2018 Security 100: 20 Coolest SIEM And Threat Detection Vendors

Taking In The Threat Landscape

Growing compliance and regulatory mandates as well as the rising level of sophistication associated with cybercrimes have driven tremendous growth in the Security Information and Event Management (SIEM) market.

The challenge of countering the rising number of data breaches and compliance violations in businesses is enormous, with vendors in the SIEM market needing to constantly innovate and remodel their existing architectures to develop better and more secure systems.

The global SIEM market is expected to hit $4.54 billion in 2019, with North America leading the pack in terms of market size. Europe and Asia-Pacific, meanwhile, have experienced increased market traction.

Here's a look at 20 SIEM, security analytics, and threat detection companies that made this year's annual CRN Security 100 list.


Barmak Meftah, President, CEO

Headquarters: San Mateo, Calif.

AlienVault expanded its crowdsourced threat intelligence offering, adding new pages to compile information on specific threat actors and groups, and new groups to connect security researchers and practitioners. The company also tied its unified security monitoring platform to ConnectWise Manage, enabling partners to add threat detection, incident response and compliance management services.


Hugh Njemanze, CEO

Headquarters: Redwood City, Calif.

Anomali in January closed a $40 million round of Series D funding led by Lumia Capital, and plans to use the proceeds to further accelerate global customer growth and drive continued product innovation. One month later, the company landed former Securonix executive Darren Gaeta as its global channel chief, who plans to pursue channel partners in the financial services, health care, legal, and oil and gas sectors.

BitSight Technologies

Tom Turner, President, CEO

Headquarters: Cambridge, Mass.

BitSight in April unveiled Sovereign Security Ratings, which enables national intelligence and law enforcement organizations to align security initiatives, identify risks and vulnerabilities, and drive improvements around critical infrastructure. Six months later, the company rolled out BitSight Executive Reports, which enables boards and executives to measure their organization’s third-party cyber risk.


Jim Rosenthal, CEO

Headquarters: New York

The company was formed in August following the merger of BitVoyant, K2G and K2 Cyber Defense, and received $125 million in financing from institutional and individual investors. Four months later, the company said it was changing its name to BlueVoyant and would provide advanced cybe threat intelligence for large companies and managed security services for smaller businesses.


Rohyt Belani, Co-Founder, CEO

Headquarters: Leesburg, Va.

The company changed its name in February from PhishMe to Cofense as part of its acquisition by a private equity consortium that valued the organization at $400 million. The company in 2017 launched the industry's first free simulation tool geared toward the SMB market, opened offices in Australia, Singapore, Dubai and Saudi Arabia, and established partnerships with 14 other security providers.


Nir Polak, Co-Founder, CEO

Headquarters: San Mateo, Calif.

The company in January unveiled Exabeam Data Lake, which allows organizations to easily store and access critical log data in the enterprise. That same month, Exabeam hired former Carbon Black global channel chief Ken Hammond, who plans to create a professional services program where top partners can offer their own branded services for configuration and install alongside Exabeam's products.


Paul Hooper, CEO

Headquarters: Santa Clara, Calif.

Gigamon agreed in October to be acquired by Elliott Management for $1.6 billion, which plans to build on the company's leadership and extend its global relationships with customers and partners. Two months later, the company unveiled a visibility tool that allows businesses to decrypt and re-encrypt their data once and inspect it with multiple best-of-breed security tools to better expose hidden threats.

IBM Security

Ginni Rometty, Chairman, President, CEO

Headquarters: Armonk, N.Y.

IBM Security delivers an integrated system of analytics, defenses and proven experts so that companies can decide how to safeguard their business. The core of IBM's security platform is powered by security orchestration and analytics, which includes incident response and threat hunting and investigation. IBM also offers hands-on labs, certifications and technical deep dives to boost cybersecurity education.


Jesper Anderson, President, CEO

Headquarters: Santa Clara, Calif.

Infoblox in September revamped its channel program to reward partners for their investment in accreditation and enhanced its deal registration tool so that partners can receive a pay-for-performance reward. Four months later, the company hired Brad Bell as its CIO, who will move internal and external functions and applications to the cloud to accelerate Infoblox's ability to bring new offerings to market.


Andy Grolnick, Chairman, President, CEO

Headquarters: Boulder, Colo.

LogRhythm introduced CloudAI, which uses artificial intelligence to detect advanced threats that employ unknown attacks and unknown methods. The company also unveiled LogRhythm UEBA, an independent analytics product that enhances the security of environments for customers that wish to augment a non-LogRhythm SIEM. LogRhythm also introduced an offering for achieving and validating GDPR compliance.

LookingGlass Cyber Solutions

Chris Coleman, CEO

Headquarters: Reston, Va.

LookingGlass in April released its corporate and supplier Cyber Attack surface analysis offering, which allows companies to examine their third party vendors’ security postures with expert intelligence analysts providing feedback across six critical areas of cyber risk. Four months later, the company raised $26.3 million in a round led by Eastward Capital to help drive foreign sales and portfolio expansion.


Mikael Hagstroem, President, CEO

Headquarters: Palo Alto, Calif.

MetricStream in April unveiled the release of the M7 platform that helps customers protect their brand and drive business performance through governance, risk and compliance technology delivered via the cloud. Later in the year, the company completed a $65 million financing round led by Clearlake Capital intended to enhance its customer support and success and expand into Asia through Singapore.

Prevalent Networks

Jonathan Dambrot, Co-Founder, CEO

Headquarters: Warren, N.J.

Prevalent in June unveiled the acquisition of Datum Security to help its customers reduce the risk exposure resulting from small to midsize vendors. Seven months later, the company tapped Sun Microsystems and Red Hat veteran Karen Tegan Padir to be the company’s chief product officer, where she will drive further product growth and help enterprise clients meet regulatory requirements.


Ray Rothrock, Chairman, CEO

Headquarters: Sunnyvale, Calif.

RedSeal snagged former ForeScout CEO Gord Boyce as senior vice president of a newly formed business unit focused on driving adoption of the company's digital resilience platform in the commercial market. The company boosted its software-defined networks and public cloud capabilities with the addition of Microsoft Azure ARM modeling and support for RedSeal’s virtual appliance to run on Microsoft Hypervisor, Hyper-V.


Elias Manousos, Founder, CEO

Headquarters: San Francisco

RiskIQ enhanced its channel program by boosting margins, adding a partner portal featuring simplified deal registration, and allowing partners to distribute a free version of the company's Software-as-a-Service to customers. The company also updated its Digital Footprint product to improve digital defenses and help organizations better understand their exposure to digital risk from outside the safety of their firewall.

RSA Security

Rohit Ghai, President

Headquarters: Bedford, Mass.

RSA in October unveiled products that help speed breach response and deliver identity and data access assurance to help organizations become compliant with the European Union’s GDPR guidelines. Four months later, the company rolled out updates to its channel program that reward incremental growth with existing clients, incumbency renewal, and partners with strong marketing proposals.


Aleksandr Yampolskiy, Co-Founder, CEO

Headquarters: New York

SecurityScorecard unveiled the Risk Ratings Alliance to help create more tightly integrated security products by working closely with ISVs, advisory firms, and governance and risk management providers. The company also raised $27.5 million in Series C funding in a round led by Nokia Growth Partners to bring new products to market and expand on the company's position in the security ratings industry.

Skybox Security

Gidi Cohen, Founder, CEO

Headquarters: San Jose, Calif.

Skybox Security in October received a $150 million growth equity investment, with proceeds used to boost investments in sales and marketing, customer care and R&D, as well as potential M&A activity. Two months later, the company tapped former systems integrator CEO Uri Levy to be its first global channel chief to prepare for a new managed security service provider and systems integrator program.


Doug Merritt, President, CEO

Headquarters: San Francisco

The company in February launched Splunk Enterprise Security v.5.0 with Investigation Workbench, a new toolset that streamlines security investigations and accelerates incident response. As the SIEM market continues to evolve, the company said more customers are using Splunk’s Adaptive Response ecosystem, allowing them to detect and respond to attacks faster within their security nerve center.

Sumo Logic

Ramin Sayar, President, CEO

Headquarters: Redwood City, Calif.

Sumo Logic in June announced a $75 million funding round led by Sapphire Ventures, with proceeds focused on extending the platform's capabilities to address operational and security analytics, advanced machine learning and IoT. Seven months later, the company acquired FactorChain, which has a Security Investigation Platform that enables the resolution of threat investigations in minutes rather than hours.