CRN SECURITY 100

Gary Steele

President, CEO

Security updates in Splunk Enterprise

9.0 include the expansion of Federated Search functionality to enhance and simplify security investigation and the introduction of Splunk Assist, a fully managed cloud service within the platform that can provide insight about a customer’s security environment.

Venafi

ZeroFox

Ramin

Sayar President, CEO

Sumo Logic recently launched support for Amazon Security Lake, which will enable the company to ingest data from the AWS security data lake and ultimately provide customers with improved detection, investigation and response across their AWS, hybrid and onpremises environments.

Amit Yoran Chairman, CEO

In October, Tenable unveiled its exposure management platform, Tenable One, which aims to dramatically accelerate the identification and remediation of security vulnerabilities. The platform brings together vulnerability management with external attack surface management, identity management and cloud security data.

Je Hudson CEO

Securing the use of machine identities is considered critical in the age of their rapid growth. Venafi recently introduced Venafi Control Plane for Machine Identities, which enables better management and reduced security risk across cloud, on-premises, hybrid and edge environments.

James Foster Chairman, CEO

ZeroFox leverages

AI-powered analytics and a variety of data sources to identify and shut down major cyberthreats that originate externally—outside the typical security perimeter— such as targeted phishing and brand hijacking. The company‘s technology works in part by analyzing millions of online posts and messages daily.

The rise in headline-making critical vulnerabilities is a prime reason why application security needs an overhaul. From vendors o ering developer-friendly code security tools to those protecting websites against cyberattacks, here‘s a look at 20 key web, email and application security companies.

Akamai Technologies

Tom Leighton Co-Founder, CEO

Akamai’s cybersecurity o erings include application and API security, such as capabilities for blocking malicious web activity. Other capabilities include protection against DDoS attacks, abuse and fraud protection, and technologies for enabling a zero trust security posture.

Barracuda Networks

Hatem Naguib President, CEO Barracuda serves small and midsize enterprises with a broad suite of security offerings, including email protection, application security, network security and data protection. The company has expanded into extended detection and response with its Barracuda XDR service supported by a 24/7 Security Operations Center.

Emmanuel Benzaquen CEO

Checkmarx, an application security testing tool company, recently expanded its portfolio with the introduction of API security. The o ering, which builds on the Checkmarx Fusion vulnerability correlation platform, aims to comprehensively inventory and remediate all APIs in use, including ”shadow” APIs.

Cloudflare

F5

François Locoh-Donou

President, CEO iboss

Recent additions to the F5 security portfolio arrived via the debut of F5 Distributed Cloud Services. The suite includes application security o erings such as Web Application and API Protection, combining web application firewall, DDoS protection and API security.

Paul Martini

Co-Founder,

CTO, CEO

The iboss security platform, focused on enabling a zero trust security posture, includes a range of capabilities such as authorization and access controls, cloud access security broker, data loss prevention, malware and ransomware defense, and browser isolation.

Imperva

Pam Murphy CEO

Imperva’s portfolio of application security products includes web application firewall, advanced bot protection, API security, DDoS protection, runtime protection and serverless protection. Within data security, Imperva’s lineup includes protection for sensitive data and advanced data governance.

Matthew

Prince Co-Founder, CEO

Cloudflare has a sizable portfolio of security services for the modern network, spanning DDoS mitigation, zero trust network access, cloud security access broker, secure web gateway and browser isolation. The company has also moved into email security with its acquisition of Area 1 Security.

Lacework

Jay Parikh CEO

Lacework o ers a datapowered cloud security platform that collects and analyzes data from across cloud environments and supplies customers with key insight. The platform is powered by Lacework’s Polygraph machine learning engine that aims to significantly reduce alert volumes while identifying the most pressing threats.

Alan Naumann Chairman, President, CEO Contrast Security offers its Secure Code Platform that aims to enable security to be baked into applications more easily as well as scanning capabilities for identifying and fixing vulnerabilities via Contrast Scan. Contrast Assess, meanwhile, detects and prioritizes vulnerabilities on a continuous basis.

Amir

Ben-Efraim

Co-Founder, CEO

Menlo Security’s cloud-native platform includes products such as secure web gateway, remote browser isolation, cloud access security broker, email isolation, data loss prevention and cloud firewall. A key focus of the platform is on preventing threats that are particularly evasive to security controls.

Peter Bauer

Co-Founder, CEO

Mimecast recently launched its X1 Platform, aimed at reducing security risks from the growth of hybrid work. Features include X1 Precision Detection, which applies “the right detection capabilities at the right time,” and X1 Data Analytics, which ingests and correlates the huge data volumes generated by its products.

Sanjay Beri Founder, CEO

Originally known for its cloud access security broker technology, Netskope has expanded to offer a full secure access service edge platform—which, in addition to CASB, offers secure web gateway, zero trust network access, cloud firewall, data loss prevention, remote browser isolation and advanced analytics.

Ofer Ben-Noon

Snyk has products for scanning and remediating code security issues that are designed to be developer-friendly to help enable application security issues to be caught and addressed earlier in the process. The company has also expanded into cloud security posture management with the acquisition of Fugue.

Talon’s secure Chromium-based browser, TalonWork, is aimed at helping to protect organizations with hybrid environments. The browser is hardened against zero day exploits and isolates the work environment from device malware while also providing visibility and governance over SaaS applications and offering advanced network inspection capabilities.

Ashan Willy CEO

Proofpoint expanded its threat protection platform with new capabilities for improved visibility and detection of email fraud and recently integrated its advanced email protection offering with Microsoft Defender for Endpoint. In December, the company unveiled a deal to acquire identity threat detection and response vendor Illusive.

Sumedh Thakar

President, CEO

Qualys has a range of o erings across cloud security, asset management, IT security, compliance and web application security. Last year, it launched its extended detection and response platform that uses unique context gleaned from the Qualys asset inventory, patch management and vulnerability management systems.

Roey Eliyahu

Co-Founder, CEO

Salt Security’s API Protection Platform aims to identify and remediate vulnerabilities and other risks in APIs, prior to exploitation by attackers. The platform works by creating a baseline from millions of users and APIs, detecting malicious reconnaissance activity and then blocking the activity.

vArmour offers its Application Policy and Protection

Module, which creates a baseline from the behaviors and relationships of data, apps, services and users and then enables the orchestration of policies in the event of abnormal behavior. Other products include the Data Flows Module to increase control over multi-hop application relationships.

Veracode product enhancements have included updates to its Continuous Software Security Platform, which have brought new features to developers such as extended integrations that support software composition analysis and an API for improving application visibility through a software bill of materials.

Among the many product updates by Zscaler last year were enhancements aimed at simplifying data loss prevention through “zero configuration” capabilities, AI-powered capabilities for its Zero Trust Exchange including phishing prevention and segmentation, and zero trust network access capabilities such as enhanced lateral movement detection.