2018 Security 100: 20 Coolest Identity Management And Data Protection Vendors

Avoiding Data Disasters

The proliferation of data, increased regulatory pressures, and rising concerns around critical data loss in on-premises environments have driven increased interest in data protection offerings.

Identity and access management is expected to dominate the data protection market over the next half-decade due to its centralized nature and cost-effectiveness, according to research firm MarketsandMarkets. Identity and access management consists of provisioning, advanced authentication, directory technologies, password management, audit, and single sign-on capabilities.

The global data protection market is expected to hit $119.95 billion in 2022, MarketsandMarkets projects, with North America leading the way due to data security and privacy concerns, the need for regulatory compliance, and the presence of managed security service providers (MSSPs).

This year's CRN Security 100 list includes 20 identity and access management and data protection vendors giving organizations peace of mind that their most important data and applications are safe.


Kevin Hickey, President, CEO

Headquarters: Phoenix

BeyondTrust revealed in August that its privileged access management platform is available on Google Cloud, allowing for more cloud-based deployment options and flexibility. Six months later, the company debuted a privileged management offering for network, IoT, industrial control systems and SCADA devices, enabling companies to manage heterogeneous infrastructures while delivering optimal performance and not limiting activity.

CA Technologies

Mike Gregoire, CEO

Headquarters: New York

CA Technologies offers identity and access management tools that put customers and partners on the security offensive, engaging with seamless access across on-premises, cloud and hybrid environments. The company's Identity Suite lets business users select roles and entitlements, view current access privileges, and check the status of previous requests though an intuitive shopping cart.


Tom Kemp, Co-Founder, CEO

Headquarters: Santa Clara, Calif.

Centrify in June unveiled enhancements that enable Mac administrators to implement best practices for controlling privileged access while simultaneously simplifying management of Mac endpoints. That same month, the company said it was nearing FedRAMP compliance for its identity and access management offering, enabling federal agencies to reduce risks while fulfilling security and compliance requirements.


Udi Mokady, Founder, Chairman, CEO

Headquarters: Newton, Mass.

CyberArk in May purchased DevOps security software vendor Conjur for $42 million to extend the company's reach deeper into the DevOps life cycle to protect secrets and manage machine identities. Four months later, the company teamed up with ForeScout to enable users to gain visibility into all privileged accounts on the network and apply security controls and analytics to those accounts.

Digital Guardian

Ken Levine, President, CEO

Headquarters: Waltham, Mass.

Digital Guardian unveiled a new subscription offering that provides a single agent and management console for DLP, user monitoring, big data analytics and reporting, and threat detection and response. The company also launched a new global channel program that takes the best elements of its regional partner programs and includes market development funds and a new partner portal.


Jaspreet Singh, Founder, CEO

Headquarters: Sunnyvale, Calif.

Druva in August unveiled a platform that provides a unified control plane for data management services across endpoint, server and cloud application data, reducing data risks and the cost of data protection. That same month, the company raised $80 million of growth equity funding in a round led by Riverwood Capital, with the proceeds to be used to accelerate R&D and expand go-to-market efforts worldwide.

Duo Security

Dug Song, Co-Founder, CEO

Headquarters: Ann Arbor, Mich.

Duo Security launched a program to give MSPs the tools to better protect their customers from data breaches in a rapidly changing world of cloud applications and mobile devices. The company also revealed it had raised $70 million in Series D funding and earned a valuation of $1.17 billion, with the money to be used to expand global operations and fund more innovation in the trusted access space.


Matthew Moynahan, CEO

Headquarters: Austin, Texas

Forcepoint in August acquired security analytics company RedOwl, which offers a user and entity behavior analytics technology that analyzes large amounts of data and human behaviors to pinpoint anomalies and threats. One month later, the company landed former Citrix and RES Software channel executive Tom Flink to lead its channel sales. Flink praised Forcepoint's human-centric approach to security.


John Fernandez, Interim CEO, CFO, EVP Global Operations

Headquarters: San Francisco, Calif.

ForgeRock unveiled a complete end-to-end security offering for IoT deployments that bridges the gap between chip and web security and provides a trusted device identity proofing and registration process. The company also landed $88 million of Series D funding in a round led by Accel Partners, which is being put toward sales and product development in IoT security and identity markets.


Christopher Hylen, President, CEO

Headquarters: Redwood Shores, Calif.

Imperva unveiled CounterBreach 2.0 with an algorithm that places individuals and their cross-functional peers into "virtual" working groups based on interactions with enterprise files to identify unusual user access patterns. The company also named former Citrix leader Christopher Hylen as president and CEO, who said he decided to join the company because of the increasing need for data and application security.


Gus Malezis, President, CEO

Headquarters: Lexington, Mass.

Imprivata named former Lionbridge Technologies leader Mark Nesline as senior vice president of engineering and tasked him with driving all engineering, software and server development activities. The company also acquired the identity and access management business of Caradigm to improve provider productivity while reducing security risks and operational IT costs for hospitals and Integrated Delivery Networks.

Ionic Security

Adam Ghetti, Founder, CEO

Headquarters: Atlanta

The company in 2017 introduced Ionic Protect for Cloud Storage with support for Google Customer-Supplied Encryption Keys for Google Cloud Storage. This allows customers to provide a third-party encryption key to protect their data at rest in Google Cloud Storage. The offering allows organizations to easily manage these keys in a scalable way and in a consistent method across their enterprise.


Jim Kaskade, CEO

Headquarters: Portland, Ore.

Janrain in June unveiled an offering that allows global brands to provide their customers with fine-grained control and management of their data to comply with the European Union General Data Protection Regulation requirements. Two months later, the company landed former PAS leader Alan Elliot as vice president of worldwide sales and alliances and tasked him with leading the company's global expansion.

Micro Focus

Chris Hsu, CEO

Headquarters: Berkshire, England

Following the close of its $8.8 billion spin-merger of HPE Software, Micro Focus accelerated innovation around its newly acquired security technologies to provide better protection for data, applications and the cloud. The company also launched an archiving migration program to help companies avoid business disruption, minimize data exposure, and address complex regulatory requirements such as GDPR.


Todd McKinnon, Co-Founder, CEO

Headquarters: San Francisco

Okta hit the public market in April, looking to raise $187 million at a $1.5 billion valuation to drive customer growth, customer relationships, global expansion, more integrations, product development and possible acquisitions. Ten months later, the company snagged former Gigya global channel chief Patrick McCue to help gain a foothold with digital agencies and drive partnerships between systems integrators and ISVs.

Ping Identity

Andre Durand, CEO

Headquarters: Denver

Ping in June unveiled two enhancements to its multifactor authentication offering that facilitate fast and easy adoption across customers and workforces without sacrificing security. Five months later, the company rolled out more flexible deployment options and higher resiliency and scalability around the Ping Identity Platform to help global enterprises migrate to modern identity and access management.


Mark McClain, Co-Founder, CEO

Headquarters: Austin, Texas

SailPoint in June debuted an identity analytics offering that gives companies visibility into risks associated with user access, detects anomalous behavior that may indicate a breach, and focuses their governance controls. The company went public in November, bringing in more than $240 million on a market capitalization of $1.18 billion, with private equity firm Thoma Bravo maintaining a controlling stake.


Greg Wolfond, CEO

Headquarters: Toronto, Ontario

SecureKey teamed up with IBM to create a digital identity and attribute sharing network that enables customers to instantly verify their identity for services such as new bank accounts, driver’s licenses or utilities. The company also unveiled a collaboration with Intel to enable consumers to access its blockchain-based digital identity and attribute sharing technology using traditional web browsers.

Security First

Jim Varner, President, CEO

Headquarters: Rancho Santa Margarita, Calif.

SecurityFirst in September launched a data-centric security software offering that enables advanced encryption at scale, protecting data from the source of creation all the way through storage regardless of where it resides. Two months later, the company rolled out a partner program that provides support for sales enablement, marketing, and aggressive channel pricing discounts to a cross-section of partners.

Thales Group

Patrice Caine, Chairman, CEO

Headquarters: La Defense, France

Thales in December agreed to acquire digital security vendor Gemalto in a deal that will create the world's second-largest cybersecurity player well-positioned to address IoT, cloud and mobile security challenges. One month later, Thales formed a joint venture with Vector to co-develop an integrated software platform for improved performance and cybersecurity around connected vehicles.