RSA 2019: 10 Execs Reveal The Cybersecurity Vendor They're Most Excited About - Other Than Themselves

Be On The Lookout For

Ten security CEOs, channel chiefs and technical leaders attending RSA 2019 spoke with CRN about which vendor or vendors they believe are disrupting the cybersecurity industry through product innovation and investments in new technological categories.

Some security leaders flagged public cloud or IT service behemoths as potentially the most innovative companies in the cybersecurity space given the size of their customer base and the investments they've made to productize their own security capabilities.

Other executives favored companies that have recently completed successful IPOs in areas ranging from cloud security to authentication to privileged account management. Other leaders highlighted earlier-stage companies making a name for themselves in areas such as application and container security, operational technology threats, and open-source sandboxing.

Here's a look at the cybersecurity vendors that industry leaders attending RSA 2019 expect to make waves in the month and years ahead.

Larry Lunetta, Aruba Vice President, Security Solutions

Lunetta appreciates vendors like Claroty and Indegy that are playing on the Operational Technology (OT) side of the equation and providing terrific insight into non-IT environments like factories and power plants. Vendors like Claroty and Indegy become sources of information for Aruba that can be integrated into the wider environment, Lunetta said.

Claroty and Indegy understand protocols that populate the OT environment like RS-232, Modbus, and Zigbee that most traditional IT security practitioners haven't gotten to spend much time with, Lunetta said. By delivering insight into the non-IT part of an organization, Lunetta said Claroty and Indegy make traditional security products much more effective.

These products act like a sensor for Aruba, Lunetta said, providing organizations with greater control over the users and devices accessing the IT network and attempting to move into OT environments.

Stu Solomon, Recorded Future Chief Strategy and Development Officer

ServiceNow has long been present inside the customer's ecosystem from a ticket management, workflow and asset management perspective, and Solomon said the company will be able to build on its IT expertise as it moves explicitly moves into security.

Solomon praised ServiceNow's centralized operation and cohesive Configuration Management Database (CMDB), and said the company is growing in an interesting way by pushing into the SecOps, vulnerability, and GRC (governance, risk and compliance) spaces.

ServiceNow is also very embedded into how the CIO is thinking, which Solomon said allows the company to serve as a unique bridge between the SOC (security operations center) and the rest of the technical organization. Solomon anticipates the company will use its existing footprint and integration opportunities to further its pivot into security.

Gill Langston, Avast Senior Product Manager, SMB

Zscaler excels at delivering cloud-based security to a market that's historically been undeserved by new technology, Langston said. The company has done a great job of developing a global platform with robust policy management, scalability and accessibility that can be leveraged by customers no matter where they reside, according to Langston.

Since Zscaler doesn't need to have any hardware whatsoever, Langston said the company is capable of supporting the entire enterprise as well as end users no matter where they go. By making it possible for security practitioners to let go of day-to-day management, Langston said Zscaler frees them up to focus on business-critical projects outside of infrastructure management and keeping remote offices running.

All told, Langston said Zscaler frees cybersecurity teams up to focus on business-critical projects and core digital transformation objectives.

Scott Whitehouse, CyberArk Vice President of Channels and Alliances.

Whitehouse singled out Okta and SailPoint for their innovation in the authentication and identity governance space space. Okta has been great on the front-end with robust third-party integrations and its embrace of the -as-a-service model to ensure that its capabilities are available anywhere, Whitehouse said.

SailPoint, meanwhile, has been most helpful on the back end with compliance, where Whitehouse said the breadth and diversity of the data it collects allows for more informed provisioning and de-provisioning decisions. Whitehouse said bringing Okta and SailPoint's capabilities together allows for a complete platform around governance.

Whitehouse praised Okta and SailPoint for continuing to deliver consistent growth quarter over quarter and year over year, which he said makes it abundantly clear that neither company will fade away.

Mark Nunnikhoven, Trend Micro Vice President, Cloud Research

Microsoft has over the past few years made a huge internal investments around security products and threat intelligence, and is now bubbling those capabilities out to customers through products like Azure Sentinel.

Azure Sentinel is a SIEM (security information and event management) platform that was trained using machine learning models at Microsoft's scale. Microsoft has been gathering data for 30 years and is interested in using that information to make an impact, Nunnikhoven said.

SIEM is really ineffective today, Nunnikhoven said, and needs qualified expertise to massage the ruleset, get information out, and remove logistical and operational challenges. The release of Azure Sentinel signals a major cultural shift at Microsoft, and Nunnikhoven said the old company never would have pushed out a product like that.

Preston Hogue, F5 Networks Senior Director, Threat Research & Security Marketing

Hogue called out Aqua and WhiteHat Security for their ability to conduct scanning in containers and elsewhere, see changes in a security environment, and ensure that the larger ecosystem adapts.

The companies have excelled at understanding the fundamental differences between DevOps and DevSecOps, Hogue said, and have focused on understanding the risks and vulnerabilities present in a DevSecOps environment. These companies break existing paradigms to address security around different insertion points into an organization, Hogue said.

Businesses must understand the risk and vulnerability present before looking to determine appropriate controls, Hogue said.

Nelson Fonseca, Cyxtera President and COO

Amazon Web Services has helped customers secure application workloads on the cloud while being very transparent about what they do and don't provide from a security perspective, Fonseca said.

AWS makes it seamless for customers to push applications to third-party data centers or the cloud, Fonseca said, enabling the client to choose which option is best for them based on cost, performance, or any other components that's particularly important to them. Security is also a key factor when customers are trying to determine which infrastructure is best for an application, Fonseca said.

By defining where their own security starts and stops, Fonseca said AWS has created room to partner with vendors bringing specific cybersecurity competencies to the table. Focusing on their strengths as it relates to building IaaS platforms is probably best from a business perspective, he said.

Tom Turner, BitSight President and CEO

CrowdStrike excels at removing the operational pain around endpoint security through its SaaS-based delivery of capabilities that are helpful to the industry, Turner said.

The company's commitment to adaptivity makes it possible for additional vendors to participate in securing the endpoint, which Turner said benefits the entire ecosystem. Both CrowdStrike and BitSight share an investor as well as a commitment to SaaS-based development, Turner said.

Turner considers CrowdStrike to be one of the leading endpoint security providers in the industry, and said he'll be watching keenly to see if the company files a registration statement with the U.S. Securities and Exchange Commission (SEC) to begin the process of going public.

Abdul Rahman, Fidelis Cybersecurity Chief Scientist

Zeek (formerly Bro) provides open APIs and accessible language to make it easier for the open-source community to build cybersecurity tools in areas such as sandboxing, Rahman said.

Zeek excels at being open, engaging with their community, and crowdsourcing problems that people are seeing to help come up with solutions to the more challenging problems and detection issues, Rahman said. The framework doesn't offer much by way of decoders, Rahman said, so users either have to build themselves or engage with others in the community to obtain one.

The framework makes it possible for users to obtain an open-source network sensor tool that's largely equivalent to the sensors sold by more established providers, according to Rahman. The community and accessibility are key as Zeek pursues solutions to different security challenges, Rahman said.

Greg Young, Trend Micro Vice President, Cybersecurity

DarkMatter is a strong emerging player for MSSPs and a good sign of the healthiness of the cyber culture in the United Arab Emirates, Young said. More local talent and products helps address the worldwide cybersecurity skills shortage, Young said.

Having a strong local cyber ecosystem is good both for business as well as the global security players, Young said. As cybersecurity firms based in Japan, India and Middle Eastern countries like the UAE continue increasing their capabilities, Young said the economy for security products will become less fragmented.