The editors of eSecurity Planet have been giving advice to enterprise security buyers for more than a decade, and for the last five years we’ve been rating the top enterprise cybersecurity products, compiling roughly 50 lists to date on every product imaginable, from networks to endpoints and out to the cloud and beyond.
This year, for the first time, we’re ranking the overall best companies and products in 14 of those categories. While there are many other products that might prove best for particular organizations and use cases, these are the products that most stood out to us because of their innovation, breadth of features, and strong security performance. You can read more about our methodology here.
There is no substitution for your own testing and analysis, of course, but this list will serve as an introduction to the breadth and depth of our product coverage. Congratulations to our 2022 winners – and to the hundreds more who have made our top cybersecurity product lists.
Best Cybersecurity Solutions:
Best Cybersecurity Company: Palo Alto Networks
Winner: Palo Alto Networks
Finalists: Fortinet, CrowdStrike, Cisco
Palo Alto Networks has topped our list of the best cybersecurity companies for a couple of years running. Consistently high independent test scores, a history of innovation, and a broad portfolio that touches all the hottest markets has landed Palo Alto on 17 of our top product lists, including cutting-edge markets like XDR and SASE. The security market is a deep one, however, and our list contains everything from recent startups to first-generation antivirus vendors that are still going strong, 30 names in all.
See our full list of the Top Cybersecurity Companies.
Top Cybersecurity Startup: Abnormal Security
Winner: Abnormal Security
Finalists: Wiz, Cado Security
While the ecosystem of cybersecurity startups is crowded with many advanced and innovative solutions, Abnormal Security earns our pick as the top startup by focusing on the universal threat vector of email communications, still the greatest source of cyber attacks. Abnormal Security’s core product utilizes behavioral AI to block malicious email attacks, with add-ons for account takeover prevention, productivity enhancement, and mailbox automation. Wiz and Cado have developed innovative approaches to cloud security and forensics, innovation that has kept venture capital flowing despite economic headwinds.
See our list of the Hottest Cybersecurity Startups.
Best EDR Solutions: Palo Alto and SentinelOne
Winners: Palo Alto Networks and SentinelOne
Finalists: CrowdStrike, Cynet, Trend Micro
Here we have a tie: Palo Alto’s Cortex XDR platform offers the best overall security in our opinion, with consistently high independent test results and advanced features while not losing sight of ease of use and value. Tied with Palo Alto is SentinelOne, which manages to combine high security and ease of use, a great combination for a range of markets.
This is a market packed with high-quality products, so don’t overlook others in this space. CrowdStrike and Cynet have impressed us with their security and innovation. And if you’re looking at broader XDR platforms, Trend Micro is a feature-packed offering with very good security that manages to offer good value too. The fast-growing managed detection and response (MDR) market is another area worth exploring.
See our full list of the Top EDR Solutions.
Best Next-Generation Firewall (NGFW): Palo Alto Networks
Winner: Palo Alto Networks
Finalists: Fortinet, Check Point
Competing with firewall giants like Check Point and Fortinet, we believe the market’s best next-generation firewall (NGFW) belongs to Palo Alto Networks. The cybersecurity vendor’s industry-recognized line of NGFWs covers on-premises, virtual, container, and cloud-delivered firewall solutions. PAN’s more extensive portfolio expands to emerging technologies for SASE, CNAP, and XDR. Fit for SMBs up to enterprise-scale organizations and MSSPs, Palo Alto Networks’ innovation and security capabilities in the hybrid infrastructure era have been pivotal to its staying power. A top rating from CyberRatings is just the latest in a string of accolades for Palo Alto.
See our complete list of Top NGFWs.
Best SIEM Solution: Exabeam
Finalists: Splunk, LogRhythm, IBM
This year’s pick for the top Security Information and Event Management (SIEM) solution goes to the fast riser, Exabeam. Launched in 2013, Exabeam’s Fusion platform combines SIEM and XDR capabilities to offer organizations an automated threat detection, investigation, and response (TDIR) solution. Exabeam Fusion offers a stack of security features akin to SIEM solutions from IBM, LogRhythm, and Splunk, with specializations in insider threats and compliance.
See our complete list of the Top SIEM tools.
Best Intrusion Detection and Prevention System (IDPS): Trend Micro
Winner: Trend Micro
Founded in 1988, multinational vendor Trend Micro’s intrusion detection and prevention capabilities only came to fruition in recent years. A robust cybersecurity portfolio plus the acquisition of HP’s TippingPoint Intrusion Prevention System (IPS) in 2016 gave Trend Micro the foundation for its industry-leading IDPS solution. Dueling it out with Cisco’s Next-Generation IPS (NGIPS), Trend Micro TippingPoint offers threat intelligence, centralized insight, and real-time security to protect IT infrastructure.
See our full list of Top IDPS Solutions.
Best Breach and Attack Simulation (BAS) Solution: AttackIQ
Finalists: Cymulate, Picus Security
The top solution in the emerging breach and attack simulation (BAS) sector belongs to San Diego-based AttackIQ. Competing with upstart BAS vendors like Cymulate and Picus Security, AttackIQ’s platform, capabilities, and user reviews impressed us the most. The AttackIQ Security Optimization Platform offers a friendly user interface, MITRE-informed threat intelligence, and real-time testing of an organization’s defensive posture.
See our full list of the Top BAS Solutions.
Best Encryption Solution: Micro Focus
Winner: Micro Focus
Finalists: IBM, Opaque Systems
We’ll give the nod to Micro Focus Voltage SecureData – with the caveat that quantum and data-in-use encryption makes this one of the most dramatically changing areas in cybersecurity these days. Voltage SecureData is a cloud-native solution that’s good for secure high-scale cloud analytics, hybrid IT environments, payment data protection, SaaS apps and more. It protects both structured and unstructured data in use, at rest, in the cloud, and in analytics, checking all the important boxes. But others to watch in the space include IBM and Opaque Systems, two companies with strong research and innovation capabilities.
See our full list of Top Encryption Software.
Best Small Business Security Product: Syxsense
Finalists: Zerto, Trend Micro
Syxsense Enterprise is a Unified Security and Endpoint Management (USEM) solution that delivers real-time vulnerability monitoring and remediation for every endpoint in an environment, as well as IT management, patch management and mobile device management (MDM) across all endpoints. If you’re looking for a complete security solution, it’s tough to beat. Others offering comprehensive security solutions include Zerto and Trend Micro.
See our full list of SMB Security Solutions.
Best Secure Email Gateway: Perception Point
Winner: Perception Point
Finalists: Proofpoint, Barracuda, Mimecast
Secure email gateways remain one of the most important enterprise security technologies, as spoofing and phishing remain the biggest entry point for cyber attackers. Proofpoint, Barracuda and Mimecast lead the market, but a number of innovators have popped up in this critical market. We’re going to give the nod to one of those newcomers: 7-year-old Israel-based Perception Point. The company’s Prevention-as-a-Service solution stops phishing, BEC, ATO, spam, malware, zero-days, and N-days before they reach enterprise users, and an incident response service is included at no extra cost. We’ll quote one Gartner user review: “We did a very detailed evaluation [of] about 15+ E-Mail security solutions… The vendor was new to us but we compared capabilities in a very fact based approach. The solution showed both in prevention capabilities (simultaneous pen-testing to other modern products) and in Incident response support capabilities the best results on the market.”
Just about everyone on our top secure email gateways list deserves an honorable mention, and some new players have emerged that will have us revisiting that list soon enough.
And an additional honorable mention: Ever notice how good Gmail is at blocking spam and phishing emails?
Best Vulnerability Scanning and Management Tool: Rapid7 InsightVM
Vulnerability scanning and management is another critical market – after all, unpatched vulnerabilities remain one of the easiest entry or escalation points for attacks – but it’s also one of the most difficult things to get right. Security teams and sysadmins need to know which vulnerabilities matter the most – and which ones apply to them. Here we’ll give the award to Rapid7 InsightVM, which scans local, remote, cloud, containerized and virtual infrastructure and assesses business risk and likelihood of attack. The product also has a reputation as one of the easier ones to use. Qualys VMDR remains a formidable player in this market, but we’re giving Rapid7 the nod based on its overall higher user reviews. Both can get the job done – along with a number of our other picks for best vulnerability scanners and vulnerability management tools.
Best IAM Solution: Cisco Duo
Finalists: Okta, Ping
Identity and access management (IAM) is another changing cybersecurity market. In the case of IAM, it’s become an easy way for companies to start their zero trust journey, and thus a number of IAM leaders have also been early leaders in zero trust. Cisco has put together a remarkably strong zero trust portfolio, and at its heart is Duo, our top IAM product. Duo gets high marks for ease of use and value, and adaptive authentication, device visibility and application integration are standout features. Another market loaded with strong offerings; Okta and Ping are our other finalists based on their strong market presence.
See all our picks for top IAM solutions.
Best NAC Solution: Cisco ISE
Finalists: Fortinet, Extreme Networks, HPE Aruba
Network access control (NAC) is similar to IAM but operates at the device and network level. The major players in the NAC market typically have networking or firewall backgrounds, and so do our top picks. Cisco ISE is our overall winner, managing to post high scores both for value and capabilities, but there’s so much depth and strength here that we’re going to name three other finalists: Fortinet FortiNAC, Extreme Networks ExtremeControl, and HPE Aruba ClearPass.
See all of our top NAC solutions.
Best Security Awareness Training: KnowBe4
Finalists: Ninjio, Proofpoint
Finally, we’ve already mentioned the critical role that end users play in cybersecurity, so few cybersecurity investments are more important than employee awareness training. KnowBe4 remains the clear market leader while retaining an edge in ease of use, but Ninjio and Proofpoint are other compelling security awareness training solutions.
See our full list of Top Security Awareness Training Solutions.
Sam Ingalls and Drew Robb contributed to this report.