2017 Security 100: 20 Coolest Web, Email And Application Security Vendors

Web, Email And Application Security

Email and the web continue to remain one of hackers' most popular points of entry into an environment. As a result, security vendors are unveiling new offerings to pinpoint threats and prevent user error that can lead to an attack. Companies also are ramping up their efforts around application security, protecting their critical applications in the event of an attack and looking to close vulnerabilities from the start of the development process. As companies look to protect their environments from all angles, take a look at 20 companies looking to change the game around web, email and application security.


Paul Stich, CEO

Headquarters: San Francisco

The rise of mobile devices has created new threats to the enterprise, and Appthority is looking to address that with a unified set of offerings – including security management, on-device protection, and enterprise mobile management and SIEM integrations -- to protect devices, apps and data.

Barracuda Networks

BJ Jenkins, CEO

Headquarters: Campbell, Calif.

With a heritage in the email and web security appliances markets, Barracuda Networks has repositioned itself to offer a full security stack, with an emphasis on content security, network and application delivery, and data storage protection and disaster recovery markets.


Casey Ellis, CEO

Headquarters: San Francisco

Bugcrowd is all about crowdsourcing security, bringing together more than 18,000 security researchers across the world to help companies test their applications for vulnerabilities, with options for penetration testing, automated security scanning and a self-run program. The company raised $15 million in funding in April 2016.

Contrast Security

Alan Naumann, CEO

Headquarters: Los Altos, Calif.

As companies roll out new applications, Contrast Security is looking to make them "self-protecting." Inserted into application code, the company's sensors detect and correct vulnerabilities before and after deployment. The company was a finalist in this year's RSA Innovation Sandbox event and landed $16 million in funding last fall.


Barry Field, CEO

Headquarters: Waltham, Mass.

Cryptzone offers a portfolio of network security products, including a software-defined perimeter offering for network access control called AppGate, a data loss prevention product for SharePoint called Security Sheriff, and a web compliance tool called Compliance Sheriff.


Ernesto DiGiambattista, CEO

Headquarters: Boston

Cybric looks to bring a new approach to securing critical applications and data, with a platform that integrates directly into the application delivery process to continuously scan for vulnerabilities using replicas of the application environment, container technology, analytics and security automation.

F5 Networks

John McAdam, CEO

Headquarters: Seattle

Best known for its application delivery and load balancing solutions, F5 Networks is now investing big in the application security market, with offerings for DDoS protection, SSL/TLS visibility, identity federation and remote access, and web application firewall.


CEO: Guy Guzner

Headquarters: New York

Fireglass launched from stealth in February 2016, with a 100-percent channel model and a solution designed to isolate Web activity from the network. Instead of relying on signatures to separate good traffic and Web activity from bad, the company's platform acts as an "air gap" between potential attacks and the endpoint and Web applications.


Kevin O'Brien, CEO

Headquarters: Belmont, Mass.

With the vast majority of breaches stemming from a targeted email attack, GreatHorn is looking to leverage cloud-native software – powered by machine learning – to implement policy-driven detection and automated threat response to protect against inbound email threats. The company also has offerings for in-house communication systems.


Bethany Mayer, CEO

Headquarters: Calabasas, Calif.

Ixia allows companies to test applications and network hardware, gain visibility into networks and secure applications and networks. The company's portfolio of security offerings helps a company validate its security posture, block malicious IPs and gain visibility into threats against applications and the network.

Menlo Security

Amir Ben-Efraim, CEO

Headquarters: Menlo Park, Calif.

Launched in 2015, Menlo Security's Isolation Platform isolates all web and email content in the cloud before it reaches the endpoint. From there, end users can view a mirror presentation of the information, without having to touch it or categorize it as good or bad.


Peter Bauer, CEO

Headquarters: Watertown, Mass.

As companies move their email to the cloud, Mimecast is looking to help them make that move securely with a portfolio of single-subscription offerings for email security, service continuity and archiving. The offerings work across Office 365, Microsoft Exchange and G Suite.


Mariano Nunez, CEO

Headquarters: Boston

Onapsis protects SAP and Oracle enterprise applications, with a set of offerings for preventative vulnerability and compliance controls, continuous monitoring, detection and incident response. Its offerings integrate with SIEM, governance/risk/compliance, cloud providers, and network security products. The company raised $17 million in funding in 2015.


Co-CEOs: Mark Hurd, Safra Catz

Headquarters: Redwood City, Calif.

Oracle's security portfolio is all about getting companies to move to the cloud securely, with offerings for identity and access management, cloud access security brokerage, API platform, security monitoring and analytics, configuration and compliance, and database security.


Gary Steele, CEO

Headquarters: Sunnyvale, Calif.

Proofpoint is one the largest email security vendors, with offerings for email protection and advanced threat protection for targeted email attacks. The $375.5 million company also offers complementary offerings for social media protection, information protection, and information archive and compliance.


Philippe Courtot, CEO

Headquarters: Redwood City, Calif.

Qualys offers a full portfolio of cloud-based security offerings for the web and network. Using sensors throughout the network and the Qualys Cloud Platform, the company can provide capabilities for asset discovery, network security, threat protection, compliance monitoring and web application security.


Jeff Kukowski, CEO

Headquarters: Irvine, Calif.

SecureAuth is looking to fill the gap around identity security that can leave the door open to credential theft, with a multilayered authentication offering that includes pre-authentication risk assessments, multifactor authentication and continuous evaluation. The company also has a single-sign on offering.

Skyport Systems

Art Gilliland, CEO

Headquarters: Mountain View, Calif.

Skyport Systems looks to help companies simplify their security posture, while also protecting their most critical business applications. It does this with a secure hyper-converged infrastructure platform that allows companies to securely deploy their important applications, remediate vulnerable applications and manage applications remotely.


Timothy Eades, CEO

Headquarters: Mountain View, Calif.

vArmour operates on the premise that perimeter protections are dead, offering a distributed security system for virtualized and cloud environments. Its platform allows for micro-segmentation and consolidation by placing sensors and enforcement points close to assets and connecting them back to the same intelligence fabric.


Brian Maccaba, CEO

Headquarters: Dublin, Ireland

Founded in 2009 and winner of the 2016 RSA Innovation Sandbox contest, Waratek provides large enterprises and institutions with run-time application protection for both new and legacy apps using secure container technology in on-premise or cloud environments.