Top cybersecurity companies to watch in 2022
Mohamed Al Ayachi, Director Technology & Solutions
The cybersecurity landscape is massively expanding while attack strategies keep evolving, fueling the cybercrime epidemic. Cyber threats evolved from targeting and harming computers, networks, and smartphones — to humans, cars, railways, planes, power grids and anything with an electronic pulse. Expectations are that cybercrime damages cost the world 10.5 trillion US dollars by 2025. And in general, the belief is that cybercrime costs will grow 15% per year over the next five years.
This growth is powered by the Internet of Things. Forbes expects there to be 75 billion smart devices in the world by 2025. Unfortunately, securing devices and objects such as cars, medical instruments, sensors, manufacturing machines, home appliances and phones that could be ‘talking’ to each other, is a major challenge for the years to come.
Cybercriminals continue to leverage the impact of the COVID-19 pandemic. In 2021, they adapted their attack strategy to exploit vaccination mandates, elections and the shift to hybrid work. These criminals want to target organisations' supply chains and networks for them to achieve maximum disruption, also for the coming year. Cybercriminals will also find new opportunities for attack with deepfakes, cryptocurrency, mobile wallets and more.
Cybersecurity companies provide solutions and services that are increasingly committed to preventing just that. With that in mind, we’ve listed the top cybersecurity companies for you to watch in 2022.
Palo Alto Networks
Palo Alto Networks is a well-known global cybersecurity company serving more than 50.000 customers. Its Next-Generation Firewalls and cloud-based security products are used by more than 85 of the Fortune 100 companies and 63% of the Global 2000. The company has around 5.100 employees worldwide.
Palo Alto Networks has been positioned as a leader in the Gartner Magic Quadrant for Network Firewalls for ten consecutive times, including 2021. The PA-series' Next-Generation firewalls reduce response times with automated policy-based actions, and you can automate workflows via integration with administrative tools, such as ticketing services, or any system with a RESTful API.
Their core Security Operating Platform helps keep out hackers through automation, such as automated routine tasks and enforcement. In addition to cloud and enterprise solutions, Palo Alto also offers Cortex XDR, the company’s AI-based continuous security platform.
While best known for its next-generation firewall, Palo Alto Networks also has add-on offerings, including Traps for endpoint protection, Prisma Access (SASE) and Aperture, a SaaS-based cloud access security broker (CASB). Palo Alto Networks uses machine learning to help identify variations of known threats and patterns in attacks. In this way they can accurately predict the next stages of an attack, then automatically create and implement protections for customers in near real-time.
With Prisma Access they have also jumped in the much-needed technology to secure remote workers. It enables secure access from anywhere with their cloud-delivered, tier-one network, eliminating the complexity of using disjointed products. Prisma® Access delivers comprehensive networking and security in a single Secure Access Service Edge (SASE) designed for all traffic, all applications, and all users.
This year Palo Alto teamed up with NETSCOUT. They announced a security solutions integration that enhances security operations, coupled with advanced DDoS protection, which helps customers more quickly resolve threats while reducing complexity.
Acquisitions by Palo Alto Networks
In 2021 Palo Alto Networks acquired one security company:
- Bridgecrew: enable "shift left" security, with Prisma Cloud becoming the first cloud security platform to deliver security across the full application lifecycle.
Fortinet is recognised by Gartner as a Leader for Network Firewalls in the 2021 Magic Quadrant for the 12th time. The company has over 450,000 customers around the world and has a broad portfolio covering secure SD-WAN, cloud security, network security, application security, email security, and secure access, all supported with a single pane of glass management across the entire attack surface.
Their Unified Threat Management solution consolidates multiple security and networking functions with one unified appliance that protects businesses, but also because it simplifies infrastructure.
With its innovative approach, they help improve SD-WAN security, cloud security and cloud on-ramp. Protecting businesses against the ever-changing threat landscape, their portfolio of security, networking, and business productivity solutions is growing and are tightly integrated to ensure that today’s organisations can confidently build the digital business infrastructure they need without compromising on security. Fortinet combines custom security processors, an intuitive operating system, and applied threat intelligence. Their FortiGate Next-Generation Firewalls are powered by Security Processing Units (SPUs), AI-driven FortiGuard Labs and deliver industry-leading threat protection, and high performance that helps reduce costs, complexity, and risks.
Acquisitions by Fortinet
In 2021 Fortinet has acquired two security companies:
- Sken.ai: a DevOps-first AppSec product, offering continuous AppSec Testing. DevOps personnel can use this product, even without AppSec expertise. Just by adding two lines of code, Sken.ai can seamlessly integrate with all major DevOps CI/CD platforms.
- ShieldX: they offer a software-defined network security platform designed to protect infrastructure services that span multiple physical, virtual, and cloud-based environments.
Crowdstrike marries advanced endpoint protection with intelligence since it was founded in 2011. The CrowdStrike Falcon endpoint protection platform was built from the ground up to address the challenges posed by modern attacks and to stop breaches. It delivers a single lightweight agent for prevention, detection, threat hunting, response, remediation, vulnerability assessment and IT hygiene.
Their Falcon prevents framework touts five-second visibility on all endpoints, past and present, while also reducing cost and complexity. CrowdStrike provides cybersecurity services that include threat intelligence, next-gen antivirus, incident response, ransomware blocking and endpoint detection and response.
In the CrowdStrike 2021 Global Threat Report, they report on today's cyber threats and adversaries. The report covers real-world scenarios and observed trends in attackers’ ever-evolving tactics, techniques and procedures and offers practical recommendations to protect your organisation in the coming year. This year’s highlights include:
- The COVID-19 pandemic and its effect on cybersecurity
- “Big game hunters” targeting the healthcare sector
- Significant nation-state-based targeted attacks and operations observed from China, Iran, DPRK, Russia and others
- The pivotal role that access brokers play in the eCrime ecosystem
- How ransomware adversaries are rapidly adopting data extortion methods
- Recommendations you can take to proactively address emerging threats
In 2021 Crowdstrike was named a leader in the Magic Quadrant for Endpoint Protection Platforms (EPP). They have been able to maintain their leader position and also have obtained the furthest position in the completeness of vision in the quadrant. Also in the 2021 Forrester Wave for Endpoint Security Software as a Service CrowdStrike was named a leader. In addition to its position as a Leader, CrowdStrike also received the highest possible score in 17 of the 24 criteria in the evaluation.
Acquisitions by Crowdstrike
In 2020 Crowdstrike has acquired two security companies:
- Humio: a provider of high-performance cloud log management and observability technology. This will further expand the Falcon Security Cloud XDR capabilities
- SecureCircle: a SaaS-based cybersecurity service that extends zero trust security to data on, from and to the endpoint.
Cisco Umbrella is a cloud security solution providing secure access to the internet and secure usage of cloud apps. Having developed a cloud-delivered firewall, a web gateway, DNS Security and CASB solution, Cisco Umbrella proves to be an effective cloud-native platform solution, providing the multi-layered approach many security engineers look for. It’s a smart proxy only routing traffic to risky destinations through its network while safe content is accessed directly with no delay.
The investigate tool helps you to see relationships of domains, IPs and malware. Cisco’s Threat Intelligence not only investigates attackers’ infrastructures but is also able to predict future threats. In this way, current and developing threats such as malware can be exposed, so incident investigation and response times reduce significantly.
In 2019 Cisco Umbrella expanded to integrate more security functions in a single service. All Umbrella packages also integrate with Cisco SD-WAN, being delivered from the cloud security service.
Cisco offers a large range of cybersecurity solutions; SASE, XDR, zero trust and more. That is why they have developed SecureX. It is a cloud-native, built-in platform experience that connects the Cisco Secure portfolio and your infrastructure. The benefits of SecureX are that it reduces dwell time of threats by 72%, you can collaborate better and save 100 hours on average by orchestrating and automating security across SecOps, NetOps and ITOps teams.
Acquisitions by Cisco
In 2021 Cisco has acquired several companies, but one is focussing on security:
- Kenna Security, Inc.: is a risk-based vulnerability management technology that enables organisations to work cross-functionally to rapidly identify, prioritise and remediate cyber risks.
Netscout (Arbor Networks)
Securing your cloud against DDoS attacks is vital for service continuity. If you’re looking for critical aspects of DDoS protection, including the vital features to have in any DDoS protection product, Netscout is the cybersecurity company to turn to. Formerly being Arbor Networks, Netscout is on its way to completing the second decade of its Anti-DDoS lifespan, offering the classical combination of Arbor Sightline and TMS that continues to prove its effectiveness across many industries.
Arbor Sightline is an anomaly detection system. It is based on sampled netflow, capable of performing enhanced reporting, alarming, automated mitigation in multiple phases and can even be triggered by their Availability Protection System (APS).
An extra powerful feature is that any third-party script or application for mitigations can be triggered by external and existing logic.
Important to note is that TMS’s detection service also makes use of (and helped set up) the ATLAS Intelligence Feed (AIF), providing insight and expert analysis for DDoS protection. With the Arbor Security Engineering & Response Team (ASERT), dedicated to discovering and analysing emerging threats and developing targeted defences, Arbor has both visibility and remediation capabilities at nearly every tier one operator and a majority of service provider networks globally. ASERT shares this operationally viable intelligence with hundreds of international Computer Emergency Response Teams (CERTs) and with thousands of network operators via inband security content feeds. Being part of ATLAS, actively monitoring Internet threats around the clock and the globe via ATLAS, ASERT gives you another good reason to consider Arbor’s anti-DDoS solutions.
According to Forbes Juniper has wisely pivoted its products to software that can be delivered from the cloud. This is a smart move as the market for on-premises routing and proprietary enterprise hardware is stuck in a slow-growing rut. Of course, they still support their enterprise customers that want to use on-premises hardware. Juniper has expanded its addressable market with a comprehensive cloud-based security stack, as well as software solutions.
Security solutions introduced in 2021
In May 2021 Juniper introduced Security Director Cloud. A cloud based-portal that distributes connectivity and security services to sites, users and applications, as well as managing customers' Secure Access Service Edge (SASE) transformation. It bridges organisations' current deployments with their future SASE rollouts by providing security that is managed anywhere and everywhere, on-premises and in the cloud, from the cloud. They also introduced their Secure Connect VPN client, targeting Zero Trust Network Access (ZTNA). This extends the capabilities of the Juniper Connect Security portfolio.
With the acquisition of 128 Technology in 2020 Juniper acquired session SD-WAN technology to deliver micro-segmentation for applications in distributed cloud environments. This all adds up to a broad mix of cloud-based security options that can be combined with Juniper's hardware- and software-based NGFW, the SRX and vSRX series.
F5 has a broad suite of enterprise security solutions. Their solutions are available in any environment, wherever you deploy your apps: on-premises, private-, public- or multi-cloud. These performance and security services include load balancing, DNS services, web application firewalls (WAF), identity and access federation, and DDoS mitigation.
According to F5 applications power business of all sizes. Critical as they are, applications can put your business at risk as applications and their data are a focal point for today's attacks. To protect your business they have several security solutions. We'll explain a few.
Traditional DDoS solutions focus on a narrow range of attacks. The DDoS Hybrid Defender of F5 provides a greater depth of defence. It's a multi-layered defence that protects against blended network attacks and sophisticated application attacks. While enabling full SSL decryption, anti-bot capabilities, and advanced detection methods—all in one appliance. With F5's Advanced WAF you are protected against the latest attacks with behavioural analysis, proactive bot defence and application-layer encryption of sensitive data such as login credentials.
In 2019 F5 acquired Shape Security. Shape protects web and mobile applications and API endpoints from these sophisticated automation attacks that would otherwise result in large scale fraud. To websites and mobile applications, attackers appear virtually identical to genuine users by hijacking their devices, simulating human behaviour, and leveraging stolen identities. Attackers rapidly evolve tools and methods, making it nearly impossible for apps or even humans alone to tell the difference between real and fake. Shape solutions leverage artificial intelligence and machine learning, among other technologies, to accurately determine in real-time if an application request is from a fraudulent source, and if so, effectively mitigate
Acquisitions by F5
In 2021 F5 has acquired one security company:
- Threat Stack: They offer cloud security and compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads.
Vectra AI applies artificial intelligence that detects and responds to hidden cyber attackers inside cloud, data centre and enterprise networks. The company's Cognito platform provides high fidelity alerts instead of more noise and does not decrypt your data so you can be secure and maintain privacy.
The Vectra NDR platform collects, detects and prioritises high-fidelity alerts in real-time and responds with automated enforcement or alerts to security personnel. Security teams use this information for threat hunting and retrospective investigations via a subscription service. To build customised security analytics, Vectra enriches and streams the data to SIEMs and data lakes.
In Vectra's predictions for 2022 they highlight the changing tactics among ransomware gangs, and the fact that multi-factor authentication is no longer enough to thwart threat actors. Vectra believes ransomware, which is now increasingly thought of as RansomOps, will now pivot its attention to the exfiltration and encryption of cloud data. They also foresee a rise in the demand for managed detection and response (MDR), and especially its capacity to automate key security tasks. The company attributes the upcoming surge to the continuing skills gaps in the regional cybersecurity field, coupled with the increase in complexity of technology environments.
Nomios’ cybersecurity vendors
These vendors form the core of our cybersecurity architecture that aims at supporting our customers in the transition to a Zero Trust Access and SASE architecture. Combining the innovation power of these cybersecurity leaders and the Nomios local skilled resources are key success factors for a successful security architecture transition for maximum security, lower costs and best user experience with IT services to increase productivity.
Do you want to know what Nomios can do for your cybersecurity? Get in touch with us today!