NGFW
Next-Generation Firewall
Network firewall with deep-packet inspection, application awareness and integrated IPS — the modern descendant of the stateful firewall.
8 vendors →
EDR
Endpoint Detection and Response
Agent on every laptop and server that records process behaviour, detects malicious activity and lets analysts hunt or contain hosts remotely.
8 vendors →
XDR
Extended Detection and Response
Single platform that correlates detections across endpoint, network, identity, email and cloud — sold as the SOC's primary console.
7 vendors →
SIEM
Security Information and Event Management
Central log and event store with correlation and detection rules — the system of record for the SOC.
8 vendors →
SOAR
Security Orchestration, Automation and Response
Workflow engine that runs SOC playbooks across security tools — case management, enrichment, automated containment.
7 vendors →
MDR
Managed Detection and Response
24x7 outsourced SOC that monitors a customer's tools, investigates alerts and either responds for them or hands off with context.
8 vendors →
CASB
Cloud Access Security Broker
Sits between users and SaaS apps to enforce access policy, find shadow IT and stop sensitive data leaving sanctioned tenants.
6 vendors →
SSE / SASE
Security Service Edge / Secure Access Service Edge
Cloud-delivered security stack — typically SWG, CASB, ZTNA and FWaaS — branded SSE on its own, or SASE when bundled with SD-WAN.
8 vendors →
ZTNA
Zero Trust Network Access
Identity-aware private application access — the modern replacement for client-VPN-into-the-corporate-network.
9 vendors →
Microsegmentation
Microsegmentation (East-West Workload Segmentation)
Host- or workload-level controls that restrict east-west traffic between servers, containers and users to break the lateral-movement step of an attack.
7 vendors →
NDR
Network Detection and Response
Sensors on the network that profile traffic and detect intrusions through behavioural analytics rather than signatures.
7 vendors →
DLP
Data Loss Prevention
Inspects data in motion, in use and at rest to stop sensitive content leaving sanctioned channels.
8 vendors →
Email Security
Email Security / Secure Email Gateway
Sits in front of corporate mail to block phishing, malware and business email compromise — increasingly delivered via API rather than MX-record.
8 vendors →
WAF
Web Application Firewall
Inspects HTTP traffic to block OWASP-class web attacks — SQLi, XSS, broken access control — usually delivered as a CDN add-on or virtual appliance.
8 vendors →
IAM
Identity and Access Management
The directory of who exists, what they can access, and how they prove who they are — covers workforce, customer (CIAM) and machine identities.
8 vendors →
PAM
Privileged Access Management
Vaults privileged credentials, brokers admin sessions and records what privileged users actually do — particularly important in regulated environments.
8 vendors →
MFA / SSO
Multi-Factor Authentication and Single Sign-On
Logging users in once with strong proof — passwords plus a second factor, or fully passwordless via FIDO2/passkey.
8 vendors →
VM
Vulnerability Management
Continuously inventories assets, finds known vulnerabilities, prioritises them and tracks remediation — increasingly rebranded as exposure management.
8 vendors →
CNAPP
Cloud-Native Application Protection Platform
Single platform that combines posture (CSPM), workload runtime (CWPP), entitlement (CIEM) and code-to-cloud signals across AWS, Azure and GCP.
9 vendors →
AppSec / SAST-DAST-SCA
Application Security Testing
Tools that find vulnerabilities in source code (SAST), running apps (DAST) and open-source dependencies (SCA) — typically wired into the CI/CD pipeline.
9 vendors →
ASPM
Application Security Posture Management
A layer above SAST/DAST/SCA that aggregates findings, deduplicates them, ties them back to code owners and prioritises by real risk.
8 vendors →
API Security
API Security
Discovers and protects production APIs — discovery, posture, runtime detection of abuse and authorisation flaws.
8 vendors →
Secrets Management
Secrets Management
Stores and rotates the credentials that applications and pipelines need — API keys, database passwords, certificates — out of source code and CI variables.
8 vendors →
DSPM
Data Security Posture Management
Discovers where sensitive data lives across cloud, SaaS and on-prem stores, classifies it and surfaces who can reach it.
8 vendors →
Backup & Recovery
Backup, Recovery and Cyber Resilience
Backs up data and workloads, increasingly to immutable storage, so the business can recover from ransomware without paying.
8 vendors →
CTI
Cyber Threat Intelligence
Curated information on adversaries, campaigns and indicators — bought as a feed, a portal, or as analyst services.
8 vendors →
EASM
External Attack Surface Management
Continuously enumerates an organisation's internet-facing footprint — domains, services, certs — and flags exposures before attackers do.
7 vendors →
Bot Management
Bot Management
Detects and mitigates automated traffic — credential stuffing, scraping, fake account creation — typically at the CDN edge.
7 vendors →
SAT
Security Awareness Training and Phishing Simulation
Training and simulated phishing campaigns aimed at reducing the click-through rate on real attacks.
6 vendors →
Anti-Vishing
Help Desk and Voice Identity Verification
Verifies that the person on the phone or at the help desk is who they claim to be — addresses voice-phishing (vishing) and the social-engineering help-desk attacks Scattered Spider used against MGM and Caesars.
8 vendors →
OT / ICS Security
Operational Technology and Industrial Control System Security
Visibility and threat detection for industrial networks — OT protocols, ICS assets, IoT devices — that classic IT security tools don't see.
7 vendors →
DDoS Protection
DDoS Protection
Absorbs and filters volumetric and application-layer denial-of-service attacks before they reach the origin.
8 vendors →
Deception
Deception Technology
Plants decoys, breadcrumbs and tokens across the environment so that any interaction is high-fidelity evidence of an intruder.
5 vendors →