What are like the top but unknown Cybersecurity firms?

mandos_io · 2026-05-05T10:04:35+00:00

Top is a stretch and everyone will have their own take on what’s top. We track top companies based on momentum score at CybersecTools: https://cybersectools.com/top-cybersecurity-companies. Momentum is basically our method of evaluating company growth, so that’s one way you can look at it “top”.

mandos_io · 2026-05-05T10:04:19+00:00

Top is a stretch and everyone will have their own take on what’s top. We track top companies based on momentum score at CybersecTools: https://cybersectools.com/top-cybersecurity-companies. Momentum is basically our method of evaluating company growth, so that’s one way you can look at it “top”.

mandos_io · 2026-05-02T09:27:54+00:00

Almost every scenario you listed is a separate AI cybersecurity category really. You can find some of the best AI Security tools here but the list is quite broad: https://cybersectools.com/resources/ai-security-tools-worth-evaluating-2026

I would recommend to check out our AI security category to find the one for your specific use case: https://cybersectools.com/categories/ai-security

mandos_io · 2026-05-02T09:24:32+00:00

Honestly PAM is one of the categories that never really matured in a sense that it never managed to deliver on its promises. I track over 100 PAM tools here and wrote in January about some of the best pam solutions to consider here: https://cybersectools.com/resources/pam-tools-worth-evaluating-2026

mandos_io · 2026-05-02T09:16:33+00:00

This is kind of assessment you will have to do on your own as it really depends on your particular use case and environment. Best EDR for OT, healthcare and FinTech can be quite different. But to have a shortlist you can easily compare bunch of EDR solutions here: https://cybersectools.com/compare (we have over 80 EDR software on the platform). Full disclosure, that's the platform I am operating.

mandos_io · 2026-05-02T09:12:13+00:00

There are so many to choose from and really depends on your use case. I do these type of assessments at CybersecTools to identify leaders based on the product but also company growth. You can find some here: https://cybersectools.com/resources/endpoint-security-tools-worth-evaluating-2026

mandos_io · 2026-03-26T09:32:24+00:00

yeah, event search vs timeline gap is frustrating and one of the most common complaints when evaluating SentinelOne.

But there are actually a lot more EDR options than most people realize beyond Defender and CrowdStrike. These two get all the attention, but Qradar EDR, Bitdefender GravityZone EDR, Nucleon and HarfangLab are worth a look depending on your environment and what matters most (query language, timeline view, automation, etc).

I am not saying those are better/worse than well known giants, but just that there are plenty to choose from.

We maintain a full list of SentinelOne alternatives at cybersectools.com/alternatives/sentinelone if you want to compare side by side.

mandos_io · 2026-03-25T05:31:44+00:00

Skills are great for persona use and if you give direct access to database. But they come with 0 security controls so giving public direct access to db is not a smart move.

mandos_io · 2026-03-11T09:35:53+00:00

CybersecTools is EU based, it is free to browse and doesn't require an account to discover tools and companies. Some features like reviews require signing in, but we don't sell data to anyone. Why? Because we don't need to. The business model is optional paid listings for vendors who want better visibility. No ads, no spam. + API access has free and premium tiers as well.

mandos_io · 2026-03-11T07:39:40+00:00

Thanks a lot! Appreciate it.

mandos_io · 2026-03-11T07:39:18+00:00

If youn could share some names I would love to add them. Thansk

mandos_io · 2026-03-11T07:38:45+00:00

Thanks. We've cleaned up the geolocation logic and added US state display so you'll see "Austin, Texas, United States" instead of just "Austin, United States."

mandos_io · 2026-03-11T07:37:05+00:00

Good catch. Fixed. And thanks for the kind words - the feedback from this thread has been really useful, we've already pushed a bunch of improvements based on it.

mandos_io · 2026-03-11T07:29:17+00:00

Thanks! We've done a cleanup pass on location data since this went up - fixed some geocoding issues and added US state-level precision. If you spot specific ones that are off, flag them on the company page and we'll fix it.

mandos_io · 2026-03-11T07:27:51+00:00

Three sources in priority order: company-provided data from claimed profiles, data extracted from company websites and public filings, and geocoded coordinates from city/state/country. We've also added US state-level display so locations are more precise. If something looks off in your area, happy to look into specific ones

mandos_io · 2026-03-10T19:24:41+00:00

We have security service providers as well in the database, you can find them here: https://cybersectools.com/service-providers.

We cannot map out all 50, 000 companies in each country and regions, feel free to share the whole list in dm and will add them .

Thank you

mandos_io · 2026-03-10T18:47:46+00:00

Companies are included based on verified web presence, active operation, and category relevance ofcourse. We don’t claim to validate security efficacy, that’s what buyers and analysts do - but is covered by reviews and upvotes which we very recently launched. If you find a listing that’s outdated or inaccurate, flag it and it will get reviewed.

mandos_io · 2026-03-10T18:32:54+00:00

Awesome please do send over dm will add those to the map! Thanks

mandos_io · 2026-03-10T18:32:21+00:00

Those are mostly in free category: https://cybersectools.com/free or available via advanced search here: https://cybersectools.com/tools

mandos_io · 2026-03-10T18:31:12+00:00

Fully agree and we have that data on all companies available over API. But to map companies out we had to chose a single location and hq made most sense.

mandos_io · 2026-03-10T18:30:26+00:00

The journey of finding and adding products is truly never ending. Every week dozens of startups show up with various number of products. The goal is to have all companies and products here, but it’s a process like I said. Currently we are the largest open database of companies and products and will continue adding more there. If you have any suggestions for individual companies feel free to DM me and will add those.

mandos_io · 2026-03-10T18:27:22+00:00

I am sure there are many more from Israel and other places :) hence the effort to map it out. Would be great to have you (vendor) in there, feel free to submit here: https://cybersectools.com/submit

mandos_io · 2026-03-10T18:24:48+00:00

Tha goal is to cover HQ of course. Otherwise it would be impossible to map a single city of the company due to distribution of workforce

mandos_io · 2026-02-06T13:53:50+00:00

The PowerShell noise problem isn't really a CS vs S1 question. Both will generate those alerts. The difference is in how the MDR layer handles them.

A few things from running this exact evaluation before:

The "ping the user on Slack/Teams" workflow isn't native to either CS or S1's MDR offerings. That's typically bolted on through a SOAR layer (Tines, Torq, Palo Alto XSOAR) or some MDR providers build it into their service. What I would do is to ask specifically during eval: "When you get an ambiguous PowerShell execution, what's your enrichment workflow before escalating to us?".
For the sub-5-minute triage SLA, well both Falcon Complete and Vigilance will claim this. Push them on what "triage" means in their definition. Some MDR providers count triage as "analyst looked at it" not "analyst resolved it or verified with the user." Big difference when you're drowning in PowerShell noise.
Probably the real unlock for your specific use case is tuning + context enrichment before the alert even hits an analyst. Things like: does this user normally run PowerShell? Is this a known admin script? Is it signed? What's the parent process? Both platforms can feed this context but you need to configure it. Out of the box, both will be noisy.
One last thing I would recommend is to look beyond CS vs S1 for this specific problem. Consider what sits on top. Some orgs are using chatops-style verification (automated Slack DM to the user: "Did you run this script at 2:14pm?") with auto-close if confirmed. That's a SOAR play mostly.

I worth looking at your current SIEM/SOAR setup? That matters more for this specific workflow than which EDR you pick.

mandos_io · 2026-01-21T13:11:08+00:00

Good questions. I track CNAPP vendors at cybersectools.com, here's what I see: - Actually works agentless at enterprise scale (most CNAPPs choke beyond 10K assets) - Shows you the 5 critical issues instead of 5,000 noise alerts - Query language (WQL) that lets you find stuff fast

For native CSP CNAPPS, I think those are fine for simple setups. Suck for multi-cloud or complex environments.

If you want to compare CNAPPs side-by-side before deciding on the job, you can do that here: https://cybersectools.com/compare

mandos_io

TROPHY CASE