The 20 Coolest Endpoint And Managed Security Companies Of 2025: The Security 100

From vendors providing endpoint protection and detection tools to companies offering MDR, here’s a look at 20 key companies in endpoint and managed security.

While endpoint security tools are no doubt among the most ubiquitous in the cybersecurity sphere, the market continues to evolve — and see strengthening demand. Endpoint security was the second-largest technology category within cybersecurity in 2023, with revenue of $21.6 billion, according to the most recent figures available from IDC. Meanwhile, the endpoint detection and response (EDR) category is in the process of converging with endpoint prevention as well as with other categories, such as identity threat detection and response (ITDR), according to Gartner’s recent Magic Quadrant for Endpoint Protection Platforms report. The research firm predicts that 30 percent of enterprise customers will consolidate their EDR, preventative endpoint security and ITDR on a single vendor by 2038, compared to just 5 percent in 2024, according to the report.

[Related: 10 Major Ransomware Attacks And Data Breaches In 2024]

Vendors in the “leaders” quadrant for the Gartner report were CrowdStrike, Microsoft, SentinelOne, Palo Alto Networks, Trend Micro and Sophos. The “visionaries” quadrant from Gartner included Bitdefender, Check Point Software Technologies and Cisco, while Trellix and ESET were ranked in the “challengers” quadrant.” Four security vendors — Fortinet, WithSecure, Cybereason and Broadcom — ranked in the “niche players” of the Gartner Magic Quadrant report.

Without a doubt, when it comes to endpoint security, the space has remained dynamic despite its ubiquity. “I think the pendulum has swung a number of times over the years between, ‘Protection and prevention is everything to, ‘You can’t rely on it, you must only have detection or response,’” Sophos CEO Joe Levy said in a recent interview with CRN. “And now the pendulum, I think, is swinging back toward the center. And this kind of centrist view, I think, is the most practical view that we could take as an industry. The reality is you need both of them. You have to have the benefit of the best protection and the best prevention that you could possibly get.”

Many endpoint security vendors are also boosting their offerings with GenAI-powered capabilities, while managed detection and response (MDR) providers continue to see growing demand even as they expand to cover more than just endpoints.

What follows are the 20 endpoint and managed security companies that made our Security 100 for 2025.

Bitdefender

Florin Talpes

Co-Founder, CEO

Bitdefender updated its GravityZone XDR offering, delivering the new Business Applications sensor for protecting data in cloud-based applica­tions. The sensor provides support for Atlassian apps including Confluence, Jira and Bitbucket. Other major moves included launching a breach warranty program for customers of its MDR offering.

Blackpoint Cyber

Jon Murchison

Founder, CEO

Blackpoint Cyber’s MDR offering has brought a focus on providing proactive identi­fication, prioritization and remediation of potential threats through active hunting, detection and protection. Other key capa­bilities include managed application control, cloud response and the Black­point LogIC log collection and reporting tool.

Broadcom

Hock Tan

President, CEO

Broadcom has com­bined Carbon Black—from its VMware acquisition—with previ­ously acquired Symantec assets. Key enhancements have included leveraging Symantec network telem­etry and data security capabilities within Carbon Black’s EDR offering, pro­viding improved control and visibility.

CrowdStrike

George Kurtz

Co-Founder, CEO

CrowdStrike enhanced its widely used endpoint security offer­ing with the introduction of a new set of AI-powered capabilities, CrowdStrike Signal. The capabilities provide grouping of related alerts and events to derive key insight as well as deliv­ering AI-generated lead detection that can uncover novel tactics by threat actors.

Deepwatch

John DiLullo

CEO

Deepwatch updated its MDR plat­form through the launch of an open security data architecture that offers customers a choice between local and cloud data sources. The architec­ture enables utilization of customers’ existing secu­rity tools through offering integrated, prebuilt stacks covering multiple security segments.

eSentire

Kerry Bailey

CEO

ESentire debuted its new MDR for GenAI Vis­ibility offering, delivering a range of insight about how a customer and its employees are using GenAI tools. The offering provides greater visibility around the users of GenAI applications, frequently used AI apps, the files shared and the prompts input into the tools.

ESET

Richard Marko

CEO

Key product launches from ESET included the introduction of ESET AI Advisor, a GenAI-powered security assistant for enhanced risk analysis and incident response, for the vendor’s Protect MDR offering. Key capabilities include enabling improved risk identification, interactive analysis and enhanced threat response for secu­rity analysts.

Expel

Dave Merkel

Co-Founder, CEO

Key product moves by MDR pro­vider Expel included the debut of more flexible MDR offerings as well as an expansion of capabilities for automated remediation on endpoints and within cloud environments. The expansion enables improved removal of harm­ful files and registry keys, resetting of compromised credentials and disabling of compromised cloud keys.

Huntress

Kyle Hanslovan

Co-Founder, CEO

Huntress unveiled a major expan­sion of its managed security platform with the debut of managed SIEM. Key differentiators for the Huntress managed SIEM offering include using highly efficient data col­lection and retention techniques to keep costs predictable and minimal, which is crucial for solution providers.

Malwarebytes

Marcin Kleczynski

Co-Founder, CEO

Malwarebytes recently debuted new capa­bilities in MDR, including improvements around case management and report­ing enhancements in its OneView and Threat­Down Nebula platforms. The update simplifies case management, reducing the steps needed for manag­ing cases while enhancing reporting and visibility.

N-able

John Pagliuca

President, CEO

N-able acquired Adlumin, a provider of a security operations platform com­bining MDR and SIEM. The Adlumin acquisition brings enhanced reme­diation capabilities to N-able as well as allows the company to deliver greater security insight to customers.

NinjaOne

Sal Sferlazza

Co-Founder, CEO

NinjaOne is expanding in endpoint security with capabilities for improved visibility into devices accessing a net­work, cloud-first device backups and unified secu­rity and IT operations. It also said it’s working with a greater number of VARs to target endpoint security growth in addition to the company’s longtime base of MSP partners.

OpenText

Mark Barrenechea

Vice Chairman, CEO, CTO

OpenText debuted its new MDR offering to provide part­ners with a 24x7 Security Operations Center service. OpenText MDR—based upon its acquisition of the Pillr platform from solution and service provider Nova­coast—features more than 400 integrations with other security tools, including third-party products.

Red Canary

Brian Beyer

Co-Founder, CEO

Red Canary enhanced its MDR platform, including the expansion of support to the three largest public cloud providers—AWS, Microsoft Azure and Google Cloud. The MDR provider also unveiled support for the Microsoft Copilot for Security plug-in along with access to new executive reports with simplified summaries.

SentinelOne

Tomer Weingarten

Co-Founder, CEO

SentinelOne introduced new MDR offerings with the launch of Singularity MDR as well as Singularity MDR + DFIR (digital forensics and incident response). They provide AI-powered capabilities for threat detection—with differen­tiators including a strong signal-to-noise ratio— along with managed threat hunting and DFIR services.

Sophos

Joe Levy

CEO

Sophos plans to acquire Secureworks to expand the Sophos security platform with capabilities in XDR. Key enhancements will include enabling Sophos to lever­age the identity threat detection and response offering from Secureworks, augmenting Sophos’ exist­ing ITDR capabilities in the Microsoft ecosystem.

Tanium

Dan Streetman

CEO

Tanium extended its Autonomous Endpoint Management platform to include protection for container­ized workloads. The new offering, Tanium Cloud Workloads, also brings enhanced real-time visibility into container­ized environments and improved identification of vulnerabilities in container images.

ThreatLocker

Danny Jenkins

Co-Founder, CEO

ThreatLocker unveiled its expan­sion into MDR with a new service delivered by its Cyber Hero team. ThreatLocker’s MDR—a managed version of the company’s detection tool, Ops—aims to stand out by being paired with the company’s existing advan­tages from automatically preventing malware on devices.

Trellix

Vishal Rao

CEO

Trellix updated its XDR plat­form with the introduction of a new suite of AI and GenAI capabilities, Trel­lix Wise. The capabilities enable the company’s XDR platform to more effectively detect and address threats through functionality such as automation of work­flows, improved efficiency for analysts and enhanced investigation of threats.

Trend Micro

Eva Chen

Co-Founder, CEO

Trend Micro unveiled enhancements to its Vision One cybersecurity platform, including the launch of AI-powered capabilities for cyber risk management. The capabilities utilize AI to provide improved discovery, assessment, prioritization and reme­diation of threats.