The 2020 Security 100

CRN's annual Security 100 list helps solution providers decide what technologies and vendors they should place their bets on in the crowded and complex security vendor market.

The CRN Security 100 helps guide solution providers on which technologies and vendors they should place their bets on in the crowded and complex security vendor market. The list, which appears on the following pages, is intended to help them differentiate their line card and break into high-margin emerging technologies by providing an in-depth look at 100 channel-centric vendors across five major market segments.

Network security companies are grappling with attackers trying to find and exploit the vulnerabilities of networks, going after everything from devices and applications to data, users and locations. Market growth has been driven by protecting and mitigating against DDoS attacks as well as safeguarding against emerging IoT, OT, and industrial control system threats.

Three network security vendors on our list wanted to synthesize the collection and analysis of disparate data as well as automate the response to issues with SOAR (Security Orchestration, Automation and Response) tools. This drove Palo Alto Networks’ $560 million buy of Demisto, FireEye’s $250 million purchase of Verodin, and Fortinet’s $28 million buy of CyberSponse.

Endpoint security vendors, meanwhile, are helping customers address an increasing number of costly attacks and breaches, with the potential for centrally managed protection and administration. The adoption of managed services to boost productivity and address stricter security, compliance and data integrity rules has driven growth in the space.

Four endpoint security companies on our list tapped someone new to lead them, with top Avast lieutenant Ondrej Vlcek being promoted to CEO, BlackBerry Cylance promoting Daniel Doimo to president, Art Gilliland taking control over Symantec Enterprise Security when it was sold to Broadcom, and McAfee tapping exBMC and Polycom executive Peter Leav as its new CEO.

In the SIEM, risk, and threat intelligence space, enterprises are expected to double down on threat intelligence to stay informed about exploits, zero-day threats and advanced persistent threats. A larger attack surface due to more mobile device usage and greater exchanging of data has forced businesses to become more aware of cyberthreats and invest in flexible and scalable strategies.

Three companies on our list secured six-figure funding rounds in 2019, with Sumo Logic getting $110 million in a May round led by Battery Ventures, Vectra in June closing a $100 million round led by TCV, and KnowBe4 receiving a $300 million investment from KKR also in June.

From a web, email and application security standpoint, security is becoming increasingly central to software program design. Building in security features reduces the likelihood that unauthorized code will be used to gain control over programs and steal, modify or delete information.

Vendors have invested heavily in strengthening their position in the space via acquisition, capped off by F5 Networks’ $1 billion acquisition of Shape Security. Other major acquisitions included Proofpoint’s $225 million purchase of ObserveIT and $120 million buy of Meta Networks; Mimecast’s purchases of DMARC Analyzer and Segasec; Imperva’s buy of Distil Networks; and Zix’s acquisition of DeliverySlip.

When it comes to data protection and identity access management, the cloud and an increase in digital transformation have driven the demand for efficient information management.

Four vendors on our list secured at least six figures over the past year, with OneLogin kicking it off in January with a $100 million round, Auth0 raising $103 million in May in another round led by Sapphire Ventures, Druva raising $130 million in a June round led by Viking Global Investors, and BigID raising $50 million of funds in September and another $50 million in January.