Cyber Tool Stack

Field index

Vendors

The companies behind the tools — decades-old giants, private-equity roll-ups, and bootstrapped upstarts alike. Filter by size tier to see who’s building for enterprises versus who’s building for lean teams.

140 of 140 vendors

Abnormal AI

San Francisco, CA, USA

Large

Behavioral AI email security vendor that baselines normal communication patterns to catch business email compromise and payload-free social engineering; renamed from Abnormal Security to Abnormal AI in April 2025, and independent and VC-backed, valued at $5.1B after an August 2024 Series D.

1 tool in portfolio

Acronis

Schaffhausen, Switzerland / Singapore

Growth

Integrated backup and cyber protection vendor built for MSPs, combining data protection with anti-malware and behavioral ransomware defense in a single agent.

1 tool in portfolio

Aikido Security

Ghent, Belgium

Growth

Consolidated application security platform aggregating SAST, SCA, secrets, container, IaC, and cloud scanning behind one interface aimed at small engineering teams; independent and VC-backed, reaching unicorn status in January 2026.

1 tool in portfolio

Akamai Technologies

Cambridge, MA, USA

Giant

One of the original content delivery network operators, now a broad security and cloud computing platform; DDoS mitigation is sold under the Prolexic brand acquired in 2014.

2 tools in portfolio

Amazon Web Services

Seattle, WA, USA

Giant

Amazon's cloud infrastructure and platform services division, spanning compute, storage, and a broad built-in security portfolio including key management, identity, and threat detection services.

1 tool in portfolio

Anomali

Redwood City, CA, USA

Growth

Threat intelligence platform vendor (founded as ThreatStream, renamed in 2016) that aggregates, deduplicates, and operationalizes intel feeds, expanding into AI-driven security analytics; independent and VC-backed.

1 tool in portfolio

AppViewX

New York, NY, USA

Growth

Certificate lifecycle automation and machine identity management via the AVX ONE platform; majority-acquired by Haveli Investments in a deal completed in 2025.

1 tool in portfolio

Aqua Security

Ramat Gan, Israel / Burlington, MA, USA

Growth

One of the original container security vendors, now selling the Aqua Platform CNAPP and stewarding the open-source Trivy scanner; independent and VC-backed.

2 tools in portfolio

Backblaze

San Mateo, CA, USA

Growth

Low-cost cloud backup and B2 object storage provider (NASDAQ: BLZE) known for flat-rate unlimited computer backup; went public in 2021.

1 tool in portfolio

Barracuda Networks

Campbell, CA, USA

Large

Security vendor for small and mid-sized organizations spanning email, application, and network protection; a KKR portfolio company since KKR acquired it from Thoma Bravo in a deal that closed in August 2022.

1 tool in portfolio

BeyondTrust

Johns Creek, GA, USA

Large

Privileged access management and secure remote access; the current company was formed via the 2018 Bomgar–BeyondTrust merger and is PE-owned.

1 tool in portfolio

BigID

New York, NY, USA

Growth

Data discovery and classification platform spanning security, privacy, and AI governance use cases under one data catalog; independent and VC-backed, valued above $1B since a March 2024 Series E.

1 tool in portfolio

Binalyze

Tallinn, Estonia

Startup

Digital forensics and incident response automation company whose AIR platform collects and analyzes forensic evidence from endpoints at enterprise speed; independent and VC-backed.

1 tool in portfolio

Bitdefender

Bucharest, Romania

Large

Antimalware and EDR technology widely OEM'd across the industry, plus the GravityZone business endpoint platform; founder-owned and bootstrapped.

1 tool in portfolio

Broadcom

Palo Alto, CA, USA

Giant

Semiconductor and infrastructure software conglomerate whose security portfolio centers on the Symantec enterprise business acquired in 2019 and VMware acquired in 2023.

2 tools in portfolio

Censys

Ann Arbor, MI, USA

Growth

Internet intelligence company spun out of University of Michigan research, continuously scanning the whole internet to power its search engine and attack surface management products; independent, raising $70M in 2026.

1 tool in portfolio

Check Point Software Technologies

Tel Aviv, Israel / San Carlos, CA, USA

Large

One of the original firewall vendors, now a broad security platform spanning network, cloud, and endpoint protection under the Check Point Infinity architecture.

3 tools in portfolio

Checkmarx

Ramat Gan, Israel

Large

Application security testing vendor built around the Checkmarx One platform (SAST, SCA, API security); majority-owned by Hellman & Friedman since a 2020 deal, and — since hiring the ZAP core development team in September 2024 — the primary corporate steward of the independent open-source scanner ZAP by Checkmarx.

2 tools in portfolio

Cisco

San Jose, CA, USA

Giant

Networking giant with a broad security portfolio spanning the Duo access-security line acquired in 2018 and the Splunk observability and security analytics business acquired in 2024.

3 tools in portfolio

Cloudflare

San Francisco, CA, USA

Giant

Global network operator whose edge spans CDN, DNS, DDoS mitigation, and zero trust access, sold together under the Cloudflare One umbrella.

3 tools in portfolio

Cohesity

San Jose, CA, USA

Large

Data security and backup platform that expanded its enterprise protection portfolio through the 2024 acquisition of Veritas's data protection business.

1 tool in portfolio

Commvault

Tinton Falls, NJ, USA

Large

Publicly traded cyber resilience and data protection vendor; incorporated independently in 1996 from technology with Bell Labs roots dating to 1988, now centered on the Commvault Cloud platform.

1 tool in portfolio

Corelight

San Francisco, CA, USA

Growth

Open network detection and response built on the Zeek framework created by its founders, delivered as physical, virtual, or cloud sensors.

1 tool in portfolio

CrowdStrike

Austin, TX, USA

Giant

Cloud-native endpoint, identity, and cloud protection via the Falcon platform.

3 tools in portfolio

Cyera

New York, NY, USA

Large

Data security posture management platform converging data discovery, classification, and identity/access context into what it markets as a "trust layer" for the AI era; independent and VC-backed, reaching a $12B valuation in a June 2026 funding round.

1 tool in portfolio

Darktrace

Cambridge, UK

Large

AI-driven detection and response across network, cloud, email, and OT environments via the Darktrace ActiveAI Security Platform; taken private in an all-cash acquisition by Thoma Bravo that closed in October 2024.

1 tool in portfolio

Datadog

New York, NY, USA

Giant

Cloud observability platform (NASDAQ: DDOG) that has expanded sideways into security, selling SIEM, cloud security, and application security products on the same agent and data platform DevOps teams already run.

1 tool in portfolio

Deciso

Middelharnis, Netherlands

Growth

Dutch network security company and creator of the open-source OPNsense firewall, first released in 2015 as a fork of pfSense/m0n0wall.

1 tool in portfolio

Delinea

San Francisco, CA, USA

Large

Privileged access management formed from the merger of Thycotic and Centrify; majority-owned by Silver Lake.

1 tool in portfolio

DigiCert

Lehi, UT, USA

Giant

Digital trust provider and one of the world's largest public certificate authorities, spanning public TLS certificates, PKI, and certificate lifecycle management; PE-owned.

1 tool in portfolio

Drata

San Diego, CA, USA

Growth

Continuous compliance automation platform for frameworks like SOC 2 and ISO 27001, competing directly with Vanta on control monitoring and audit evidence collection; independent and VC-backed, valued at $2B in its December 2022 Series C.

1 tool in portfolio

Druva

Santa Clara, CA, USA

Growth

SaaS-native data protection vendor delivering fully managed, agentless backup and recovery entirely from its own isolated cloud.

1 tool in portfolio

Elastic

Amsterdam, Netherlands / Mountain View, CA, USA

Large

Company behind Elasticsearch and the Elastic Stack (NYSE: ESTC), selling search, observability, and security analytics on one data platform; re-added the OSI-approved AGPL as a source-license option in 2024 alongside its own Elastic License.

1 tool in portfolio

Endor Labs

Palo Alto, CA, USA

Growth

Software composition analysis platform built around reachability analysis, aiming to cut dependency-vulnerability noise down to what an application actually invokes; independent and VC-backed, with a $93M Series B in April 2025.

1 tool in portfolio

Eramba

London, UK / Bratislava, Slovakia

Startup

Small, privately held company behind the eramba GRC platform, offering a free-to-use Community Edition under a custom non-redistributable license alongside paid Enterprise tiers.

1 tool in portfolio

ESET

Bratislava, Slovakia

Large

Long-running privately held European vendor of endpoint protection, EDR, and encryption for businesses and consumers.

1 tool in portfolio

Exabeam

Foster City, CA, USA

Growth

SIEM and behavior-analytics vendor that merged with LogRhythm in July 2024 under Thoma Bravo's orchestration, keeping the Exabeam name while continuing to sell and develop the LogRhythm SIEM line.

1 tool in portfolio

ExtraHop

Seattle, WA, USA

Growth

Network detection and response through decryption and analysis of east-west traffic; taken private by Bain Capital Private Equity and Crosspoint Capital Partners in 2021.

1 tool in portfolio

F5

Seattle, WA, USA

Giant

Application delivery and security vendor (NASDAQ: FFIV) spanning load balancing, WAF, and API security, sold as both the on-prem BIG-IP/NGINX lines and the SaaS-delivered F5 Distributed Cloud Services; acquired API security startup Wib in 2024.

2 tools in portfolio

Filigran

Paris, France

Growth

French company behind the open-source OpenCTI threat intelligence platform and OpenBAS breach-simulation project, selling enterprise editions and hosted versions of both; VC-backed with roughly $125M raised.

1 tool in portfolio

Flashpoint

New York, NY, USA

Growth

Threat intelligence vendor specializing in visibility into illicit online communities — cybercrime forums, ransomware operations, fraud markets; majority-owned by Audax Private Equity since 2021.

1 tool in portfolio

Forcepoint

Austin, TX, USA

Large

Data-first security vendor (DLP, web, and cloud app security) owned by Francisco Partners since 2021; sold its Global Governments and Critical Infrastructure unit to TPG in 2023.

2 tools in portfolio

Fortanix

Santa Clara, CA, USA

Growth

Confidential-computing-based data security vendor selling key management, tokenization, and secrets management through its Data Security Manager and unified Armor platform; independent and VC-backed.

1 tool in portfolio

Fortinet

Sunnyvale, CA, USA

Giant

Network security hardware and software spanning next-generation firewalls, SD-WAN, and SASE, built around the custom-silicon FortiOS platform.

2 tools in portfolio

GitHub

San Francisco, CA, USA

Giant

Software development and collaboration platform whose security line, GitHub Advanced Security, was unbundled into standalone SKUs — GitHub Code Security and GitHub Secret Protection — in April 2025; a wholly owned Microsoft subsidiary since its 2018 acquisition.

2 tools in portfolio

GitLab

San Francisco, CA, USA

Large

All-remote DevSecOps platform combining source control, CI/CD, and integrated security scanning in one product; publicly traded on Nasdaq (GTLB) since its 2021 IPO and, as of mid-2026, still independent despite recurring acquisition speculation.

1 tool in portfolio

Google Cloud

Mountain View, CA, USA

Giant

Alphabet's cloud computing division, offering infrastructure and platform services alongside a native security portfolio spanning key management, workload identity, and (since 2026) the acquired Wiz cloud security platform.

4 tools in portfolio

Greenbone

Osnabrück, Germany

Growth

German vulnerability management company (Greenbone AG) that maintains the open-source OpenVAS scanner and sells enterprise appliances and a commercial feed on top of the free Greenbone Community Edition.

1 tool in portfolio

Harness

San Francisco, CA, USA

Large

AI-native software delivery platform (CI/CD, feature flags, cloud cost management) that absorbed Traceable AI's API security and observability technology through a March 2025 merger, continuing to sell it as "Traceable by Harness" within its DevSecOps line.

1 tool in portfolio

HashiCorp

San Francisco, CA, USA

Large

Infrastructure automation and secrets management (Vault, Terraform); a wholly owned IBM subsidiary since 2025.

1 tool in portfolio

HCLSoftware

Noida, India

Giant

Enterprise software division of HCLTech, formed to house a set of products acquired from IBM for $1.8B in 2019, including the AppScan application security testing suite it continues to develop.

1 tool in portfolio

Hoxhunt

Helsinki, Finland

Growth

Human risk management platform combining adaptive phishing simulation with personalized micro-training; independent and VC-backed.

1 tool in portfolio

Huntress

Ellicott City, MD, USA

Growth

Managed detection and response built for MSPs and the SMBs they serve, with a human-staffed 24/7 SOC.

1 tool in portfolio

Hyperproof

Seattle, WA, USA

Growth

Compliance operations platform for managing controls, evidence, and risk across multiple frameworks from one workspace; independent and VC-backed, having raised a $40M growth round in 2023.

1 tool in portfolio

Imperva

San Mateo, CA, USA

Large

Application and data security vendor known for its web application firewall and bot/DDoS protection; became a wholly owned subsidiary of the French Thales Group when its ~$3.6B acquisition from Thoma Bravo closed in December 2023.

1 tool in portfolio

Invicti Security

Austin, TX, USA

Growth

Web application and API security testing vendor formed from the merger of Netsparker and Acunetix, selling both as separately branded DAST products; majority-owned by Summit Partners since a $625M 2021 growth investment, with Turn/River Capital retaining a minority stake.

2 tools in portfolio

Iru

San Diego, CA, USA

Growth

Device management, identity, and compliance platform for Apple, Windows, and Android fleets; rebranded from Kandji in late 2025.

1 tool in portfolio

Jamf

Minneapolis, MN, USA

Large

Apple-focused device management and endpoint security; taken private by Francisco Partners in 2026.

1 tool in portfolio

Juniper Networks

Sunnyvale, CA, USA

Large

Enterprise networking and security hardware, including the SRX Series firewall line; became a wholly owned subsidiary of Hewlett Packard Enterprise when HPE's acquisition closed in July 2025.

1 tool in portfolio

Keyfactor

Independence, OH, USA

Large

PKI-as-a-service and certificate lifecycle orchestration, built around the Keyfactor Command platform and the open-source EJBCA certificate authority; PE-backed.

2 tools in portfolio

KnowBe4

Clearwater, FL, USA

Large

Security awareness training and human risk management pioneer; taken private by Vista Equity Partners in a $4.6B deal that closed in February 2023, and expanded into email security through its 2024 acquisition of Egress.

2 tools in portfolio

LogicGate

Chicago, IL, USA

Growth

Risk management platform (Risk Cloud) built on a no-code workflow engine that lets risk and compliance teams configure their own processes instead of adapting to a fixed data model; independent and VC-backed, having raised a $113M Series C led by PSG.

1 tool in portfolio

Magnet Forensics

Waterloo, Ontario, Canada

Large

Digital forensics vendor serving law enforcement and enterprise investigators; taken private by Thoma Bravo in 2023 and merged with mobile-forensics maker Grayshift, whose GrayKey products it now sells alongside its own.

1 tool in portfolio

Malwarebytes

Santa Clara, CA, USA

Growth

Consumer anti-malware plus the ThreatDown business endpoint line for SMB and mid-market.

1 tool in portfolio

Material Security

Redwood City, CA, USA

Growth

Cloud email and workspace security vendor focused on post-delivery protection inside Google Workspace and Microsoft 365; independent and venture-backed.

1 tool in portfolio

Microsoft

Redmond, WA, USA

Giant

Endpoint, identity, and cloud security via the Microsoft Defender and Entra portfolios, deeply integrated with Windows and Microsoft 365.

10 tools in portfolio

Mimecast

London, UK / Lexington, MA, USA

Large

Email and human risk security vendor spanning secure email gateway, brand protection, and — following its 2024 acquisitions of Elevate Security, Code42, and Aware — collaboration-tool risk monitoring under a human risk management platform; taken private by Permira in a $5.8B deal that closed in May 2022.

1 tool in portfolio

Netgate

Austin, TX, USA

Growth

Steward of the open-source pfSense project since 2008, selling pfSense-based security appliances and the proprietary pfSense Plus edition alongside the free Community Edition.

1 tool in portfolio

NETSCOUT Systems

Westford, MA, USA

Large

Network performance management and cybersecurity vendor whose Arbor DDoS protection line originated with its 2015 acquisition of Arbor Networks.

1 tool in portfolio

Netskope

Santa Clara, CA, USA

Large

Security service edge vendor with roots in CASB, now selling a converged SASE platform under the Netskope One brand; completed its IPO on Nasdaq in September 2025.

2 tools in portfolio

Nightfall AI

San Francisco, CA, USA

Growth

Data loss prevention purpose-built for SaaS apps, cloud storage, and generative AI tools, using machine-learned content classifiers instead of a network or endpoint agent; independent and VC-backed.

1 tool in portfolio

NINJIO

Westlake Village, CA, USA

Growth

Security awareness training vendor known for short, Hollywood-style animated microlearning episodes; received a strategic growth investment from Gauge Capital in 2021.

1 tool in portfolio

OffSec

New York, NY, USA

Growth

Security training and certification company (formerly Offensive Security) behind the OSCP certification and the Kali Linux penetration-testing distribution it maintains and funds.

1 tool in portfolio

Okta

San Francisco, CA, USA

Large

Cloud identity and access management for workforce and customer identity, spanning SSO, MFA, and lifecycle management.

1 tool in portfolio

One Identity

Aliso Viejo, CA, USA

Large

Identity governance, privileged access, and Active Directory management; operates as a business unit of Quest Software.

1 tool in portfolio

OneTrust

Atlanta, GA, USA

Large

Broad governance, risk, and compliance platform spanning privacy management, third-party risk, and IT risk automation; sold its Ethics & Compliance business unit to EQS Group in 2024 but remains independent and VC-backed, last valued at $4.5B in 2023.

1 tool in portfolio

Optro

Cerritos, CA, USA

Large

Connected risk platform for internal audit, SOX compliance, and enterprise risk teams; acquired by European private equity firm Hg for more than $3B in a deal announced May 2024, then rebranded from AuditBoard to Optro in March 2026.

1 tool in portfolio

Orca Security

Portland, OR, USA

Growth

Agentless cloud security via its patented SideScanning technique, reading workloads' storage out-of-band instead of deploying agents; independent and VC-backed.

1 tool in portfolio

Palo Alto Networks

Santa Clara, CA, USA

Giant

Broad security platform spanning network firewalls, cloud security, SecOps (Cortex), and — since acquiring CyberArk in 2026 — the Idira identity security portfolio.

8 tools in portfolio

Panther Labs

San Francisco, CA, USA

Growth

Cloud-native, detection-as-code SIEM built on a security data lake; Databricks announced an agreement to acquire the company in June 2026, with the deal not yet closed as of July 2026.

1 tool in portfolio

Pentera

Burlington, MA, USA

Growth

Automated security validation vendor (founded in Israel as Pcysys) whose platform safely runs real attack techniques against production environments to prove which exposures are actually exploitable; independent, passing $100M ARR in 2026.

1 tool in portfolio

Ping Identity

Denver, CO, USA

Large

Enterprise identity and access management via the PingOne platform; owned by Thoma Bravo, which merged ForgeRock into the company in 2023.

1 tool in portfolio

PortSwigger

Knutsford, England, UK

Growth

Maker of Burp Suite, the standard toolkit for manual and automated web application penetration testing; founder-controlled since 2008, with Brighton Park Capital taking a minority investment in 2024 — its first outside funding.

1 tool in portfolio

ProjectDiscovery

San Francisco, CA, USA

Growth

Company behind Nuclei, the widely used open-source template-based vulnerability scanner, plus the commercial ProjectDiscovery Cloud Platform and 2026's autonomous pentesting product Neo; independent and VC-backed.

1 tool in portfolio

Proofpoint

Sunnyvale, CA, USA

Large

Email, data, and human-risk security vendor spanning threat protection, data loss prevention, and security awareness training; taken private by Thoma Bravo in a $12.3B 2021 deal and still PE-owned as of mid-2026.

3 tools in portfolio

Prowler

Portland, ME, USA

Startup

Company behind the open-source Prowler cloud security assessment tool (the project itself dates to 2016), incorporated in 2023 by its creator and selling a hosted Prowler Cloud edition.

1 tool in portfolio

Qualys

Foster City, CA, USA

Large

SaaS security vendor (NASDAQ: QLYS) offering vulnerability management and compliance scanning through a shared cloud agent and platform.

1 tool in portfolio

Radware

Mahwah, NJ, USA / Tel Aviv, Israel

Large

Independent, publicly traded network and application security vendor covering DDoS mitigation, web application, and API protection.

1 tool in portfolio

Rapid7

Boston, MA, USA

Large

Vulnerability management, detection and response, and open-source security tooling (Metasploit, Velociraptor).

3 tools in portfolio

Recorded Future

Somerville, MA, USA

Large

Threat intelligence provider combining automated collection across the open, deep, and dark web with research from its Insikt Group analysts; a Mastercard subsidiary since December 2024.

1 tool in portfolio

Red Hat

Raleigh, NC, USA

Giant

Enterprise open-source software company behind RHEL and OpenShift, wholly owned by IBM since 2019; its Kubernetes security line descends from the 2021 StackRox acquisition.

1 tool in portfolio

Rubrik

Palo Alto, CA, USA

Large

Zero-trust data security and cyber recovery vendor built around immutable backups and ransomware recovery; went public on the NYSE in its 2024 IPO.

1 tool in portfolio

runZero

Austin, TX, USA

Startup

Asset discovery and exposure management company co-founded by Metasploit creator HD Moore; Accenture announced an agreement to acquire it in 2026 as part of a broader OT-security push, with the deal expected to close later that year.

1 tool in portfolio

SafeBreach

Sunnyvale, CA, USA

Growth

Breach and attack simulation pioneer whose platform continuously replays a large library of real attacker techniques against a customer's defenses to measure what gets blocked or detected; independent and VC-backed, with a $53.5M Series D closed in November 2021 as its most recent major round.

1 tool in portfolio

SailPoint

Austin, TX, USA

Large

Identity governance and administration; returned to public markets in 2025 with Thoma Bravo retaining majority control.

1 tool in portfolio

Salt Security

Palo Alto, CA, USA

Growth

API security platform using behavioral analysis of live traffic to discover and protect APIs; independent and VC-backed, having raised roughly $281M toward a ~$1.4B valuation.

1 tool in portfolio

Saviynt

El Segundo, CA, USA

Growth

Cloud-native identity governance and administration converging IGA, application GRC, and privileged access.

1 tool in portfolio

Sectigo

Roseland, NJ, USA

Large

Certificate authority and cloud-native certificate lifecycle management vendor, formerly Comodo CA before its 2018 rebrand.

1 tool in portfolio

Secureframe

San Francisco, CA, USA

Growth

Compliance automation platform that monitors security controls and collects audit evidence across frameworks including SOC 2 and ISO 27001; independent and VC-backed.

1 tool in portfolio

Securiti

San Jose, CA, USA

Growth

Data security, privacy, and AI governance platform (marketed as a "DataAI Command Platform") spanning DSPM alongside broader compliance automation; became a wholly owned subsidiary of Veeam when its ~$1.725B acquisition closed in December 2025, continuing to operate under the Securiti brand.

1 tool in portfolio

Security Onion Solutions

Evans, GA, USA

Startup

Company behind the free Security Onion network security monitoring Linux distribution, providing paid training and professional services around the platform.

1 tool in portfolio

Securonix

Addison, TX, USA

Growth

SIEM and UEBA vendor built around behavior analytics; backed by a $1B+ Vista Equity Partners growth investment since 2022, and acquired threat-intel platform ThreatQuotient in 2025.

1 tool in portfolio

Semgrep

San Francisco, CA, USA

Growth

Maker of the Semgrep static analysis engine (formerly r2c) and the commercial Semgrep AppSec Platform; the CLI/engine is LGPL-2.1, but the bundled default rule registry moved to a separate, non-OSI Semgrep Rules License in December 2024, prompting the fully open Opengrep community fork in early 2025.

1 tool in portfolio

SentinelOne

Mountain View, CA, USA

Large

AI-driven autonomous endpoint, cloud, and identity protection via the Singularity platform.

2 tools in portfolio

Sentra

New York, NY, USA / Tel Aviv, Israel

Growth

Cloud-native data security posture management platform built for petabyte-scale data estates, prioritizing sensitive data by access exposure and use in AI pipelines; independent and VC-backed.

1 tool in portfolio

ServiceNow

Santa Clara, CA, USA

Giant

Enterprise workflow and IT service management platform (NYSE: NOW) whose Integrated Risk Management (IRM) line — renamed from GRC in 2023 but still marketed under GRC-branded apps — extends the same platform into policy, risk, and compliance automation.

1 tool in portfolio

Shuffle

Oslo, Norway

Startup

Small company behind the open-source Shuffle security automation platform, selling hosted cloud and enterprise support tiers on top of the free AGPL-licensed self-hosted core.

1 tool in portfolio

Skyhigh Security

San Jose, CA, USA

Growth

Security service edge vendor carved out of McAfee Enterprise by Symphony Technology Group in 2022, carrying the lineage of CASB pioneer Skyhigh Networks (founded 2011, acquired by McAfee in 2018).

1 tool in portfolio

Smallstep

San Francisco, CA, USA

Startup

Open-source PKI and device identity company behind step-ca and the step CLI, selling a hosted Certificate Manager on top.

1 tool in portfolio

Snyk

Boston, MA, USA

Large

Developer-first application security platform spanning SAST, open-source dependency (SCA), container, and IaC scanning; still private and VC-backed, with a stalled IPO process and a rejected private-equity buyout as of 2026.

2 tools in portfolio

Socket

San Francisco, CA, USA

Growth

Maker of Socket Firewall, which analyzes open-source package behavior — not just known CVEs — to catch supply-chain attacks before they reach a developer's machine or CI pipeline; independent and VC-backed, reaching a $1B valuation in a May 2026 Series C.

1 tool in portfolio

Sonar

Geneva, Switzerland

Large

Maker of SonarQube's code quality and security analysis products (SonarQube Server, SonarQube Cloud, SonarQube Community Build), rebranded from the SonarQube/SonarCloud edition names in late 2024 alongside a licensing change that moved bundled language analyzers off LGPL onto a separate, non-OSI source-available license.

1 tool in portfolio

SonicWall

Milpitas, CA, USA

Large

Security appliances built for small and mid-sized businesses and the channel partners that resell them; majority-owned by Francisco Partners since being spun off from Dell in 2016.

1 tool in portfolio

Sophos

Abingdon, Oxfordshire, UK

Large

Endpoint, network, and managed detection and response for SMB and mid-market; a Thoma Bravo portfolio company since 2020.

1 tool in portfolio

SoSafe

Cologne, Germany

Growth

European security awareness and human risk management platform combining training content, phishing simulation, and behavior analytics; independent and VC-backed.

1 tool in portfolio

Splunk

San Francisco, CA, USA

Giant

Log analytics and SIEM pioneer whose platform spans security and observability; a wholly owned Cisco subsidiary since the $28B acquisition closed in March 2024, still operating under the Splunk brand.

2 tools in portfolio

StackHawk

Denver, CO, USA

Growth

Developer-first, API-focused DAST built to run automatically inside CI/CD pipelines rather than as a standalone security-team tool; independent and VC-backed.

1 tool in portfolio

StrangeBee

Paris, France

Startup

Company founded by the creators of TheHive open-source incident response platform, now developing and selling TheHive 5 as a commercial product while maintaining the open-source Cortex analysis engine.

2 tools in portfolio

Sublime Security

Washington, D.C., USA

Growth

Email security platform built around a transparent, editable detection engine rather than an opaque vendor model; independent and VC-backed, raising a $60M Series B in December 2024.

1 tool in portfolio

Sumo Logic

Redwood City, CA, USA

Growth

Cloud-native log analytics and SIEM vendor; taken private by Francisco Partners in a $1.7B deal that closed in May 2023 and still PE-owned as of mid-2026.

1 tool in portfolio

Swimlane

Denver, CO, USA

Growth

Low-code security automation and SOAR vendor whose Turbine platform pairs workflow automation with case management for security operations teams; independent and VC-backed.

1 tool in portfolio

Sysdig

San Francisco, CA, USA

Growth

Runtime-centric cloud and container security founded by a Wireshark co-creator; created the Falco runtime security engine and donated it to the CNCF in 2018. Still private and VC-backed.

1 tool in portfolio

Tailscale

Toronto, Canada

Growth

Zero-config mesh VPN built on the WireGuard protocol, connecting devices directly to each other under a centrally managed access policy instead of routing through a gateway.

1 tool in portfolio

Teleport

Oakland, CA, USA

Growth

Identity-native infrastructure access — short-lived certificates instead of standing credentials for servers, Kubernetes, and databases.

1 tool in portfolio

Tenable

Columbia, MD, USA

Large

Exposure and vulnerability management vendor behind Nessus, publicly traded (NASDAQ: TENB); its cloud security line is built on the identity-centric Ermetic platform acquired in 2023.

3 tools in portfolio

Thales

La Défense, France

Giant

French aerospace, defense, and technology conglomerate whose data security business — sold through its Cloud Protection & Licensing division — centers on the CipherTrust Data Security Platform and Luna hardware security modules, built from its 2016 Vormetric and 2019 Gemalto acquisitions; also owns Imperva since 2023.

1 tool in portfolio

Tines

Dublin, Ireland

Growth

No-code workflow automation platform with roots in security orchestration, increasingly sold for IT and general operations automation as well; independent and VC-backed, valued at $1.125B after a 2025 Series C.

1 tool in portfolio

Torq

Tel Aviv, Israel / Denver, CO, USA

Growth

Security 'hyperautomation' vendor positioning its AI-driven workflow and autonomous-SOC platform against first-generation SOAR products; independent and VC-backed, valued at $1.2B after a January 2026 Series D.

1 tool in portfolio

Twingate

Redwood City, CA, USA

Startup

Zero trust network access built to replace corporate VPNs, deployable without inbound firewall changes or exposing a public IP for internal resources.

1 tool in portfolio

Upwind Security

San Francisco, CA, USA

Growth

Runtime-powered CNAPP using eBPF sensors, founded by the team behind Spot.io; raised a $250M Series B in January 2026 at a $1.5B valuation.

1 tool in portfolio

Vanta

San Francisco, CA, USA

Large

Compliance automation platform that continuously monitors and evidences security controls for frameworks like SOC 2, ISO 27001, and HIPAA; independent and VC-backed, valued at $4.15B after a July 2025 Series D.

1 tool in portfolio

Varonis

Miami, FL, USA

Large

Publicly traded (NASDAQ: VRNS) data security vendor whose roots in data access governance and DLP have expanded into a full Varonis Data Security Platform spanning DSPM, threat detection, and identity risk.

1 tool in portfolio

Vectra AI

San Jose, CA, USA

Growth

AI-driven attack detection across network, identity, and cloud signal, marketed as Attack Signal Intelligence; privately held with no public listing as of 2026.

1 tool in portfolio

Veeam Software

Kirkland, WA, USA

Large

Enterprise backup, disaster recovery, and data resilience across virtual, physical, cloud, and SaaS workloads via the Veeam Data Platform; relocated its US headquarters from Columbus, Ohio to Kirkland, Washington in 2024.

1 tool in portfolio

Veracode

Burlington, MA, USA

Large

Application security testing platform (static, dynamic, and software composition analysis) delivered primarily as SaaS; majority-owned by TA Associates since a 2022 growth investment, with Thoma Bravo retaining a minority stake.

2 tools in portfolio

WatchGuard Technologies

Seattle, WA, USA

Growth

Network security appliances built for small and mid-sized businesses and the MSPs that serve them, sold under the Firebox line; majority-owned by Vector Capital since 2022.

1 tool in portfolio

Wazuh, Inc.

Campbell, CA, USA

Growth

Company behind the open-source Wazuh unified XDR/SIEM platform; bootstrapped, with paid managed cloud hosting.

1 tool in portfolio

Wiz

New York, NY, USA

Large

Agentless-first cloud security (CNAPP) built around a graph of cloud resources, identities, and exposures; a Google (Alphabet) subsidiary since the ~$32B acquisition closed in March 2026, still operating under the Wiz brand within Google Cloud.

1 tool in portfolio

Yubico

Stockholm, Sweden

Growth

Inventor of the YubiKey hardware security key and a driving force behind the FIDO2/WebAuthn phishing-resistant authentication standards.

1 tool in portfolio

Zscaler

San Jose, CA, USA

Giant

Cloud-delivered SSE and SASE vendor whose Zero Trust Exchange inspects traffic across a global service network instead of a customer-run data center appliance.

1 tool in portfolio

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.