilities dedicated to testing the security of devices and systems including consumer and industrial IoT technologies, automotive equipment and ATMs. Two months later, the company launched a new cloud-based community platform for cyber security applications.

IronNet Cybersecurity

Keith Alexander, Founder and CEO

Fulton, Md.

IronNet in May debuted its IronDome collective defense system, which helps protect national critical infrastructure with automated, real-time sharing of cyber event data and analysis between all of the participating energy companies. At the same time, the company closed a $78 million Series B round.


Andy Grolnick, President and CEO

Boulder, Colo.

Thoma Bravo disclosed plans to purchase a majority stake in LogRhythm in May to accelerate the company’s operational and product development road map. In October, the company received a patent for the creation of data monitoring methods that enable risk-based classification of data to highlight the severity of potential threats.

LookingGlass Cyber Solutions

Chris Coleman, CEO

Reston, Va.

LookingGlass’ IRD-100 security appliance actively disrupts adversary activities and forces them to overcome a deeper level of visibility and control. The company also acquired Sentinel, Goldman Sachs’ in-house SIEM platform focused on ingestion, extraction and organizational workflow of cyber threat intelligence in the financial services industry.


Mikael Hagstroem, President and CEO

Palo Alto, Calif.

MetricStream partners with the world’s most trusted organizations to build strong supplier risk and performance management programs in line with corporate social responsibility initiatives. The company’s M7 platform and apps for integrated risk management empower enterprises with the risk intelligence and analytics they need to build a culture of risk awareness.


Corey Thomas, President and CEO


Rapid7 in September d e b u t e d InsightConnect, a security orchestration and automation tool that helps security teams reduce manual workloads, create efficiency without sacrificing control, and work more effectively with IT and development teams. A month later, the company bought web application security vendor tCell.


Rohit Ghai, President

Bedford, Mass.

RSA debuted a tool that gives CISOs the ability to prioritize risk mitigation efforts using a quantification-based assessment of the business and financial impact of a breach or vulnerability. RSA also unveiled plans to purchase Fortscale to provide customers with new user entity and behavioral analytics capabilities through its RSA NetWitness SIEM platform.

Skybox Security

Gidi Cohen, CEO and Founder

San Jose, Calif.

Skybox Security in March inked a partnership with Jirasek Security for deployment, consultancy and managed services, including any customization needed for specific security and business processes. The company named Amrit Williams as vice president of products, where he will focus on the evolution of the company’s security management platform.


Doug Merritt, President and CEO

San Francisco, Calif.

Splunk in April closed its acquisition of Phantom, whose SOAR platform helps firms improve their SOC efficiency by automating tasks, orchestrating workflows, improving collaboration and enabling incident response. Six months later, the company debuted enhancements that help companies take a more holistic approach to security operations.

Sumo Logic

Ramin Sayar, President and CEO

Redwood City, Calif.

Sumo Logic rolled out new capabilities that simplify automating, managing and gaining business insight from microservices-based, modern application architectures that use containers and orchestration software. It also launched a cloud SIEM offering to democratize security analytics across traditional IT and new cloud models.


Amit Yoran, Chairman and CEO

Columbia, Md.

Tenable in March unveiled a Tenable.io Lumin, a new application that empowers CISOs to confidently visualize, analyze, measure and communicate their cyber exposure. Four months later, the company indicated that it had raised $288.3 million in an IPO and said channel partners accounted for more than 80 percent of its revenue.


Hitesh Sheth, President and CEO

San Jose, Calif.

Vectra expanded the Cognito platform with Cognito Recall, which enables highly skilled security analysts to conduct conclusive incident investigations and perform AI-assisted threat hunting. The company also said its Cognito platform will detect hidden cyber attackers in native Microsoft Azure cloud environments with virtual sensors that run in Azure.


Jeff Hudson, CEO

Salt Lake City, Utah

Venafi in June debuted an offering that safeguards the machine identities used on endpoints and delivers continuous visibility and comprehensive machine identity intelligence across all mobile devices. It closed a $100 million funding round as well, aimed at accelerating the integration of machine identity protection into a wide range of machines in the enterprise.