A curated list of publicly traded cybersecurity companies, organized by their core solutions and specialized domains. This resource is designed for investors, professionals, and enthusiasts looking to explore and analyze the diverse landscape of the cybersecurity market, encompassing 18 distinct solution categories and AI-driven offerings to address a wide range of security challenges.
- Specialists ("Pure Play") vs. Multiservice Cybersecurity
- Cybersecurity Stock Lists
- Non-US Traded Cybersecurity Companies
- Cybersecurity ETFs
- Business of Cybersecurity
- Cybersecurity Solutions Categories
- Contributing
- License
This list categorizes companies into two main types, reflecting how cybersecurity aligns with their overall business model:
- 🎯 Specialists ("Pure Play"): Focus exclusively on cybersecurity, dedicating their entire business to developing security solutions.
- 🌐 Multiservice: Offer cybersecurity as part of a broader range of technology solutions, such as networking, cloud services, or application delivery.
Exclusion: Tech giants like Microsoft or AWS are not included, as cybersecurity is just one part of their diverse operations. Additionally, this list does not include micro-cap or low-cap stocks to ensure focus on established companies and ETFs with significant market presence.
Cybersecurity Stock Lists (TradingView 📈)
Secures devices such as laptops, mobile devices, and servers from threats like malware and ransomware. Common solutions include Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) for real-time monitoring and response.
| Company | Ticker | Description | Domains | Resources | Growth | |
|---|---|---|---|---|---|---|
| CrowdStrike | $CRWD | @CrowdStrike | $CRWD | Cloud-native endpoint security. More 🎯 |    |
- SEC Filing - Earning Transcripts |
36.1% |
| SentinelOne | $S | @SentinelOne | $S | AI-driven endpoint protection. More 🎯 |  |
- SEC Filing - Earning Transcripts |
46.2% |
Protects an organization’s network perimeter and internal traffic. Typical measures include firewalls, Intrusion Prevention Systems (IPS), Virtual Private Networks (VPNs), and DDoS mitigation to block unauthorized access and attacks.
| Company | Ticker | Description | Domains | Resources | Growth | |
|---|---|---|---|---|---|---|
| Check Point | $CHKP | @CheckPointSW | $CHKP | Firewalls and threat prevention. More 🌐 |    |
- SEC Filing - Earning Transcripts |
5.8% |
| Cisco | $CSCO | @Cisco | $CSCO | Networking and security solutions. More 🌐 |    |
- SEC Filing - Earning Transcripts |
-5.6% |
| Fortinet | $FTNT | @Fortinet | $FTNT | Firewalls and endpoint security. More 🌐 | |
- SEC Filing - Earning Transcripts |
10.4% |
| Palo Alto Networks | $PANW | @PaloAltoNtwks | SASE and AI-based detection. More 🎯 | |
- SEC Filing - Earning Transcripts |
14% |
| Radware | $RDWR | @radware | $RDWR | DDoS and app security. More 🌐 |  |
- SEC Filing - Earning Transcripts |
2.3% |
| Juniper Networks | $JNPR | @JuniperNetworks | $JNPR | Networking and enterprise solutions. More 🌐 | |
- SEC Filing - Earning Transcripts |
10.9% |
| A10 Networks | $ATEN | @A10Networks | $ATEN | Secure app delivery, counter DDoS threats. More 🌐 | |
- SEC Filing - Earning Transcripts |
3% |
Controls user identities, authentication, and authorization. This category commonly includes solutions such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Privileged Identity Management (PIM) to ensure that only the right individuals have appropriate access.
| Company | Ticker | Description | Domains | Resources | Growth | |
|---|---|---|---|---|---|---|
| CyberArk | $CYBR | @CyberArk | $CYBR | Privileged access management. More 🎯 | |
- SEC Filing - Earning Transcripts |
30.3% |
| Okta | $OKTA | @Okta | $OKTA | Identity and SSO. More 🎯 | |
- SEC Filing - Earning Transcripts |
21.8% |
Secures cloud services, applications, and containers. It often involves technologies like Web Application Firewalls (WAF), Zero Trust frameworks, and Secure Access Service Edge (SASE) to enforce consistent security policies and monitor for threats in cloud environments.
| Company | Ticker | Description | Domains | Resources | Growth | |
|---|---|---|---|---|---|---|
| Akamai | $AKAM | @Akamai | $AKAM | CDN, DDoS mitigation, and app security. More 🌐 | |
- SEC Filing - Earning Transcripts |
5.9% |
| Cloudflare | $NET | @Cloudflare | $NET | Edge network services for CDN, DDoS, and Zero Trust. More 🌐 | |
- SEC Filing - Earning Transcripts |
27.6% |
| F5 | $FFIV | @F5 | $FFIV | Multi-cloud app security and load balancing. More 🌐 | |
- SEC Filing - Earning Transcripts |
-1.4% |
| Zscaler | $ZS | @Zscaler | $ZS | Zero Trust cloud security. More 🎯 | |
- SEC Filing - Earning Transcripts |
34% |
Safeguards data through backup, encryption, and access controls while ensuring compliance with regulations such as GDPR or HIPAA. It covers data integrity, recovery, and lifecycle management.
| Company | Ticker | Description | Domains | Resources | Growth | |
|---|---|---|---|---|---|---|
| Broadcom | $AVGO | @Broadcom | $AVGO | Enterprise security products from Symantec. More 🌐 |  |
- SEC Filing - Earning Transcripts |
44% |
| Commvault | $CVLT | @Commvault | $CVLT | Backup, recovery, and data management. More 🌐 | |
- SEC Filing - Earning Transcripts |
7% |
| Varonis | $VRNS | @Varonis | $VRNS | Data governance, security, and analytics. More 🎯 | |
- SEC Filing - Earning Transcripts |
12.1% |
| Rubrik | $RBRK | @RubrikInc | $RBRK | Data protection and cloud-based security. More 🌐 | |
- SEC Filing - Earning Transcripts |
4.7% |
Uses solutions like Security Information and Event Management (SIEM) and vulnerability management solutions, often supplemented with machine learning/AI, to detect, analyze, and respond to cyber threats by correlating security data from various sources.
| Company | Ticker | Description | Domains | Resources | Growth | |
|---|---|---|---|---|---|---|
| Elastic N.V. | $ESTC | @elastic | $ESTC | Search-based analytics, SIEM, and observability. More 🌐 | |
- SEC Filing - Earning Transcripts |
19% |
| Qualys | $QLYS | @Qualys | $QLYS | Cloud-based vulnerability management and compliance. More 🎯 |   |
- SEC Filing - Earning Transcripts |
12% |
| Rapid7 | $RPD | @Rapid7 | $RPD | Security analytics and vulnerability management. More 🎯 |  |
- SEC Filing - Earning Transcripts |
8% |
| SecureWorks | $SCWX | @SecureWorks | $SCWX | Managed security services and threat intelligence. More 🎯 | |
- SEC Filing - Earning Transcripts |
-21.1% |
| Tenable | $TENB | @TenableSecurity | $TENB | Cyber exposure and vulnerability management. More 🎯 | |
- SEC Filing - Earning Transcripts |
13% |
These cybersecurity companies are listed on international stock exchanges outside of the United States, offering a wide range of security solutions across various domains.
| Company (IR) | Ticker / Stock Exchange | Description | Domains | Revenue Growth (2024) | |
|---|---|---|---|---|---|
| Cyberoo | $CYB.MI - Borsa Italiana | @CYBEROO_ITALIA | $CYB | Provides MDR, threat protection, and cybersecurity services for businesses. More 🎯 | |
27.3% |
| Darktrace | $DARK.L - LSE | @Darktrace | $DARK | Offers AI-driven cybersecurity for real-time threat detection and response. 🎯 | |
24.0% |
| NCC Group | $NCC.L - LSE | @NCCGroupplc | $NCC | Cybersecurity consulting, managed services, and software security testing. More 🎯 | |
-1.0% |
| Thales | $HO.PA - Euronext Paris | @ThalesGroup | $HO | Develops digital security solutions (encryption, IAM, secure communications). 🌐 | |
9.2% |
| Trend Micro | $TMICY - OTC (OTCMKTS) | @TrendMicro | $TMICY | Threat detection, cloud security, and endpoint protection. More 🎯 | |
4.4% |
| WithSecure Oyj | $WITH.HE - Nasdaq Helsinki | @WithSecure | $WITH.HE | Endpoint protection, vulnerability mgmt, cloud security, consulting. More 🎯 | |
5.5% |
| Yubico AB | $YUBICO.ST - Nasdaq Stockholm | @Yubico | $YUBICO | Hardware-based authentication (YubiKeys) for orgs and individuals. 🎯 | |
N/A |
These exchange-traded funds invest in diversified portfolios of companies operating across various cybersecurity domains, offering investors broad exposure to the cybersecurity market.
| ETF Name | Ticker | Description | Total Return for 2024 | AUM (USD) |
|---|---|---|---|---|
| Amplify Cybersecurity ETF | $HACK | Tracks the Prime Cyber Defense Index, focusing on companies directly involved in the cybersecurity industry. | 23.3% | $1.94 billion |
| First Trust NASDAQ Cybersecurity ETF | $CIBR | Aims to match the Nasdaq CTA Cybersecurity Index™, targeting cybersecurity-focused tech and industrials firms. | 18.2% | $7.53 billion |
| Global X Cybersecurity ETF | $BUG | Invests in companies benefiting from cybersecurity tech adoption, specifically those developing/managing security protocols to prevent intrusions/attacks. | 9.6% | $823.43 million |
Explore resources that offer insights into the business, strategy, and trends shaping the cybersecurity industry. These blogs, newsletters, reports, and podcasts provide valuable perspectives for professionals, founders, and investors looking to deepen their understanding of this dynamic field.
-
Venture in Security
Ross Haleliuk explores the business of cybersecurity, focusing on the ecosystem, players, angel investing, venture capital, go-to-market strategies, and product-led growth. -
Strategy of Security
Cole Grolmus analyzes the business and strategy of cybersecurity, covering trends, companies, products, and case studies relevant to cybersecurity leaders and operators. -
Anton on Security
Dr. Anton Chuvakin shares analysis on market sub-segments, with a focus on log management and emerging cybersecurity challenges. -
Return on Security
Mike Privette provides insights on security trends, a weekly newsletter about cybersecurity investments, and product trend reports.
-
The Cyber Brain
Weekly conversations with tech buyers on motivations, challenges, and strategies for cybersecurity marketers and founders. -
Hacker Valley
Features discussions with cybersecurity marketers about effective go-to-market strategies and lessons from successes and failures.
-
Awesome Cybersecurity Stocks Watchlist
A curated list of publicly traded cybersecurity companies. -
Cybersecurity Ventures
Research and reports on cybercrime and market trends. -
Momentum Cyber
Industry reports, news, and insights on mergers, acquisitions, and market movements in cybersecurity. -
Statista: Global Cybersecurity Spending Forecast
Shows current and projected spending in the cybersecurity market. -
CB Insights: Cybersecurity Reports
Offers data-driven insights on the cybersecurity market. -
TechCrunch: Cybersecurity
Provides updates on startup news, market trends, and developments within the cybersecurity industry. -
Forrester: Cybersecurity Trends
Insights on cybersecurity strategies, technologies, and market trends from industry experts. -
Gartner: Cybersecurity Trends
Research on emerging challenges, solutions, and strategic insights shaping the cybersecurity landscape. -
CyberSeek Interactive Heatmap
Visualizes supply, demand, and career pathways in the cybersecurity job market.
This section outlines 18 distinct cybersecurity solution categories, each supported by real-world vendor examples and AI-driven offerings to address diverse security challenges.
- Network Traffic Analysis (NTA): Monitors/analyzes network traffic for suspicious activity (e.g., Cisco Stealthwatch, Darktrace).
- Firewalls: Secures network perimeters/controls traffic flow (e.g., Palo Alto Networks NGFW, Cisco ASA).
- Intrusion Detection/Prevention Systems (IDS/IPS): Detects/prevents unauthorized access (e.g., Snort, Suricata).
- Micro-Segmentation: Restricts lateral movement within networks by enforcing security policies at a granular level, enhancing zero-trust architectures (e.g., Illumio Core).
- Network Access Control (NAC): Enforces security policies by controlling device access to enterprise networks, ensuring compliance before granting access (e.g., Aruba ClearPass).
- Endpoint Detection and Response (EDR): Real-time endpoint threat detection with capabilities for proactive identification of advanced threats (e.g., CrowdStrike Falcon, Carbon Black).
- Extended Detection and Response (XDR): Cross-layer detection and response, providing unified threat visibility and action across endpoints, networks, and cloud environments (e.g., Microsoft Defender XDR, Palo Alto Cortex XDR).
- Mobile Threat Defense (MTD): Protects mobile devices (e.g., Lookout, Zimperium).
- Endpoint Protection Platforms (EPP): Comprehensive device security (e.g., Symantec Endpoint Security, Trend Micro Apex One).
- Device Management: Centralized endpoint compliance/security (e.g., Microsoft Intune, Workspace ONE).
- Mobile Device Management (MDM): Centralized management and security of mobile devices, supporting diverse needs such as corporate fleets, personal devices in BYOD environments, and large-scale deployments (e.g., Cisco Meraki, VMware Workspace ONE, Jamf Pro, Ivanti, SOTI MobiControl, ManageEngine Mobile Device Manager Plus).
- SIEM (Security Info and Event Management): Centralized platforms for collecting, analyzing, and correlating security data to uncover potential threats (e.g., Splunk, IBM QRadar).
- XIEM (Extended IEM): Enhances traditional SIEM capabilities with advanced analytics and machine learning for deeper insights. (e.g., LogRhythm XIEM, Exabeam).
- Behavioral/Insider Threat Analytics: Detects anomalous and malicious activity by analyzing user and entity behavior patterns (e.g., Varonis, Securonix).
- Configuration Monitoring: Ensures authorized configurations only (e.g., Chef InSpec, Puppet Enterprise).
- Patch Management: Automates vulnerability patches (e.g., ManageEngine Patch Manager Plus, Ivanti Patch).
- SOAR: Platforms to automate incident investigation, containment, and remediation (e.g., Splunk Phantom, Palo Alto Cortex XSOAR).
- XOAR: Extended Orchestration for complex environments (e.g., IBM Resilient, Google Chronicle SOAR).
- Autonomous SOC Solutions: AI-driven systems to automate security operations, including detection and response processes (e.g., StrikeReady, Arcanna.ai).
- Threat Intelligence Platforms (TIPs): Aggregate/analyze threat data (e.g., Recorded Future, ThreatConnect).
- AI-Driven Threat Detection: Uses AI for threat detection (e.g., Darktrace, Vectra AI).
- User/Entity Behavior Analytics (UEBA): Analyzes activity patterns to detect potential security incidents before they escalate (e.g., Securonix UEBA, Exabeam).
- Deepfake Detection: Identifies AI-generated content for media integrity (e.g., Reality Defender, Truepic).
- Physical Security Controls: Prevents unauthorized data center access (e.g., HID Global, Bosch).
- Data Center Firewalls: Monitors/protects traffic within DCs (e.g., Fortinet FortiGate DC Firewall, Juniper SRX).
- Data Loss Prevention (DLP): Prevents data leakage.
- Endpoint DLP, Network DLP, Storage DLP, Email DLP, etc.
- AI-Based Data Flow Mapping: Automates the discovery of sensitive data flows and risks (e.g., 1Touch.io, Cyberhaven).
- Cloud Access Security Broker (CASB): Provides visibility, compliance enforcement, and data protection for cloud-based services, ensuring secure usage of SaaS, IaaS, and PaaS environments (e.g., Cisco Cloudlock, Forcepoint CASB).
- Airgap Security: Utilizes physical or virtual isolation to protect systems from network threats, ensuring no direct network connectivity for critical systems.
- Privileged Access Management (PAM): Secures privileged accounts (e.g., CyberArk, BeyondTrust).
- Multi-Factor Authentication (MFA): Multiple identity verifications (e.g., Duo, Okta MFA).
- IGA (Identity Governance/Admin): Manages user permissions (e.g., SailPoint, IBM Security IGA).
- IAM: Controls system/data access (e.g., Okta, Azure AD).
- Secure Mobile Access: VPN/MFA for mobile users (e.g., Palo Alto Prisma Access, Zscaler Private Access).
- AI for Identity Security: Enhances identity verification processes with behavior analysis and fraud detection (e.g., Twine Security, RedBlock.ai).
- DAST: Tests running apps for vulnerabilities (e.g., Burp Suite, OWASP ZAP).
- SAST: Analyzes source code (e.g., SonarQube, Checkmarx).
- IAST: Combines DAST + SAST (e.g., Contrast Security, Synopsys Seeker).
- RASP: In-app runtime protection (e.g., Imperva RASP, Signal Sciences RASP).
- SCA: Open-source vulnerability tracking (e.g., Snyk, WhiteSource).
- WAF: Web app firewall (e.g., Akamai Kona, Imperva WAF).
- Mobile App Security: Dev-time & runtime protection (e.g., Veracode Mobile, NowSecure).
- Cloud Workload Protection Platforms (CWPP): Provides comprehensive security for cloud-native workloads, including containers, virtual machines, and serverless functions. Features include vulnerability scanning, runtime monitoring, and compliance enforcement (e.g., Aqua Security, Sysdig Secure, Prisma Cloud).
- Software Supply Chain Security: Protects against risks in software development pipelines, including vulnerabilities, misconfigurations, and secrets in code repositories (e.g., GitGuardian, JFrog Xray, Sonatype Nexus).
- SBOM Tracking: Manages and tracks Software Bill of Materials for transparency and security in software components (e.g., Anchore, CycloneDX).
- AIBOM (AI Bill of Materials): Tracks and documents datasets, models, and dependencies in AI systems to enhance transparency and ensure secure deployment.
- AI for Application Security: Identifies vulnerabilities during development and deployment (e.g., Mobb.ai, Pixee.ai).
- Secure Email Gateway (SEG): Filters malicious email (e.g., Proofpoint, Mimecast).
- Anti-Phishing: Educates/detects phishing (e.g., KnowBe4, Cofense).
- Cloud Email Security: Secures hosted email (e.g., Microsoft Office 365 Defender, Google Workspace).
- AI-Enhanced Email Threat Detection: Identifies AI-crafted phishing attempts using advanced NLP and behavioral analysis (e.g., Tessian, Abnormal Security).
- Phishing Simulation: Tests staff on phishing recognition (e.g., KnowBe4, Cofense PhishMe).
- Security Awareness: Ongoing staff education (e.g., SANS Security Awareness).
- AI-Based Training Solutions: Personalizes awareness programs using behavior analysis (e.g., Culture.ai, Outthink.io).
- Risk Assessment Services: Evaluate and mitigate cybersecurity risks (e.g., Qualys Risk, Rapid7 Risk).
- Compliance Readiness: Prepare organizations for regulatory requirements (e.g., Deloitte, PwC).
- Adversarial Simulation and Vulnerability Assessments: Simulates real-world attack scenarios and conducts detailed assessments to uncover vulnerabilities in applications, systems, and networks, offering actionable insights for improving security resilience (e.g., NCC Group, Trustwave).
- AI-Driven Compliance Management: Leverages AI for automating compliance with regulatory standards (e.g., Styrk.ai, SurePath.ai).
- Managed Detection and Response (MDR): Combines advanced threat detection, 24/7 monitoring, and response services to identify and mitigate threats (e.g., CrowdStrike Falcon Complete, Rapid7 MDR).
- Incident Response Services: Expert-led investigation, containment, and recovery during or after security incidents, minimizing impact and reducing recovery time (e.g., Palo Alto Networks Unit 42).
- Continuous Vulnerability Management: Regular scans/remediation (e.g., Qualys VM, Nessus).
- CAASM (Cyber Asset Attack Surface Mgmt): Reduces overall attack surface (e.g., CyCognito, RiskIQ).
- Breach & Attack Simulation (BAS): Tests security defenses through real-world attack scenarios to uncover vulnerabilities and gaps (e.g., SafeBreach, AttackIQ).
- Incident Response Platforms: Streamlines and automates workflows to manage and contain security incidents effectively (e.g., IBM Resilient, ServiceNow Security IR).
- ICS Security Platforms: Protect operational tech from cyber threats (e.g., Nozomi Networks, Claroty).
- SCADA Security: Secures critical infrastructure (e.g., Siemens SCADA, Honeywell Industrial Cybersecurity).
- Compliance Management: Tracks adherence to standards (e.g., RSA Archer GRC, LogicManager).
- Risk Management: Identifies/mitigates organizational risks (e.g., ServiceNow GRC, MetricStream).
- Vendor Risk Assessment: Evaluates third-party security posture (e.g., BitSight, RiskRecon).
- Supply Chain Security: Monitors dependencies/supply chain (e.g., CyberGRX, Venafi).
- AI-Driven Third-Party Risk Insights: Offers automated insights into vendor vulnerabilities (e.g., Prevalent AI, Panorays AI).
- 🌟 Star this repository if you found it helpful.
- 🐛 Report Issues to suggest fixes or improvements.
- 🚀 Submit a Pull Request to add new stocks or insights.
- Investment Disclaimer: This list is for informational purposes only and should not be construed as financial advice. Always do your own research before making investment decisions.
- Trademark Disclaimer: All product or company names are trademarks™ or registered® trademarks of their respective holders. Use does not imply endorsement.
- Email: [email protected]
- LinkedIn: Tal Eliyahu
- Twitter: @Eliyahu_Tal_
This work is licensed under the MIT License.
© 2025 Tal Eliyahu