Usually we think of these tools in terms of vulnerability scanning and penetration testing. But those are active analysis techniques. There are passive approaches, such as protocol and attack analysis and forensics, to which we need to pay attention as well. This year's innovators reflect that.
This also is the toughest category we review because there is a lot of motion in the various sub-markets. That, of course, is one of the things that makes these companies innovators. They don't roll with the punches - they anticipate them and change directions in advance of the punch landing.
Three of these five companies are repeat winners. But the remaining two are really worth watching as newcomers to these annual pages. One of them, our SIEM entrant, has been around quite a while, but its evolution has consistently been ahead of what would perhaps be expected given the motion in their marketplace.
Among the subgroups, the toughest is forensic tools. By the diverse nature of this category we are almost forced to pick based on a somewhat different set of criteria from the rest. While we always assess the potential winner on its own merits, for forensics tools this is pretty tough to do without breaking up the sub-category into more granular chunks.
We did not do that because we found a single standout company that looked for a niche where none really existed and exploited it. This is a very good example of a small entrant beating out the giants because of innovation - both in technology and business practices. We often find that the giants have neat technology, but are doing the same old things in the marketplace. We think that this attitude is restrictive, and the innovators find ways to get to their marketplaces in far more elegant ways - a necessary approach because they don't usually have the luxury of immense marketing budgets.