q advisors – cybersecurity private vendor matrix

Sub-Sector Company Product Description

(IAM)/(DG) Personal data and network analytics platform

1touch.io discovers, maps, and tracks personal data in the enterprise network, using unique and proprietary network analytics.

(SA) Cyber Intelligence and Digital Identity Protection

ACID SaaS is an advanced, customized intelligence gathering and analysis platform for early detection of diverse threats.

(CS)/(DSO)

Keys Management-as-a-Service solution, made to protect Hybrid and Multi-Cloud environments

Akeyless is an enterprise-grade holistic solution made to protect and manage Encryption Keys, TLS Certificates, Passwords, etc. Backed by Jerusalem Venture Partners and JVP Media Labs.

(DSO) Kubernetes-native security platform

Alcide provides a K8s-native, AI-driven security platform for configuration risks, visibility, runtime security events, and a single policy framework across Kubernetes clusters.

1

Q Advisors – Cybersecurity Private Vendor MatrixBy Dmitry Netis & Jordan Rupar / 7.30.2020

Cloud Security(“CS”)

Data Governance(“DG”)

DevSecOps(“DSO”)

Endpoint Security(“EPP”)

Email Security(“ES”)

Identity and Access Management

(“IAM”)

Network Security(“NS”)

Security Analytics and Automation

(“SA”)

Security Information and Event Management

(“SIEM”)

Q Advisors assembled over 100 vendors within cybersecurity, selling a multitude of services across nine distinct cybersecurity sub-segments


(EPP)SaaS-enabled managed detection and response (MDR)

Alert Logic continuously identifies and addresses breaches and gaps.

(NS)/(DSO) Network security, cloud security and DevSecOps

AlgoSec automates network security policy management to make enterprises more agile, secure and compliant. Private Equity backed by Claridge Israel.

(CS)/(IAM) Cloud Network Security andMicroservices Security

Aporeto provides security for containers, microservices, cloud and legacy applications based on workload identity, encryption, and distributed policies.

(CS)/(DSO) Cloud native security and container protection

Aqua provides security for cloud native apps & infrastructure: containers, serverless and VMs,across all platforms and clouds.

(NS)Solution for reducing risk from unmanaged IoT/OT devices

Armis addresses the new threats of unmanaged IoT devices.

(SA) Attivo ThreatDefend™ Deception Platform

Attivo provides an active defense for early detection, forensics, and automated incident response to in-network cyberattacks.

(IAM)Identity management platform for application builders

Auth0 provides the simplicity, extensibility, and expertise to scale and protect identities.

(CS)/(DSO) Privileged Access Management

BeyondTrust prevents data breaches related to stolen credentials, misused privileges, and compromised remote access. Private Equity backed by Francisco Partners.

2

Q Advisors – Cybersecurity Vendor Matrix


(CS)/(DG) Data privacy and protectionBigID helps organizations manage and protect their customer data, and meet data privacy and protection regulations.

(DG) Email, cloud storage and IM threat protection

BitDam blocks advanced content-borne attacks across all enterprise communication channels. Venture Capital backed by Taya Ventures.

(EPP) Next-generation endpoint security

Bitdefender develops and provides anti-virus software, internet security software and endpoint security software. Private Equity backed by Vitruvian Partners.

(CS)/(IAM)Real-time end-to-end data protection, from the cloud to the device

Bitglass is a global cloud access security broker (CASB) and agentless mobile security company.

(SA)/(DG) Security ratings platform

BitSight produces daily security ratings to help manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk.

(DSO)/(IAM)Multi-cloud-architected Identity-centric privileged access management

Centrify centralizes and orchestrates fragmented identities, improves audit and compliance visibility, and reduces risk for the modern, hybrid enterprise. Private Equity backed by Thoma Bravo.

(DSO) Software Security Platform

Checkmarx security platform unifies with DevOps and provides static and application security testing, software composition analysis, and developer application security awareness. Private Equity backed by Insight Partners.

(CS)/(SIEM) Firewalls, Network Access Control, SIEM

Claroty operates an operational technology (OT) security platform that enables engineers, operators, and cyber security professionals to protect and optimize OT networks.

3



(CS) Cloud security visibility

CloudPassage is an automation platform, delivered via software-as-a-service, that improves security for private, public, and hybrid cloud computing environments.

(DG) Data securityCode42’s solution quickly surfaces insider threats to trade secrets and other high-value files.

(DG)/(DSO)/(CS) Cloud native security and data protection

CyberArmor provides a streamlined DevOps and DevSecOps led model in which environments are deployed with inherent zero-trust.

(SA)/(EPP)/(DSO)

Endpoint detection and response, next-generation antivirus, managed monitoring and IR services

Cybereason detects behavioral patterns across endpoints and surfaces malicious operations.

(SA)/(IAM)/(DSO) Cloud-native all-in-one security platform

Cymatic is an AI-enabled Web Application Defense—including bot mitigation and threat intelligence—designed to mitigate shortcomings of conventional WAFs.

(EPP) Autonomous response technology

Darktrace protects against threats to the cloud, email, IoT, networks and industrial systems.

(IAM)Password and Identity-as-Service (IDaaS) management

Dashlane is a mobile and desktop app that provides identity and access management.

(CS) Container security

DivvyCloud protects cloud and container environments from misconfigurations, policy violations, threats and other security challenges.

4



(DG) Content intelligence platform

Eqnyte delivers smart content collaboration and governance in the cloud or on-premises. Backed by consortium of investment firms.

(SIEM) Security Management Platform

Exabeam collects log data, uses behavioral analytics to detect attacks, and automates incident response, both on-premises or in the cloud.

(SA)/(CS) Cloud native security

ExtraHop provides cloud-native network detection and response for the hybrid enterprise. Backed by several venture capital firms including TCMI.

(SA)/(CS)/(DG) Human-centric cybersecurity

The Forcepoint platform delivers risk-adaptive protection to continuously ensure trusted use of critical data and systems. Subsidiary of Raytheon.

(IAM)Comprehensive Identity and Access Management (IAM) solutions

ForgeRock securely connects people, devices, and things, so everyone and everything can interact in today’s IoT world.

(ES) Email Security, Takeover protection

Greathorn provides cyber security solutions for cloud communication infrastructure, stopping spear phishing, credential theft, and other highly targeted attacks.

(CS) Container-based cloud security

Built on a proprietary containerized architecture designed 100% for the cloud, Iboss cloud secures user Internet access. Private Equity backed by Goldman Sachs Private Capital.

(IAM) Number intelligence security platform

Iconectiv provides authoritative numbering intelligence to the global communications industry. Private Equity backed by Francisco Partners.

5



(SA)/(CS)/(EPP) Deception-based cybersecurity solutions

Illusive Networks provides tools that help security teams detect and resolve advanced attacks.

(NS) Data center and cloud traffic security tool

Illumio offers an Adaptive Security Platform (ASP), a data center and cloud traffic security tool. Backed by consortium of PE/VC firms.

(CS)/(DG) Application Security and Cloud Security

Imperva offers cloud based web applications and data security, including governance and compliance solutions. Backed by Thoma Bravo.

(DG)/(IAM)Identity Governance, Mobile IAM and Provisions, Secure Healthcare Communications

Imprivata provides identity, authentication, and access management solutions that are purpose-built for healthcare security, and compliance challenges. Private Equity backed by Thoma Bravo.

(CS)/(NS)Network Services, Security and Cloud Network Automation

Infoblox offers DDI solutions for enhanced reliability, and automation to cloud and hybrid systems for network management and customer experience. Private Equity backed by Vista.

(DG) Machine-Scale Data Protection

Iconic Security provides data access policy management, encryption key management and real-time policy enforcement. Backed by consortium of investment firms.

(DG)/(CS) Data loss prevention

ITsMine uses artificial intelligence, behavior analysis, and deception techniques to secure and protect all stages of digital data.

(CS)/(EPP)/(DSO) Continuous IntegrationJFrog empowers IT professionals to code high-quality applications that securely flow to end-users with zero downtime.

6



(CS)/(ES) Awareness training and simulated phishing platform

KnowBe4 provides security awareness training to help organizations manage social engineering, phishing and ransomware attacks.

DSO)/(DG) Cloud Workload ProtectionLacework provides security visibility, compliance & audit control and automatic threat defense.

(IAM) Password management

LastPass scales SSO and password management, helping IT be more secure and maintain compliance. Subsidiary of LogMeIn.

(SA)/(CS) NextGen SIEM Platform

LogRhythm delivers security and entity behavior analytics, network detection and SOAR solutions. Backed by consortium of investors including Thoma Bravo.

(SA)/(DG)/(CS) Intelligence-Driven Risk Management

LookingGlass Cyber Solutions delivers unified threat protection against cyber attacks by operationalizing threat intelligence.

(DG)/(EPP) Post-perimeter, cloud-first, mobile-first security

Lookout’s Security Cloud provides visibility into the entire spectrum of mobile risk. Backed by consortium of investment firms.

(CS) Malware defense

Malwarebytes provides AI-powered technology that stops cyberattacks for residential and businesses. Backed by consortium of investment firms.

(CS)/(EPP)/(DSO) Suite of IT management software

ManageEngine manages IT operations, from networks and servers to applications, service desk, active directory, security, desktops, and mobile devices. Company parent is ZOHO Corp.

7



(SA)/(DG)/(EPP) Device-to-cloud cybersecurity

McAfee provides solutions to overcome cybercrime and to make the connected world more secure. Private Equity backed by Intel, Thoma Bravo, and TPG.

(CS)/(EPP) Protection from web- and email- based cyberattacks

Menlo Security's patented Isolation Platform protects organizations from cyber attacks by eliminating the threat of malware. Backed by consortium of investment firms.

(CS) Customer engagement solutions

Netcall helps organizations radically improve customer experience through collaborative CX. Backed by consortium of investment firms.

(CS)/(DSO) Smart cloud securityNetskope provides cloud security based on hyperscale architecture. Backed by consortium of investment firms.

(DSO) Web Application Security Scanner

Netsparker provides a leading-edge web application security solution. Private Equity backed by Turn/River Management.

(DSO)AI-powered Dynamic Application Security Testing platform

NeuraLegion’s platform can scan any target, whether WebApps, APIs or devices, integrating security early to enhance DevSecOps with real-time, actionable reports of vulnerabilities.

(CS)/(DSO) Container Security PlatformNeuVector delivers security from DevOps vulnerability protection to complete run-time security and container firewall.

(NS) Threat intelligence and a guardian platform

Nozomi Networks Inc. develops OT and IoT security and visibility solutions. Backed by a consortium of investment firms.

8



(CS) Serverless application security

Nuweba enables organizations to use serverless for core functionalities, mission-critical tasks, and user-facing applications. .

(NS) Secure and scalable zero-trust network access

Odo’s zero-trust architecture moves access control decisions from the network perimeter to individual devices, users, and applications.

(DG) Customer Identity and Access Management

Omada is provider of IT security solutions and services for identity management and access governance. Private Equity backed by CVC Capital.

(SA)/(SIEM) Incident Reporting

Omnigo is a provider of public safety, incident reporting, and security management solutions. Private Equity backed by The Riverside Company.

(IAM)

Identity Governance and Administration (IGA and Privileged Access Management (PAM) solutions

One Identity helps organizations establish an identity-centric security strategy. Subsidiary of Quest Software.

(DG) ID Verification, Data Mapping

OneTrust is a technology platform providing privacy, security, data governance, and compliance programs. Private Equity backed by Insight Partners.

(SA)/(CS) Security solutions integrator

Optiv provides integrated security software and services to enterprises. Backed by several investment firms including KKR and Blackstone.

(SA)/(DG) Data integration and data protection

Palantir builds software for data-driven decisions and operations. Backed by several venture capital firms and Corporate VCs.

9



(EPP) Endpoint detection and response

Panda provides advanced cybersecurity solutions and services, as well as management and monitoring tools. Acquired by WatchGuard in June 2020.

(CS) Continuous, machine-based penetration testing

Pcysys delivers an automated penetration-testing platform. Backed by several venture capital firms including Blackstone.

(ES) Continuous simulation and training

PhishLine offers a platform that helps protect against phishing. Subsidiary of Barracuda Networks.

(ES) Human-driven phishing defense solutions

Cofense (previously PhishMe) enables organization-wide engagement to active email threats. Backed by consortium of investment firms.

(IAM) Voice identity and security Pindrop provides solutions that provide a secure framework for voice calls.

(DSO)Cloud native database-as-a-service (DbaaS) for mission critical applications

Planetscale offers a relational database platform to protect, access, and derive insights from data. Venture Capital backed by Signalfire and Andreessen Horowitz.

(DG) Data protection platform

Portshift provides an Identity-based cloud workload protection platform, that secures applications from CI/CD to runtime. Backed by Team8 Labs.

(CS) Serverless security

Protego offers cloud workload protection (CWPP) and security posture management (CSPM), delivering continuous serverless security. Subsidiary of Check Point Software Technologies.

10



(NS) Cyber-security solutions for ICS/SCADA networks

Radiflow provides operators with visibility and control of their OT network. Backed by the RAD Group.

(SA) Machine learning based threat intelligence

Recorded Future collects and analyzes, data in real time and integrates with security technologies. Private Equity backed by Insight Partners.

(SA)/(CS) Cloud-based security solutions

Red Canary provides endpoint security and cyber threat detection solutions.

(DG)/(DSO) Website securityReflectiz protects organizations against security and privacy risks caused by installed 3rd-party code on their websites.

(DG)/(CS) Malware prevention

ReSec Technologies develops enterprise-grade solutions to prevent malware penetration of networks, endpoints, and data centers.

(IAM)/(EPP)/(DSO) Digital identity solutions

Sectigo provides automated PKI solutions that secure websites, connected devices, applications, and digital identities. Private Equity backed by Francisco Partners.

(SA)/(DSO) Comprehensive cyber defense

SecureWorks offers integrated cybersecurity products and managed security services. Subsidiary of Dell Marketing L.P.

(CS) IoT device security

SecuriThings provides risk detection, predictive maintenance, and automated operations for IoT devices. Backed by Firstime venture capital.

11



(CS) Software security

Security Innovation provides application security and security assessment, awareness and technical training, and embedded system security services. Backed by Brook Venture partners.

(SA)/(SIEM) Next-Gen SIEM

Securonix develops security analytics and operations management platform for big data and advanced cyber threats. Backed by F Prime and Volition Capital.

(EPP) Endpoint security solutions

SentinelOne delivers autonomous security for the endpoint, datacenter and cloud environments. Private Equity backed by Insight Partners.

(EPP) Blockchain-based cybersecurity

SigmaDots brings the power of distributed, embedded and multilayered cybersecurity to protect the IoT ecosystem.

(DG)/(DSO) WAF & RASPSignal Sciences provides next-gen WAF & RASP to help secure web applications, APIs, & microservices.

(SA)/(CS)/(IAM) Multifactor authentication and zero trust

Silverfort delivers secure authentication and Zero Trust across corporate networks and cloud environments.

(SA)/(CS) Cybersecurity Management Software

Skybox’s software uses analytics to prioritize on organization’s risk exposures and recommends informed action to best address those exposures. Private Equity backed by CVC Capital.

(CS)/(DSO) Open source code security Snyk finds and fixes known vulnerabilities in open source.

12



(CS)/(DG)/(EPP) Real-time breach detection and prevention solutions

SonicWALL manufactures network security and data protection products. Private Equity backed by Francisco Partners.

(EPP)/(NS)/(CS) Intercept X Endpoint and Cloud Optix

Sophos’ cloud-native and AI-enhanced solutions secure endpoints and networks. Private Equity backed by Claridge Israel.

(SA)/(EPP)/(CS) AI powered cybersecuritySparkCognition builds artificial intelligence solutions to advance the most important interests of society.

(CS) Secure edge services

StackPath delivers enterprise-grade security and performance in a frictionless with cloud-scale control and flexibility. Backed by consortium of investment firms.

(CS)/(DSO) Kubernetes-native container security platform

StackRox delivers a Kubernetes-native container security platform that enables security and DevOps teams to operationalize security policies.

(CS)/(DSO) Cloud-native authorizationStyra provides an open-source community centered around Open Policy Agent (OPA) for Kubernetes.

(DSO) Secure DevOps Platform Sysdig enables companies to confidently run cloud-native workloads in production.

(EPP) Platform for endpoint visibility and control

Tanium provides security and management system solutions that allow enterprises to query and modify their assets. Backed by several venture capital firms including TPG.

13



(CS) Cloud Management and Compliance solutions

Threat Stack’s Cloud Security Platform delivers full stack security observability across the cloud management consoles and containers.

(CS) Threat Intelligence Platform

ThreatConnect delivers a single platform in the cloud and on-premises to effectively aggregate, analyze, and act to counter sophisticated cyber-attacks.

(NS) Enterprise network security for Kubernetes.

Tigera software provides networking and network policy for Kubernetes.

(DG) Data protection and app resiliency

TrilioVault integrates with Red Hat OpenShift to ease backing up and restoring workloads orchestrated across Kubernetes clusters.

(CS) Predictive email defense

Vade offers services for emails, such as phishing and spear phishing, malware, and ransomware. Backed by General Catalyst Partners.

(IAM)Enterprise key and certificate management security solutions

Venafi provides insight and control over enterprise keys and certificates in datacenters and various endpoints. Private Equity backed by TCV.

(DSO) Application security testing

Veracode’s platform enables security teams and software developers to find and fix security-related defects in software development lifecycle. Private Equity backed by Thoma Bravo.

(DSO) Cyber security threat solutions

Vicarius enables enterprises to predict, prioritize and protect against software vulnerabilities. Backed by Jerusalem Venture Partners and Innogy Innovation Hub.

14



(CS)/(EPP)/(DSO) Runtime Application Memory Protection

Virsec Systems develops cyber security solutions for DevOps, SecOps, and ICS/SCADA.

(DSO) Web security and vulnerability management

Wallarm is an AI-powered app security platform, which includes adaptive WAF, vulnerability scanner, incident verification and dev time testing modules.

(NS) Network intelligence

WatchGuard offers a full portfolio of user-centric security products and services for protecting people, devices, and networks from targeted attacks. Private Equity backed by Francisco Partners and Vector.

(DSO) Open Source Security for Containers

WhiteSource fully automates the entire process of open source components selection, approval, tracking and management.

(DSO) DFIR, DevSecOps, and AIOps

ZecOps provides cyber security automation and support.

(CS) Disaster Recovery, Backup and Cloud Mobility

Zerto helps customers accelerate IT transformation by eliminating the risk and complexity of modernization and cloud adoption.

(DG) Data aggregation

Zvelo provides contextual categorization and malicious detection for URLs for a wide range of data sets, attributes and languages. Backed by Cypress Growth Capital.

15


q advisors – cybersecurity private vendor matrix

Documents