Technology
Business
cybersecurity
Investing
Cloud Security
Network Security
Applications
Tech sectors
Enterprise
Users
Endpoint
Network traffic
IT Databases
Cloud
Endpoint Protection
App & Web security
Cybersecurity is one of the fastest growing tech sectors today as a result of Cyberattacks increasing 2300% over the past few years!
This critical industry can be complex to fully understand it all.
In this thread, I'll breakdown the entire cybersecurity industry into steps:
This critical industry can be complex to fully understand it all.
In this thread, I'll breakdown the entire cybersecurity industry into steps:
1/ First principles, the modern enterprise corporation is made of:
1) Users
2) Endpoint such as computers, devices, etc
3) Applications (Web, System)
4) Network traffic: In/Out
5) IT Databases
6) Cloud
This is a conceptual high-level breakdown by BoA.
h/t: @SaaScalSiakam
1) Users
2) Endpoint such as computers, devices, etc
3) Applications (Web, System)
4) Network traffic: In/Out
5) IT Databases
6) Cloud
This is a conceptual high-level breakdown by BoA.
h/t: @SaaScalSiakam
2/ Due to this enterprise make-up, Cybersecurity can broken into these *broad* categories:
1. Endpoint Protection
2. DevOps, Observability and Security Response
3. Network security
4. App. & Web security
5. Cloud security
Today, I'll cover the most central part of security.
1. Endpoint Protection
2. DevOps, Observability and Security Response
3. Network security
4. App. & Web security
5. Cloud security
Today, I'll cover the most central part of security.
3/ Caveat: Terminologies:
I'll use many abbreviations in this thread. I recommend going over @hhhypergrowth foundational piece on cybersecurity. This is the best - hhhypergrowth.com
(Also Feel free to Google a term and they'll generally show-up).
I'll use many abbreviations in this thread. I recommend going over @hhhypergrowth foundational piece on cybersecurity. This is the best - hhhypergrowth.com
(Also Feel free to Google a term and they'll generally show-up).
4/ Let's begin w/ Endpoint protection & MSSP:
As discussed Endpoint is abt protecting devices and workloads AND the users of these platforms. This is the largest TAM of c-security.
Below is an industry overview breakdown -
(On slide 3 has terminologies we'll use throughout)
As discussed Endpoint is abt protecting devices and workloads AND the users of these platforms. This is the largest TAM of c-security.
Below is an industry overview breakdown -
(On slide 3 has terminologies we'll use throughout)
5/ I'll begin w/ MSFT
Microsoft is one of the most underrated players but $MSFT has one of the best endpoint (EPP) products on market. They dominate many areas of security.
Based on convo's w/ experts, MSFT has silently acquired BoB Co's in Israel to bolster their offering.
Microsoft is one of the most underrated players but $MSFT has one of the best endpoint (EPP) products on market. They dominate many areas of security.
Based on convo's w/ experts, MSFT has silently acquired BoB Co's in Israel to bolster their offering.
6/ $CRWD:
Highly popular name but as everyone knows, $CRWD is a key player in the endpoint protection, response, management and detection space. Importantly, now the cloud Workload protection market.
Highly popular name but as everyone knows, $CRWD is a key player in the endpoint protection, response, management and detection space. Importantly, now the cloud Workload protection market.
7/ $CRWD/Humio:
The next evolution of EPP/EDR is moving towards SIEM - Log Mgmt, Analytics, and observability i.e. ability to constantly track/analyze ALL data going in/out of an endpoint on cloud or anywhere - Data is gonna be key for XDR/EPP
More on Humio in the image below -
The next evolution of EPP/EDR is moving towards SIEM - Log Mgmt, Analytics, and observability i.e. ability to constantly track/analyze ALL data going in/out of an endpoint on cloud or anywhere - Data is gonna be key for XDR/EPP
More on Humio in the image below -
8/ Blackberry - $BB:
Ex popular BB, they have a product called $BB Spark which is now entirely focused on providing endpoint protection, endpoint management, encryption, and embedded services.
They have some components of Zero-trust and mobile protection due to their ex-past.
Ex popular BB, they have a product called $BB Spark which is now entirely focused on providing endpoint protection, endpoint management, encryption, and embedded services.
They have some components of Zero-trust and mobile protection due to their ex-past.
9/ Tanium:
Private Co that provides fully unified endpoint mgmt for larger enterprise products nd coordinating threats to IT operation teams.
Tanium is one of the largest cybersecurity co's on the private market (>$900M in Revs, >15$B Valuation).
More in Slide 2. One to watch:
Private Co that provides fully unified endpoint mgmt for larger enterprise products nd coordinating threats to IT operation teams.
Tanium is one of the largest cybersecurity co's on the private market (>$900M in Revs, >15$B Valuation).
More in Slide 2. One to watch:
10/SentinelOne- $S:
S1 was the last mover within the EPP Market, but their last arrival has allowed them to capitalize on loopholes all previous predecessors missed!
As a result, they have the *technically* best product in EPP/EDR.
More in the thread:
S1 was the last mover within the EPP Market, but their last arrival has allowed them to capitalize on loopholes all previous predecessors missed!
As a result, they have the *technically* best product in EPP/EDR.
More in the thread:
11/ $S x Scalyr:
As discussed earlier, the EPP/XDR market is competitively moving into who can capture the most data to better improve the accuracy of their AI Algorithm Agents to detect + manage threats on endpoints.
More on Scalyr:
As discussed earlier, the EPP/XDR market is competitively moving into who can capture the most data to better improve the accuracy of their AI Algorithm Agents to detect + manage threats on endpoints.
More on Scalyr:
12/ Finally, on EPP/EDR - SIEM/SOAR Industry:
Both Scalyr and Humio do similar things, but difference is that Humio is slightly larger, speed, index-free data ingestion.
Meanwhile, Scalyr is more into big data analytics for XDR implementation at scale which S1 hopes to utilize.
Both Scalyr and Humio do similar things, but difference is that Humio is slightly larger, speed, index-free data ingestion.
Meanwhile, Scalyr is more into big data analytics for XDR implementation at scale which S1 hopes to utilize.
13/ Legacy EPP: I'll give credit to legacies Symantec, TrendMicro and McAfee as KEY Anti-Virus endpoint players in the sector.
They have the highest marketshare in *direct-to-consumer* sector
Innovator dilemma was their problem. $CRWD & $S have newer tech disrupting them.
They have the highest marketshare in *direct-to-consumer* sector
Innovator dilemma was their problem. $CRWD & $S have newer tech disrupting them.
14/ XDR, Observability, SecOps, SIEM and SOAR:
This is the marriage of Data Analytics, AI, and Cybersecurity.
This is the area where we are seeing the fact that a good security provider needs to capture the most data to feed their AI algorithms to win at security today.
This is the marriage of Data Analytics, AI, and Cybersecurity.
This is the area where we are seeing the fact that a good security provider needs to capture the most data to feed their AI algorithms to win at security today.
15/ The logical next step is discuss observability as it has some connections to SIEM & Log Analytics. Obv is about monitoring against threats and promptly alerting DevOps or Security ops teams
Observ. is dominated by $DDOG, $DT, and $SPLK
Players below:
Observ. is dominated by $DDOG, $DT, and $SPLK
Players below:
16/ $DDOG:
Datadog has a full cloud security platform they pride on being able to
advance DevSecOps by identifying threats using agent software many DevOps teams rely on.
$DDOG acquired a co named Sqreen that advanced AppSec.
Images below helps -
Datadog has a full cloud security platform they pride on being able to
advance DevSecOps by identifying threats using agent software many DevOps teams rely on.
$DDOG acquired a co named Sqreen that advanced AppSec.
Images below helps -
17/ $DT - Dynatrace:
Provide a similar service for application, infrastructure monitoring and log analysis. They also provide service for enterprise cloud platforms. This is decent and smaller version of $DDOG to play the space. They have slightly more AppSec coverage than DDOG.
Provide a similar service for application, infrastructure monitoring and log analysis. They also provide service for enterprise cloud platforms. This is decent and smaller version of $DDOG to play the space. They have slightly more AppSec coverage than DDOG.
18/ $SPLK
SPLK's strength is centralizing massive datasets from anywhere, analyzing that data, and then visualizing that info.
Their security edge is to capture, index/log, and correlate data for Ops teams.
SIEM/Security Analytics platform below:
SPLK's strength is centralizing massive datasets from anywhere, analyzing that data, and then visualizing that info.
Their security edge is to capture, index/log, and correlate data for Ops teams.
SIEM/Security Analytics platform below:
19/ Sumo-Logic - $SUMO:
Sumo plays within SecOps and provides similar services to the companies discussed above.
They provide machine-learning analytics platform for cloud log mgmt and managing/tracking incidents and potential threats for SecOps team.
Sumo plays within SecOps and provides similar services to the companies discussed above.
They provide machine-learning analytics platform for cloud log mgmt and managing/tracking incidents and potential threats for SecOps team.
20/ Synk (High-Potential!):
Sk plays a role in DevSecOps and security of open-source infrastructure and applications. They've developed a unique product that protects *newer version* of apps called containers.
This is my No 1 high-potential company to watch! More in the pics:
Sk plays a role in DevSecOps and security of open-source infrastructure and applications. They've developed a unique product that protects *newer version* of apps called containers.
This is my No 1 high-potential company to watch! More in the pics:
21/ Network, Infrastructure and Web Security:
This is a different sector entirely that has to do with protecting all the hundreds of networks and infrastructures in an org.
This is a different sector entirely that has to do with protecting all the hundreds of networks and infrastructures in an org.
22/ Fortinet - $FTNT:
One of the most dominant players in cybersecurity.
Biggest strengths are:
1) Security-driven networking(SD-WAN) & SASE
2) STRONG in hardware security
3) They have best in class financial profile.
This thread has the thesis:[
One of the most dominant players in cybersecurity.
Biggest strengths are:
1) Security-driven networking(SD-WAN) & SASE
2) STRONG in hardware security
3) They have best in class financial profile.
This thread has the thesis:[
23/ Application & Web Security:
As simple as the definition. There are niche players who compete in Web App Firewall (ie protect anything at the gate of a company's network).
With the rise of Microservices, we have newer types of cloud apps such container security (future topic
As simple as the definition. There are niche players who compete in Web App Firewall (ie protect anything at the gate of a company's network).
With the rise of Microservices, we have newer types of cloud apps such container security (future topic
24/ WAF/Web App
This is the area that Cloudflare $NET, Fastly $FSLY and $AKAM play a key role (note: they also provide more services like Edge security).
I've done extensive work on Cloudflare and comparing it to $FSLY
Feel free to read my work:
investianalystnewsletter.substack.com
This is the area that Cloudflare $NET, Fastly $FSLY and $AKAM play a key role (note: they also provide more services like Edge security).
I've done extensive work on Cloudflare and comparing it to $FSLY
Feel free to read my work:
investianalystnewsletter.substack.com
25/ Palo Alto Networks - $PANW:
PANW is almost a fully integrated cybersecurity co that covers almost ALL areas of security.
Their primary area is network security which includes all areas of On-prem security + Cloud Security. Also, SASE and NG Web Firewall Protection.
PANW is almost a fully integrated cybersecurity co that covers almost ALL areas of security.
Their primary area is network security which includes all areas of On-prem security + Cloud Security. Also, SASE and NG Web Firewall Protection.
26/ PANW Secret:
From convo's w/ experts, PANW has predominately been an on-prem player but over the last 5 yrs, they've been acquiring many best of the best high-potential startups within the ecosystem and patch them into products.
Now they cover almost all areas of security.
From convo's w/ experts, PANW has predominately been an on-prem player but over the last 5 yrs, they've been acquiring many best of the best high-potential startups within the ecosystem and patch them into products.
Now they cover almost all areas of security.
27/ Identity Access Mgmt(IAM)& I-Governance (IGA) are sectors that involve ensuring right ppl have access to the right info and correct access privileges (PAM). Sector has to do w/ Log-ins, Passwords etc.
The latest here trend is CIAM & SSO for Apps.
Players by sector below:
The latest here trend is CIAM & SSO for Apps.
Players by sector below:
28/ The best player/best tech in IAM & CIAM is $OKTA.
Everyone knows what OKTA does as indicated above, I've focused showing more of OKTA below.
IMO, this was one of the most potent M&A of 2021 bcos of the incredible synergies btw both Co's.
Below is a breakdown of OKTA+A0:
Everyone knows what OKTA does as indicated above, I've focused showing more of OKTA below.
IMO, this was one of the most potent M&A of 2021 bcos of the incredible synergies btw both Co's.
Below is a breakdown of OKTA+A0:
29/ $FORG:
FORG is a player within the identity market for SaaS applications. Company is a newer IPO.
I believe Forgerock has the potential to grow over the upcoming yrs.
FORG is a player within the identity market for SaaS applications. Company is a newer IPO.
I believe Forgerock has the potential to grow over the upcoming yrs.
30/ SailPoint - $SAIL:
Sail are the leaders in Data Access and Governance Mgmt. I was once invested in them. This is a really good company.
Other players to checkout are $TLS. Additionally, CyberArk $CYBR is a strong player in Privileged Access Mgmt.
Sail are the leaders in Data Access and Governance Mgmt. I was once invested in them. This is a really good company.
Other players to checkout are $TLS. Additionally, CyberArk $CYBR is a strong player in Privileged Access Mgmt.
31/ Future Companies to Watch:
From some of my work, these are the highest potential private security companies to watch w/ advanced technical products/growth:
a) Illumio
b) Netskope
c) Synk
d) 1Password
e) Tanium
f) Lacework.
What else?
From some of my work, these are the highest potential private security companies to watch w/ advanced technical products/growth:
a) Illumio
b) Netskope
c) Synk
d) 1Password
e) Tanium
f) Lacework.
What else?
32/ This thread primarily focused on 5- segments of cybersecurity namely - Endpoint, SecOps Data Monitoring, Network, Web App, and Identity access mgmt. These are the most dominant sectors of security.
In part 2 of this thread, I will cover emerging and fastest growing areas.
In part 2 of this thread, I will cover emerging and fastest growing areas.
33/ RN, I have no clue of valuations!
But my high conviction in EPP/EDR/XDR is $S
In SOAR/SIEM/SecOps: $DDOG
In Web/App/Edge Security: $NET
Overall Security: $PANW & $FTNT
If I had to make a BET on a co that could surprise in 2022-23. I'll go $OKTA (Auth0) from my research
But my high conviction in EPP/EDR/XDR is $S
In SOAR/SIEM/SecOps: $DDOG
In Web/App/Edge Security: $NET
Overall Security: $PANW & $FTNT
If I had to make a BET on a co that could surprise in 2022-23. I'll go $OKTA (Auth0) from my research
34/ Credits to MomentumCyber for many of the graphics above. For anyone who wants to learn more, they are BEST at C-security analysis.
Experts:
1) @hhhypergrowth
2) @StackInvesting
3) @convequity
4) Big Security VC's to follow: Accel!!, Tiger is somewhat part of the best deals
Experts:
1) @hhhypergrowth
2) @StackInvesting
3) @convequity
4) Big Security VC's to follow: Accel!!, Tiger is somewhat part of the best deals
35/ Tl;dr of my thread is that C-security is highly-fragmented and is extremely competitive industry than many recognize. Its tough to win.
This is why growth continues to be one of the best indicators of a strong product & performance in this industry.
This is why growth continues to be one of the best indicators of a strong product & performance in this industry.
36/ This is the latest version of the breakdown for the entire security industry.
Blue text indicates areas covered today:
Blue text indicates areas covered today:
37/ I'll cover everything on Cloud security, SASE, Data Analytics XDR, next week.
These are the fastest growing sectors of security that experts believe will grow the most over the next decade.
This is the NL to subscribe too for that version:
investianalystnewsletter.substack.com
These are the fastest growing sectors of security that experts believe will grow the most over the next decade.
This is the NL to subscribe too for that version:
investianalystnewsletter.substack.com
38/ There's lot of info to review/digest from this thread which is why I'll split it.
Thanks for reading if you're still here lol. I wanna open it for questions or what have I missed for these sectors? Open to feedback!
I'd appreciate a share if this was helpful. Thanks folks!!
Thanks for reading if you're still here lol. I wanna open it for questions or what have I missed for these sectors? Open to feedback!
I'd appreciate a share if this was helpful. Thanks folks!!
Loading suggestions...