The 20 Coolest Security Operations, Risk And Threat Intelligence Of 2024: The Security 100
From vendors that provide modern SIEM to those offering advanced threat feeds, here’s a look at 20 key companies in security operations, risk and threat intelligence.
The arrival of generative AI marks another turning point in the security operations market, with many vendors now offering GenAI-powered tools that aim to dramatically boost productivity and effectiveness for Security Operations Center (SOC) teams.
[Related: 10 Cybersecurity Companies Making Moves: January 2024]
Many teams are now looking to leverage GenAI tools in tandem with their SIEM (security information and event management) and SOAR (security orchestration, automation and response) systems, in an effort to expedite their response times and improve their security decision-making.
The SIEM space itself, meanwhile, continues to be highly competitive. The most recent Gartner Magic Quadrant for SIEM (from late 2022) ranks Microsoft, Splunk, IBM, Securonix and Exabeam in the “leaders” quadrant.
In the realm of threat intelligence, top providers include Google Cloud (through its Mandiant subsidiary) and Recorded Future, while major players in risk management include Tenable and Qualys.
What follows are the 20 security operations, risk and threat intelligence companies that made our Security 100 for 2024.
Arctic Wolf
Nick Schneider
President, CEO
Arctic Wolf launched a retainer option for its cyber incident response services, which aims to allow partners to more easily supply customers with rapid access to the services. The Arctic Wolf Incident Response JumpStart Retainer features a guarantee that cyber incidents will receive a response within one hour, backed by a service-level agreement.
Axonius
Dean Sysman
Co-Founder, CEO
Axonius unveiled a major new update to its platform that seeks to provide comprehensive visibility into installed software applications. With the introduction of software management as an addon capability, the Axonius platform can now consume inventories of installed software.
BlueVoyant
Jim Rosenthal
Co-Founder, CEO
With the acquisition of Conquest Cyber, BlueVoyant gains a company specializing in providing cloud security to Microsoft customers in the government sector. BlueVoyant said the deal provides robust cybersecurity assessment and compliance capabilities with an enhanced ability to identify gaps in customers’ security posture.
Cribl
Clint Sharp
Co-Founder, CEO
Cribl offers a data platform whose mission is to enable improved flexibility and control around security and IT data. The company aims to serve as an agnostic data engine, with the ability to route data—including from Splunk—and then place that data into a data lake or take other security-focused actions with it.
Devo Technology
Walter Scott
CEO
Devo has introduced a new threat intelligence feed inside its Devo Collective Defense security data platform that aims to enable enhanced defense against emerging cyberthreats. Other moves have included the launch of Devo DeepTrace, an AI-powered alert investigation tool that can build “complete” traces of suspicious activity within an organization’s IT infrastructure.
Exabeam
Adam Geller
CEO
Exabeam’s major recent product included Outcomes Navigator, which brings improved visualization to the company’s New-Scale SIEM platform. The offering provides a look into the security of current configurations in an environment and provides detailed recommendations for making improvements.
Google Cloud
Thomas Kurian
CEO
Google Cloud’s new Security AI Workbench offering is powered by a security-specific large language model known as SecPaLM. The model utilizes Google Cloud’s security intelligence via Google’s broad visibility into threat data and Mandiant ’s threat intel around vulnerabilities and malware.
IBM Security
Arvind Krishna
Chairman, CEO
IBM debuted its IBM Security QRadar Suite For Analysts, which is SaaS-delivered and includes re-architected threat detection and response offerings to improve speed and efficiency. Upgrades include a unified experience, simplified deployment through SaaS delivery and over 900 integrations with third-party tools.
Infima Cybersecurity
Joel Cahill
Co-Founder, CEO
The provider of highly automated security awareness training is focused on meeting the needs of MSPs. Infima said that its next-gen security awareness training platform provides dramatically simplified administration for MSPs, including speedy setup and minimal oversight once it’s up and running.
KnowBe4
Stu Sjouwerman
Founder, CEO
KnowBe4, which provides security awareness training as well as security tools including anti-phishing, has expanded its portfolio with new tools including its QR Code Phishing Security Test offering. The tool aims to help organizations with identifying which of their users are most likely to be susceptible to malicious QR code threats.
Qualys
Sumedh Thakar
President, CEO
Qualys unveiled a major update to its risk management platform with the option for application security teams to bring detections of their own to use on the platform. AppSec teams will be able to bring detection and remediation scripts as Qualys IDs to the company’s vulnerability management, detection and response platform.
Rapid7
Corey Thomas
CEO
Recent product updates from Rapid7 have included the addition of cloud anomaly detection utilizing AI-based, agentless capabilities. Rapid7 said the offering leverages its proprietary AI engine to detect suspicious behavior, which can then prompt automatic adjustments of configurations and privileges using the Rapid7 platform.
Recorded Future
Christopher Ahlberg
Co-Founder, CEO
Recorded Future enhanced its Intelligence Cloud platform, which is aimed at providing better visibility into threats and more automation of processes. Key capabilities include AI-driven automation for improved detection, triage and analysis of threats, as well as Collective Insights, which offers visibility into emerging threats.
Securonix
Nayaki Nayyar
CEO
Securonix's new Unified Defense SIEM platform works with data feeds from Snowflake’s data lake and better accommodates the massive volumes of security-relevant data that enterprises generate through a cloud-native approach. The platform can leverage 365 days worth of “hot” searchable data from the Snowflake Data Cloud.
ServiceNow
Bill McDermott
President, CEO
As part of ServiceNow’s Security operations platform, the company offers capabilities including incident response, configuration compliance, vulnerability response and threat intelligence. The offering is built on its Now platform, with benefits such as enabling a unified data model across an organization.
Splunk
Gary Steele
President, CEO
Splunk, which has a deal with Cisco to be acquired for $28 billion, has enhanced Splunk Mission Control with updates such as enabling security operations teams to handle threats from a unified platform. For Splunk Observability Cloud, it added capabilities around automated detection and improved alert accuracy.
Sumo Logic
Joe Kim
President, CEO
Major updates from Sumo Logic have included the debut of new capabilities including native user and entity behavior analytics threat detection, which brings advantages such as increased flexibility through making detections more tunable. Sumo Logic also unveiled a new service for more efficient SIEM automation in the cloud.
Tenable
Amit Yoran
Chairman, CEO
Tenable bolstered its exposure management platform and cloud security offering through its recent acquisition of Ermetic. The acquisition enables it to provide cloud identity and permissions management technology as well as a complete cloud-native application protection platform Offering.
Torq
Ofer Smadari
Co-Founder, CEO
Torq offers a no-code method for automating security operations activities. The startup’s platform is aimed at boosting the productivity of security analysts by completing numerous Security Operations Center tasks faster and more easily.
ZeroFox
James Foster
Chairman, CEO
ZeroFox, which focuses on shutting down major cyberthreats that originate externally such as targeted phishing, has enhanced its platform with new capabilities such as anti-cloaking. Meanwhile, the company recently unveiled the acquisition of external attack surface management company LookingGlass Cyber Solutions.