CrowdStrike, a leader in cloud-based endpoint solutions, has expanded dramatically over the past few years, and is a name that has “finally bubbled to the top”, an executive at Solid Border, which partners with vendors to provide clients with cybersecurity solutions, told us. The company has been busy on the M&A front while investing heavily in R&D and its “growth has just really started to explode YoY”. Notable CrowdStrike competitors in terms of endpoint security include SentinelOne, which went public in June 2021, as well as Carbon Black, Cisco, Eset and Bitdefender. While we heard that Palo Alto could at some point give CrowdStrike a run for its money, it was noted that, for now, “CrowdStrike is two or three years ahead” in terms of modules, which, in many cases, “no one else has yet”.
Another factor contributing to CrowdStrike’s success is that the company has focused on winning business with small and medium-sized businesses as well as larger enterprises. “That’s been my problem with a lot of cybersecurity firms over the years… if you’re only focusing on the Fortune 100… you’re looking at a tiny piece of the pie,” the specialist said. Indeed, the more industries you touch, the “more interesting your data is going to be”. Automatic updates is an area the company has also shown is of great value to customers, while identity verification and vulnerability scanning are “ripe for disruption”.
Other observations were that endpoint is now the most crowded corner of the cybersecurity industry, the Solid Border executive said, with endpoint detection and response (EDR) beginning to be superseded by extended detection and response (XDR), which goes beyond endpoints to include aspects such as email and networks. “I’m pretty sure everyone in the next nine months is going to rename their EDR to XDR. It’s the bandwagon. I have got to credit Palo Alto for the XDR because they came out with that one.” However, the expert believes it will take some time for the true value of XDR to be realised, as the industry has yet to figure out how to make it work across multiple vendors.
As a cybersecurity and systems management and communications company, Tanium is not strictly a security player but has a unique role in the market. As we heard from a former company director, the “volume, variety and velocity” of endpoints is “absolutely exploding”, with the need to identify and secure them more crucial than ever.
Tanium’s core technology is “essentially a way to query and communicate with endpoints in near real-time, even if there are thousands of them on a network”, providing businesses with important data and information as soon as they need it. As we’ve been told, at the heart of any cybersecurity framework is asset discovery and inventory, as “you can’t secure what you don’t know about”. Some organisations have thousands of devices — often distributed globally — so this can be extremely challenging. Having institutional control over the assets on a network is mission-critical, and certainly something any board wants to see.
However, the expert has come to see a “glaring lack of anti-malware and antivirus software”, and questioned whether Tanium might build its own security product or license an engine to round out its offering. The company has also been built on business with large enterprises, which is “fantastic to top-line revenue numbers when you close software for a firm that has, say, 75,000 endpoints” — but this approach will only take you so far. While the expert believes the company provides important technology, it could end up in a difficult place if it “doesn’t successfully penetrate the 1,000-5,000 endpoint marketplace”.
Another company Forum looked at was Qualys, a key player in vulnerability security and compliance that has also been expanding its product portfolio to reflect “tectonic IT shifts toward the cloud, multi-cloud hybrid IT and DevOps” — but perhaps too slowly. While the company’s large base of customers and partners provides an “almost guaranteed revenue stream”, some red flags have emerged in recent quarters, according to a former company SVP.
“In my opinion, Qualys has somewhat lost its momentum in the recent past, relying on its de facto status as the industry-standard vulnerability assessment management solution,” they said. Annual revenue growth has come under pressure in recent years and competition, which includes the likes of Rapid7 and Tenable, is ramping up, we heard. “A successful cybersecurity leader with a portfolio of in-demand solutions delivered as a SaaS service, in my opinion, should grow 20%-plus YoY.” Its support model is starting to “show cracks” as its customer base has grown, they added, causing longer resolution times and delays to product enhancements.
However, the rollout of the company’s vulnerability management, detection and response was a “step forward” and reinforces the notion that being aware of hundreds of vulnerabilities is only helpful to a certain extent given today’s intensifying threat landscape. The specialist believes it is imperative that Qualys continues to invest in XDR if it is to successfully compete against its peers. “But it is also the right thing to do if you want to grow the revenue from existing customers and bring [in] new ones.” Indeed, as we heard, “there is still plenty of greenfield” across the entire cybersecurity market, and opportunities “where you don’t have to displace a well-entrenched competitor”.

We heard in another Interview that cybersecurity for enterprise resource planning (ERP) is gaining momentum. As the “brains of the business”, information stored in the myriad ERP applications that are typically present in an organisation is a “treasure trove of information” for a hacker. But addressing their vulnerabilities requires looking beyond traditional code bases and is where vendors such as Appsian, ERPScan and Onapsis are paving the way for a market that “will become more specialised” as more businesses are forced to move operations to the cloud, a former VP at Onapsis Inc told us.
Securing ERP code bases as they are moved to the cloud is a substantial opportunity, according to the Interview. “If you… test your code for cleanliness and efficiency while you’re writing it… it will absolutely accelerate your voyage to the cloud, and when you get there, your code will be cleaner and more secure. That, to me… is really the holy grail of where cybersecurity for ERP is going.” The expert predicted that the TAM will be USD 500m by 2025.
The cybersecurity market is in an arms race against today’s and tomorrow’s threats. As businesses continue to move their IT operations to the cloud, with more and more endpoints connecting to their networks, being able to access and relay data in real-time will be key to mitigating risk. As we heard, there is plenty of greenfield for the industry to go after — but it’s also a highly competitive market where customers are “ready to jump to the next vendor” if something goes wrong.
The information used in compiling this document has been obtained by Third Bridge from experts participating in Forum Interviews. Third Bridge does not warrant the accuracy of the information and has not independently verified it. It should not be regarded as a trade recommendation or form the basis of any investment decision.
For any enquiries, please contact sales@thirdbridge.com