Next-gen Cybersecurity

AI-based solutions for evolving digital threats

Overview

Emerging threats require proactive tools that take a holistic view of corporate networks

Corporate cybersecurity today is tasked with protecting connected hardware and cloud-based software from myriad threats such as unauthorized access and data theft. The next-generation of tools leverage AI and machine learning to dominate endpoint protection, detection, and response.

The traditional enterprise network perimeter is fading and enterprise workflows are increasingly reliant on the internet and cloud applications. Personal computing devices and connected industrial hardware connect to corporate networks on a daily basis, leaving many potential entry points for malicious actors. The evolving threat landscape requires a holistic approach to cybersecurity that considers an organization's entire network landscape.

Advances in AI help companies bridge this gap by detecting threats using behavioral analysis. Companies can now use signature-based methods to identify threats proactively, even unknown ones which would have otherwise gone undetected by traditional antivirus programs. AI also allows for efficient monitoring, investigation, and automation of common remediation tasks that would have been traditionally carried out manually—a time-consuming process prone to error.

What's driving this industry?

Industry Updates

SenseOn secures USD 20 million in Series A funding
Sep 27
Sternum secures USD 27 million in Series B funding
Sep 23
SentinelOne appoints former Tableau executive as CLO
Sep 22
View all updates
Market Sizing

The US market for next-generation cybersecurity could reach up to USD 28.1 billion by 2025

Conservative case

USD 15.0 Bn

Base case

USD 21.5 Bn

Expansion case

USD 28.1 Bn

USD billion0102030202020212022202320242025
View details

COVID-19 IMPACT

The rapid shift to remote work has led to new threats: 

  • Phishing attacks grew 220% in 2020, leading to a lack of confidence in current corporate cybersecurity efforts.

  • The FBI received 3,000 - 4,000 daily complaints related to cybersecurity, that’s up to 4x beyond pre-pandemic rates.

  • More than 70% of cybersecurity leaders cite remote workers as security risks and 41% blame budgetary restrictions as their top concern.

Prioritizing security translates to double-digit revenue for several disruptors: 

  • Crowdstrike saw 82% year-over-year (YoY) growth in both customers and revenue.

  • Cato Networks doubled annual recurring revenue (ARR).

  • Arctic Wolf more than doubled subscription revenue with enterprise clients growing 180%.

  • Snyk reported a 275% YoY growth in ARR.

  • SentinelOne expected revenue growth to more than double in 2020.

Security budgets are going up across industries:

  • More than 50% of surveyed executives plan to increase their cybersecurity budgets in 2021 with the healthcare sector leading the way.

Market Mapping

Large incumbents maintain a strong presence in this industry as they expand traditional cybersecurity portfolios with complementary products focused on cloud services produced through a mix of internal development and acquisitions. Some larger disruptors also follow an acquisition strategy, acquiring smaller startups to expand their portfolios. These acquisitive incumbents and larger disruptors are therefore listed across multiple segments of the market map.

The endpoint security space, in particular, has a significant incumbent presence, as traditional antivirus software vendors are adding behavior analytics and artificial intelligence to their products. Symantec (now owned by Accenture) and Trend Micro are some of the largest endpoint protection providers globally, each claiming more than 18% of the segment’s overall market share.

While the market map features more endpoint security companies than any other segment, companies offering cloud security products have attracted the most private funding—more than USD 7.1 billion for the cloud network and cloud-native application security segments as of August 2021. Further, nine out of ten startups in this hub were established over the last decade and have collectively raised over USD 12 billion as of the same date.

Incumbents
Growth
Early
Seed
Pre seed
Cloud network security
?
Cloud-native application security
?
Endpoint security
?
Industrial IoT/Operational technology security
?
Detection and response tools
?
Managed detection and response (MDR)
?
API and web application security
?
ThreatWarrior
ThreatWarrior
ThreatWarrior
ThreatWarrior
ThreatWarrior
ThreatWarrior
ThreatWarrior
Microsoft
Akamai
Palo Alto Networks
Check Point
FireEye
Fortinet
Trend Micro
VMware
Barracuda Networks
Pixel Holdco (Cyphra)
Rapid7
Tenable
F5 Networks
Netskope
Illumio
Orca Security
Vectra
Cato Networks
Lookout
Menlo Security
Darktrace
Versa Networks
iboss
Bitglass
Armor
Zscaler
Wiz
Axis Security
Perimeter 81
Elisity
Cyolo
Blumira
Cyvatar
Lightspin
Acreto
Microsoft
Palo Alto Networks
Check Point
BitDefender
Sysdig
Tenable
F5 Networks
Snyk
Lacework
CrowdStrike
Aqua Security
Armor
VirSec
Traceable
Monad
DeepFactor
Lightspin
C3M
Akeero
Microsoft
Palo Alto Networks
Check Point
FireEye
Sophos
Fortinet
BitDefender
F-Secure
Kaspersky Lab
Trend Micro
Blackberry
Acronis
VMware
Accenture
Jamf
Tanium
SentinelOne
Cybereason
Illumio
CrowdStrike
Lookout
Deep Instinct
Darktrace
EclecticIQ
Attivo Networks
Nyotron
Morphisec
Threatlocker
SolCyber
Cyvatar
RevBits
ZecOps
CYSIAM
CrowdSec
BreachQuest
Microsoft
Palo Alto Networks
Check Point
Nuvolo
Barracuda Networks
Tenable
SentinelOne
Vectra
Claroty
Armis
Darktrace
Dragos
Nozomi Networks
VirSec
OPSWAT
Attivo Networks
Cynerio
Sternum
SAM Seamless Network
Cyolo
Mission Secure
NanoLock Security
Cylera
ZecOps
Viakoo
Acreto
Suavei
SynSaber
Palo Alto Networks
Check Point
FireEye
RSA Security
Fortinet
Trend Micro
Dell Technologies
Rapid7
Crossword Cybersecurity
F5 Networks
Netskope
SentinelOne
Cybereason
CrowdStrike
Exabeam
Vectra
ReliaQuest
IronNet
Corelight
Uptycs
EclecticIQ
ExtraHop
LogPoint
Bricata
ReversingLabs
Hunters
Mitiga
Confluera
Stellar Cyber
Anvilogic
Blumira
RevBits
ThreatWarrior
Stairwell
Kognos
FireEye
Sophos
BitDefender
F-Secure
Trend Micro
Pixel Holdco (Cyphra)
SentinelOne
Cybereason
Arctic Wolf
CrowdStrike
BlueVoyant
Expel
LogPoint
Red Canary
deepwatch
[redacted]
Huntress
ActZero
Mitiga
SolCyber
Cyvatar
Blackpoint Cyber
Theta432
CYSIAM
CyberMaxx
Startup Defense
BreachQuest
Akamai
Fastly
Palo Alto Networks
Barracuda Networks
Pixel Holdco (Cyphra)
Rapid7
Tenable
F5 Networks
Darktrace
PerimeterX
VirSec
Salt Security
Noname Security
Cequence Security
ThreatX
Traceable
Netacea
Feroot Security
C3M

The Disruptors

A majority of these disruptors offer tools for threat detection and response either as standalone products or along with cloud security and endpoint security offerings. As of August 2021, the highest amount of funding has gone towards companies in the detection and response segment.

Several next-generation cybersecurity companies have already reached valuations of at least USD 1 billion. Cloud-network security startup Netskope has garnered the highest amount of funding (USD 1 billion) as of August 2021. SentinelOne went public in June 2021 which valued the company at USD 8.9 billion, implying a 187% growth from the valuation during its last fundraise in November 2020 (USD 3.1 billion). SentinelOne also leads the endpoint security, industrial IoT/operational technology security, and managed detection and response (MDR) segments in terms of funding, with Arctic Wolf being the highest funded pureplay MDR provider in this space.

More than 90% of these disruptors were established in the last decade and most are in either the early or growth stage. Many also have a footprint across multiple market segments in part by acquiring smaller startups to accelerate product launches and absorb expertise amid a shortage of cybersecurity professionals.

Cloud network security

?

Disruptors

?
Funding in USD Millions
Zscaler
Public - Market cap USD 38.8 bn
Darktrace
Public - Market cap USD 8.7 bn
Netskope
1042
Illumio
558
Orca Security
442
Vectra
353
Wiz
350
Cato Networks
332
Lookout
282
Menlo Security
251
Versa Networks
196
iboss
180
Bitglass
150
Armor
149
Axis Security
100
Perimeter 81
65
Elisity
34
Cyolo
25
Watchlist
?
Lightspin
Blumira
Cyvatar
Acreto

Cloud-native application security

?

Disruptors

?
Funding in USD Millions
CrowdStrike
Public - Market cap USD 59.7 bn
Snyk
1282
Lacework
599
Aqua Security
265
Armor
149
VirSec
135
Watchlist
?
Lightspin
Traceable
Monad
DeepFactor
Akeero
C3M

Endpoint security

?

Disruptors

?
Funding in USD Millions
CrowdStrike
Public - Market cap USD 59.7 bn
SentinelOne
Public - Market cap USD 16.2 bn
Darktrace
Public - Market cap USD 8.7 bn
Cybereason
664
Illumio
558
Lookout
282
Deep Instinct
259
EclecticIQ
77
Attivo Networks
60
Morphisec
50
Nyotron
43
Watchlist
?
Threatlocker
SolCyber
Cyvatar
RevBits
ZecOps
CrowdSec
BreachQuest
CYSIAM

Industrial IoT/Operational technology security

?

Disruptors

?
Funding in USD Millions
SentinelOne
Public - Market cap USD 16.2 bn
Darktrace
Public - Market cap USD 8.7 bn
Vectra
353
Claroty
240
Armis
237
Dragos
164
Nozomi Networks
153
VirSec
135
OPSWAT
125
Attivo Networks
60
Cynerio
37
SAM Seamless Network
36
Cyolo
25
Watchlist
?
Sternum
Mission Secure
NanoLock Security
Cylera
ZecOps
Acreto
SynSaber
Viakoo
Suavei

Detection and response tools

?

Disruptors

?
Funding in USD Millions
CrowdStrike
Public - Market cap USD 59.7 bn
SentinelOne
Public - Market cap USD 16.2 bn
IronNet
Public - Market cap USD 2.2 bn
Netskope
1042
Cybereason
664
Exabeam
390
Vectra
353
ReliaQuest
330
Corelight
159
Uptycs
93
ReversingLabs
81
EclecticIQ
77
ExtraHop
62
LogPoint
40
Mitiga
32
Confluera
29
Watchlist
?
Hunters
Stairwell
Stellar Cyber
Bricata
Anvilogic
Blumira
RevBits
ThreatWarrior
Kognos

Managed detection and response (MDR)

?

Disruptors

?
Funding in USD Millions
CrowdStrike
Public - Market cap USD 59.7 bn
SentinelOne
Public - Market cap USD 16.2 bn
Cybereason
664
Arctic Wolf
498
BlueVoyant
276
Red Canary
130
Expel
118
deepwatch
76
[redacted]
60
Huntress
60
LogPoint
40
ActZero
40
Mitiga
32
Watchlist
?
SolCyber
Cyvatar
Blackpoint Cyber
BreachQuest
Theta432
CYSIAM
Startup Defense
CyberMaxx

API and web application security

?

Disruptors

?
Funding in USD Millions
Darktrace
Public - Market cap USD 8.7 bn
PerimeterX
149
VirSec
135
Salt Security
131
Noname Security
85
Cequence Security
30
Watchlist
?
ThreatX
Traceable
Feroot Security
C3M
Netacea

Zscaler

Zscaler offers cloud security products such as cloud access security brokers (CASBs), secure web gateways (SWGs), and other tools to protect cloud networks, under a secure access service edge (SASE) architecture that is distributed across more than 150 data centers globally. Zscaler also offers cloud security posture management (CSPM) tools that enable organizations to identify misconfigurations and vulnerabilities across cloud-native workloads. As of May 2021, the company had more than 200 patents issued and pending, and served more than 5,000 customers including more than 25% of the Fortune 200.

For FY2021, Zscaler reported USD 673.1 million in revenues, reflecting a growth of 56% YoY. Zscaler’s adjusted operating income rose to USD 78 million, more than double the USD 38.2 million recorded during FY2020. Management guidance for revenue for FY2022 stands in the range of USD 940 million and USD 950 million, which implies an YoY growth of 39.7% to 41.1%, respectively.

Zscaler has made several acquisitions including the cloud security startup Edgewise Networks, in May 2020 for an undisclosed amount, to enhance application-to-application communication security. In April 2020, the company acquired the CSPM startup Cloudneeti for an undisclosed amount, enabling Zscaler to expand its cloud security offering to offer CSPM solutions. Other notable acquisitions of the company include Trustdome, and Smokescreen Technologies in April 2021 and May 2021, respectively. The company commenced trading on the Nasdaq in March 2018, raising USD 192 million in its initial public offering (IPO).

Segment:
Cloud network security
Total funding:
USD 148.0 million
Competitors:
Netskope, Cato Networks, Lookout, Menlo Security, iboss, Bitglass
Disruptor Funding History

Cloud network security:

Zscaler
Darktrace
Netskope
Illumio
Orca Security
Vectra
Wiz
Cato Networks
Lookout
Menlo Security
Versa Networks
iboss
Bitglass
Armor
Axis Security
Perimeter 81
Elisity
Cyolo
Lightspin
Blumira
Cyvatar
Acreto

Cloud-native application security:

CrowdStrike
Snyk
Lacework
Aqua Security
Armor
VirSec
Traceable
Lightspin
Monad
DeepFactor
Akeero

Endpoint security:

The Incumbents

Incumbents buy the future with acquisitions of next-generation cybersecurity startups

The cloud service providers, pureplay cybersecurity companies, and endpoint security software providers in this section have either acquired stakes in next-gen startups, or pivoted their business model to offer products and services across multiple segments.

Major cloud providers like Microsoft and Fastly generally bundle security products along with their primary offerings. Pureplay cybersecurity incumbents, such as Palo Alto Networks, have been gradually building their product portfolio to keep up with industry trends, using acquisitions to bridge gaps and speed up go-to-market activities.

Incumbents in the endpoint security segment have historically offered traditional antivirus software to retail and enterprise customers. These companies have improved their offering to feature AI and behavior analytics to detect known and unknown threats. These companies have also started building endpoint detection and response (EDR) tools to leverage automation and machine learning.

In-house development

Acquisition

Microsoft
check
check
Akamai
check
check
Fastly
check
Palo Alto Networks
check
check
Check Point
check
check
FireEye
check
check
Sophos
check
check
RSA Security
check
check
Fortinet
check
check
BitDefender
check
check
F-Secure
check
check
Kaspersky Lab
check
Trend Micro
check
check
Blackberry
check
check
Acronis
check
check
VMware
check
Dell Technologies
check
Accenture
check
Nuvolo
check
Barracuda Networks
check
check
Jamf
check
Pixel Holdco (Cyphra)
check
Rapid7
check
check
Sysdig
check
check
Tanium
check
Tenable
check
check
Crossword Cybersecurity
check
F5 Networks
check
check
Microsoft

Microsoft bundles cybersecurity solutions with its Microsoft Azure and Microsoft 365 products. Under Microsoft Azure, the company offers solutions to protect cloud workloads using a combination of tools for identity and access management, monitoring, and response which leverage AI and behavioral analytics. Microsoft's cloud security offerings are delivered via the “Azure Security Center'' platform that since 2016 has allowed users to manage security features in their Azure cloud deployments. Microsoft also offers the ability for developers creating applications on Azure’s service to protect their cloud-native applications.

Microsoft 365 includes Microsoft Defender for enterprise endpoint protection which includes next-generation antivirus (NGAV) solutions and endpoint detection and response (EDR) tools. Microsoft also offers protection for industrial internet of things (IoT) applications and in 2017 committed an annual investment of USD 1 billion per year toward cybersecurity R&D. 

Microsoft has also acquired startups in this space to strengthen its product offerings. The company acquired Refirm Labs in June 2021 for an undisclosed amount. Refirm Labs was founded in 2017 and is the developer of the analysis tool Binwalk Enterprise, an open-source software used by over 50,000 businesses globally to identify firmware and security issues on IoT devices. This acquisition was the company's second in the IoT security space following the acquisition of CyberX for USD 165 million in June 2020. CyberX was founded in 2013 with a focus on detecting and predicting risks to IoT devices. Other notable acquisitions include the Israeli cloud security startup Aorato for USD 200 million in 2014 and Adallom for USD 320 million in 2015. In July 2021, Microsoft had reportedly agreed to acquire RiskIQ for an all-cash consideration of more than USD 500 million. RiskIQ provides an attack surface management software for organizations to detect security threats over corporate networks and devices to secure their Enterprise Digital Footprint (EDP). The acquisition will integrate RiskIQ’s technology to Microsoft Azure cloud services and expand Microsoft’s security products and services, to provide improved protection for its customers. Microsoft also acquired the CIEM startup CloudKnox Security during the same period. CloudKnox uses its patented activity-based authorization protocol to provide continuous monitoring, enforcement of least-privilege principles, and analytics to provide automated remediation across hybrid and multi-cloud environments. The acquisition expanded Microsoft’s cloud security and zero-trust monitoring with the integration of CloudKnox’s privileged access and CIEM tools in Microsoft Azure Active Directory services. The acquisition will also offer Microsoft customers a unified multi-cloud platform that provides access policy enforcement for all identities, ML-based anomaly detections, and integration with other Microsoft cloud security services, including Microsoft 365 Defender, Azure Defender, and Azure Sentinel.

In January 2021, Microsoft claimed that its cybersecurity business has recorded revenues in excess of USD 10 billion over the preceding twelve months with a cybersecurity unit serving more than 400,000 customers.

Notable Investors

Funding data are powered by Crunchbase

By using this site, you agree to allow SPEEDA Edge and our partners to use cookies for analytics and personalization. Visit our privacy policy for more information about our data collection practices.