The cybersecurity landscape is massively expanding while attack strategies keep evolving, fueling the cybercrime epidemic. Cyber threats evolved from targeting and harming computers, networks, and smartphones — to humans, cars, railways, planes, power grids and anything with an electronic pulse. Expectations are that cybercrime damages cost the world six trillion US dollars in 2021. And in general, the belief is that cybercrime costs will grow 15% per year over the next five years, reaching 10.5 trillion US dollars by 2025.
This growth is powered by the Internet of Things. Forbes expects there to be 35 billion smart devices in the world in 2021. Unfortunately, securing devices and objects such as cars, medical instruments, sensors, manufacturing machines, home appliances and phones that could be ‘talking’ to each other, is a major challenge for the years to come.
Of course, the corona pandemic has a big influence on cybersecurity technology as well. A lot of companies have come up with solutions to make remote working as easy as possible. But all these remote workers need to be protected from cybercriminals as well. Luckily a lot of companies have acted upon that as well. With technologies such as AI and deception technology rapidly being integrated into cybersecurity solutions, tables can be turned against many adversaries.
Cybersecurity companies provide solutions and services that are increasingly committed to doing just that. With that in mind, we’ve listed the top cybersecurity companies for you to watch in 2021.
Palo Alto Networks
Palo Alto Networks is a well-known global cybersecurity company serving more than 50.000 customers. Its Next-Generation Firewalls and cloud-based security products are used by more than 85 of the Fortune 100 companies and 63% of the Global 2000. The company has around 5.100 employees worldwide.
Palo Alto Networks has been positioned as a leader in the Gartner Magic Quadrant for Network Firewalls for nine consecutive times, including 2020. The PA-series' Next-Generation firewalls reduce response times with automated policy-based actions, and you can automate workflows via integration with administrative tools, such as ticketing services, or any system with a RESTful API.
Their core Security Operating Platform helps keep out hackers through automation, such as automated routine tasks and enforcement. In addition to cloud and enterprise solutions, Palo Alto also offers Cortex XDR, the company’s AI-based continuous security platform.
While best known for its next-generation firewall, Palo Alto Networks also has add-on offerings, including Traps for endpoint protection, Prisma Access (SASE) and Aperture, a SaaS-based cloud access security broker (CASB). Palo Alto Networks uses machine learning to help identify variations of known threats and patterns in attacks. In this way they can accurately predict the next stages of an attack, then automatically create and implement protections for customers in near real-time.
With Prisma Access they have also jumped in the much-needed technology to secure remote workers. It enables secure access from anywhere with their cloud-delivered, tier-one network, eliminating the complexity of using disjointed products. Prisma® Access delivers comprehensive networking and security in a single secure access service edge (SASE) designed for all traffic, all applications, and all users.
Acquisitions by Palo Alto Networks
In 2020 Palo Alto Networks acquired three security companies:
- CloudGenix: a cloud-delivered SD-WAN provider. The acquisition will further strengthen Palo Alto Networks comprehensive SASE platform.
- Expanse Inc.: specialized in attack surface management. They bring a unique level of visibility to security through the continuous scanning of exposed assets.
- The Crypsis Group: an incident response, risk management and digital forensics consulting firm. The acquisition will further strengthen Palo Alto Networks Cortex™ platform with expert services for incident response and proactive assurance.
Image: The Unified incident engine of Cortex XDR relieves alert fatigue. The incident view uses advanced analytics to intelligently group related alerts into incidents
In 2018 McAfee refreshed their entire enterprise cybersecurity portfolio, introducing McAfee MVISION. The cloud-native MVISION portfolio includes insight-driven endpoint security, cloud security, McAfee EDR, mobile security, data loss prevention and more.
Both the endpoint and mobile services are controlled via MVISION ePO, providing a unified approach to managing traditional and mobile endpoints. MVISION ePO is a SaaS solution designed to replace backend infrastructure with a simple web-based management console. On the business front, McAfee’s endpoint and mobile security products protect end-user devices from attacks, while its network security products and services protect company servers, databases and data centres.
Baked into the MVISION platform is McAfee's Global Threat Intelligence services, which provide threat event information via MVISION ePO. Its McAfee Total Protection and McAfee LiveSafe products give consumers access to antivirus and antimalware protection, as well as internet security including protection from adware, spyware, phishing scams, malicious websites, identity theft, and other threats.
In 2020 McAfee was named Leader in the Gartner Magic Quadrant for Cloud Access Security Broker (CASB) for the fourth time. They were also named Gartner Peer Insights Customers’ Choice for CASB last year.
Acquisitions by McAfee
In 2020 McAfee acquired one security company:
- Light Point Security: a pioneer of browser isolation. This extends MVISION Unified Cloud Edge (UCE) capabilities for SASE.
Image: MVISION ePO includes pre-defined and customizable dashboards a consolidated view, and prioritization of threat data.
Crowdstrike marries advanced endpoint protection with intelligence since it was founded in 2011. The CrowdStrike Falcon endpoint protection platform was built from the ground up to address the challenges posed by modern attacks and to stop breaches. It delivers a single lightweight agent for prevention, detection, threat hunting, response, remediation, vulnerability assessment and IT hygiene.
Their Falcon prevents framework touts five-second visibility on all endpoints, past and present, while also reducing cost and complexity. CrowdStrike provides cybersecurity services that include threat intelligence, next-gen antivirus, incident response, ransomware blocking and endpoint detection and response.
At the end of 2020, they offered a report on incident response and proactive services from 2020 and insights that matter for 2021. In their report they came to several conclusions:
- Volume and speed of financially motivated attacks is rising quickly
- Intrusions are no longer a one-time event
- The shift to continuous monitoring and response approaches is changing the game
- To no one’s surprise, there are major effects on cybersecurity due to the quick growth in the remote workforce
In the same report, they give details and recommendations on several topics as well. Such as, how the remote workforce changes security, evolving operations of ransomware actors, and what to do after a breach and how to stop the next one.
CrowdStrike received high marks from the users whose reviews comprise Gartner Peer Insights ‘Voice of the Customer’ for endpoint detection and response solutions report. They received a 4.9 out of 5 based on 106 verified reviews (highest ratings of all vendors given the Customers’ Choice rating).
Last year they were also named a Leader in the Forrester Wave for Enterprise Detection and Response. CrowdStrike received the highest score in 11 criteria, including scoring among the top in the Strategy and Market Presence categories.
Acquisitions by Crowdstrike
In 2020 Crowdstrike has acquired one security company:
- Preempt Security: a provide of zero trust and conditional access technology for real-time access control and threat prevention. It will expand their zero trust capabilities and incorporate critical identity behaviour data and analysis to help customers fortify their defences and prevent identity-based attacks and insider threats.
Image: Crowdstrike Incident Dashboard Screenshot
Having been recognized by Gartner as a Leader for Network Firewalls in the 2020 Magic Quadrant for the 11th time. The company has over 450,000 customers around the world and has a broad portfolio covering secure SD-WAN, cloud security, network security, application security, email security, and secure access, all supported with a single pane of glass management across the entire attack surface.
Their Unified Threat Management solution consolidates multiple security and networking functions with one unified appliance that protects businesses, but also because it simplifies infrastructure.
With its innovative approach, they help improve SD-WAN security, Cloud Security and Cloud on-ramp. Protecting businesses against the ever-changing threat landscape, their portfolio of security, networking, and business productivity solutions is growing and are tightly integrated to ensure that today’s organisations can confidently build the digital business infrastructure they need without compromising on security. Fortinet combines custom security processors, an intuitive operating system, and applied threat intelligence. Their FortiGate Next-Generation Firewalls are powered by Security Processing Units (SPUs), AI-driven FortiGuard Labs and deliver industry-leading threat protection, and high performance that helps reduce costs, complexity, and risks.
Fortinet recently created two reports with cybersecurity predictions ‘New cybersecurity threat predictions for 2021’ and ‘FortiGuard Labs cyber threat predictions for 2021’. In here they offer several predictions under three main headings:
- The intelligent edge is a target
- Innovations in computing performance will also be targeted
- Artificial Intelligence will be key
Acquisitions by Fortinet
In 2020 Fortinet has acquired two security companies:
- OPAQ Networks: a SASE cloud provider. Fortinet’s Security Fabric combined with OPAQ’s patented ZTNA solution enhances their existing SASE offering.
- Panopta: a SaaS platform that provides full-stack visibility and automated management of the health of an enterprise network. It enables Fortinet to offer a comprehensive network and security operations management solution for enterprises or service providers.
Image: Secure SD-WAN use case with Fortigate NGFW's, FortiManager, and FortiAnalyzer
Cisco Umbrella is a cloud security solution providing secure access to the internet and secure usage of cloud apps. Having developed a cloud-delivered firewall, a web gateway, DNS Security and CASB solution, Cisco Umbrella proves to be an effective cloud-native platform solution, providing the multi-layered approach many security engineers look for. It’s a smart proxy only routing traffic to risky destinations through its network while safe content is accessed directly with no delay.
The investigate tool helps you to see relationships of domains, IPs and malware. Cisco’s Threat Intelligence not only investigates attackers’ infrastructures but is also able to predict future threats. In this way, current and developing threats such as malware can be exposed, so incident investigation and response times reduce significantly.
In 2019 Cisco Umbrella expanded to integrate more security functions in a single service. All Umbrella packages also integrate with Cisco SD-WAN, being delivered from the cloud security service.
Cisco offers a large range of cybersecurity solutions; SASE, XDR, zero trust and more. That is why they have developed SecureX. It is a cloud-native, built-in platform experience that connects the Cisco Secure portfolio and your infrastructure. The benefits of SecureX are that it reduces dwell time of threats by 72%, you can collaborate better and save 100 hours on average by orchestrating and automating security across SecOps, NetOps and ITOps teams.
Acquisitions by Cisco
In 2020 Cisco has acquired several companies, but one is focussing on security:
- PortShift: is focused on building application security solutions that span a large portion of the lifecycle of cloud-native applications, from development and policy enforcement to vulnerability management and run-time protection.
Image: Cisco Umbrella screenshot
Netscout (Arbor Networks)
Securing your cloud against DDoS attacks is vital for service continuity. If you’re looking for critical aspects of DDoS protection, including the vital features to have in any DDoS protection product, Netscout is the cybersecurity company to turn to. Formerly being Arbor Networks, Netscout is on its way to completing the second decade of its Anti-DDoS lifespan, offering the classical combination of Arbor Sightline and TMS that continues to prove its effectiveness across many industries.
Arbor Sightline is an anomaly detection system. It is based on sampled netflow, capable of performing enhanced reporting, alarming, automated mitigation in multiple phases and can even be triggered by their Availability Protection System (APS).
An extra powerful feature is that any third-party script or application for mitigations can be triggered by external and existing logic.
Important to note is that TMS’s detection service also makes use of (and helped set up) the ATLAS Intelligence Feed (AIF), providing insight and expert analysis for DDoS protection. With the Arbor Security Engineering & Response Team (ASERT), dedicated to discovering and analysing emerging threats and developing targeted defences, Arbor has both visibility and remediation capabilities at nearly every tier one operator and a majority of service provider networks globally. ASERT shares this operationally viable intelligence with hundreds of international Computer Emergency Response Teams (CERTs) and with thousands of network operators via inband security content feeds. Being part of ATLAS, actively monitoring Internet threats around the clock and the globe via ATLAS, ASERT gives you another good reason to consider Arbor’s anti-DDoS solutions.
Acquisitions by Netscout
In 2020 Netscout has acquired one new company:
- Gigavation Inc.: a cybersecurity company with technology that provides security to device communication protocols, endpoint protection and security analytics. The technology and engineering talent will support the ongoing enhancement of the service assurance product portfolio.
Infradata’s cybersecurity vendors
These vendors form the core of our cybersecurity architecture that aims at supporting our customers in the transition to a Zero Trust Access and SASE architecture. Combining the innovation power of these cybersecurity leaders and the Infradata local skilled resources are key success factors for a successful security architecture transition for maximum security, lower costs and best user experience with IT services to increase productivity.
Do you want to know what Infradata can do for your cybersecurity? Get in touch with us today!
8 January 2021
Get in touch with us today
Do you want to learn more about this subject, or do you have specific questions? Give us a call or leave a message.