The YubiKey 5C NFC, Yubico - 

The judges praised the YubiKey 5C NFC as a “solid entry”. Released in September 2020, the YubiKey 5C NFC is the world’s first security key featuring dual USB-C and near-field communication (NFC) connections. It has since been coined as ‘the all-in-one security key for the modern worker’ since it enables users to jump between multiple devices with ease and accommodates their varying workflows. 

One touch or tap to authenticate is all that’s needed. This simplicity is a significant benefit when most employees are struggling to balance the increasing overlap of personal and work responsibilities. And the need for cybersecurity during the pandemic was particularly acute.

Online fraud has grown exponentially over the last year, as hackers take advantage of the chaos fuelled by the pandemic and target vulnerable organisations who have shifted to working completely remote. Many companies have found themselves in critical need of a flexible solution to protect their employees.

As part of the YubiKey 5 Series, the YubiKey 5C NFC is equipped with Yubico’s signature multi-protocol support –– an invaluable benefit for enterprises –– that allows one key to work across a wide range of services and applications ranging from email clients, identity access management (IAM) solutions, VPN providers, password managers, social media platforms, collaboration tools, and hundreds more.

And to ensure scalability, Yubico recently introduced a new set of services, YubiEnterprise Services, which allows enterprises to easily procure and distribute YubiKey authentication solutions for employees at scale. During the pandemic, YubiEnterprise Services has proved to be especially critical as many organisations were forced to transition to completely remote, placing stress on IT departments to manage and distribute security systems quickly and efficiently.


Extrahop's Reveal(x), Extrahop - 

“Extrahop's Reveal (x) is a good enterprise-grade threat-detection solution,” said the judges. They went on to praise the quality of its award submission and to highlight the convincing nature of the case-study submitted by the Extrahop team. 

While many enterprises still cling to perimeter defences, adversaries are better than ever at outsmarting those defences and getting beyond the perimeter unnoticed. Traffic that comes in and out of environments is often closely observed, but the traffic within is commonly unmonitored. It’s here where adversaries do the real damage. 

Reveal (x) offers enterprises unparalleled visibility within their enterprise environments. By constantly monitoring wire data and continuously capturing packets as they move across the network, enterprises can monitor for malicious behaviour in real time. 

The platform lays its foundation by automatically discovering and classifying every asset in its environment, and then uses machine learning driven behavioural analysis to establish what is normal and abnormal behaviour. It can then contextualise detections with threat intelligence, risk scores and asset criticality.

It also provides an unparalleled level of scalability and deep insight in threat detection.  Scalability is a real problem for many network security products, but not for Reveal (x), which can analyse a sustained 100 Gbps of traffic in real time, several times more than its leading competitors.

And it decrypts all traffic at line rate, gleaning valuable information from SSL and TLS encrypted traffic. Competitors either don’t decrypt or rely on headers to identify encrypted traffic which leaves enterprises open to SQL injection and cross-site scripting attacks.


Cymulate Breach & Attack Simulation Platform, Cymulate - 

The judges described the winner as a great entry, based on a strong solution and with good customer testimonials. Cymulate's Breach and Attack Simulation (BAS) platform provides continuous security validation, enabling companies of all sizes to challenge, assess and optimize their cyber-security posture against the constantly evolving threat landscape, simply, continuously and within minutes. 

It supports customers in getting the best value from their security products and prepares them for the ongoing cyber onslaught.  Simulating the latest threats in the wild, Cymulate tests an organization’s security defences and controls across the entire kill-chain. The platform provides the largest range of attack vectors in the industry covering pre-exploitation, exploitation and post-exploitation stages. 

With its out-of-the-box risk assessments and high level of automation Cymulate BAS Platform reduces the need for expensive and highly skilled personnel. It provides the current security posture for the highly targeted email vector. 

Cymulate’s simple deployment takes less than an hour and requires only one agent installed on a standard corporate endpoint. Other BAS solutions add complexity and resources for in-house management by requiring a central server to manage agents. 

The SANS Institute, an industry-leading specialists in cybersecurity, praised the simplicity of Cymulate’s deployment and endorsed the recent product enhancement offering customers the ability to customize their own purple team-style assessments.

“We invested practically zero resources in deploying the solution, operating it and getting results. This is immediate ROI. We have been looking in different areas and companies, but none of them deal with the main attack vectors, as Cymulate does, in a more comprehensive and complete solution,”
Mor Asher, Global Infrastructure & InfoSec Manager, Telit.


Cloud Entitlements Manager, CyberArk - 

“An interesting product with clear use cases,” said the judges. “They went on to
comment on the effectiveness of the solution, judged on its AI permissions analysis
and other scoring criteria.

CyberArk Cloud Entitlements Manager helps strengthen the security of cloud
environments by identifying and removing excessive permissions that leave
organizations vulnerable. Anchored in privileged access management (PAM),
CyberArk uses AI to help organizations implement least-privilege across cloud
environments to significantly reduce risk and improve overall visibility and security.

Over the past year, many organizations accelerated their digital transformation
efforts – achieving years of transformation in just a few months. As organizations
scale cloud deployments, they are also creating significantly more human and
machine identities and thousands of associated permissions.

These identities need to be securely and properly configured. According to ESG
research, overly permissive privileges is the most common type of cybersecurity
attacks against cloud applications and services.

Born out of CyberArk Innovation Labs, and developed and tested with strategic
customer design partners, Cloud Entitlements Manager quickly delivers value and
helps organizations accelerate their cloud initiatives.

Cloud Entitlements Manager is the industry’s first and only privilege-based AI-
powered solution for removing excessive cloud permissions. The solution is cloud-
agnostic. It works with all major cloud services. It provides a single, centralised view
of permissions across platforms and continuously scans the environments, using AI
to understand current entitlements and usage for each cloud identity. The platform
immediately generates the appropriate least privilege policy for each. This enables
the rapid remediation of any risky permissions.

Other differentiators include a consumer-grade user interface that is easy to deploy - accelerating time to value. Cloud Entitlements Manager is also the most cost-
effective solution of its kind with a serverless back-end that requires no VM footprint in the cloud environment.


Tanium - 

Praising the quality of the entry and the supporting material, judges singled Tanium out for its “good technical account management and knowledge base as well as free community forums.” They also praised the ongoing and engagement and support the company provides to its clients.

Tanium provides unparalleled, endpoint management and security platform services, for the ultimate control and visibility at scale. But, according to the company, its true differentiator is its relentless commitment to customer success.

SME and smaller public customers receive world-class support via the company’s customer support centre. There they can access live technical support via an easy-to-use interface, with a common set of tools, processes and documents.

For enterprise customers, the company provides dedicated technical account managers (TAMs) and success teams. These partner with customers to drive critical business results, throughout the full lifecycle of technology adoption. 

TAMs are assigned at the pre-sales stage to ensure they completely understand a customer’s business drivers. They remain part of the account team to assist through planning, training and technical support to deliver the best possible experience.

Tanium offers multiple resources to assist customers throughout the process of onboarding and implementation to growth and scale. This includes installation documentation, online manuals, user-oriented manuals, training materials and supplemental documentation.

The company also have a robust customer community that provides a space for customers to interact with each other alongside our experts to discuss best practices, product augmentations and industry news such as new vulnerabilities and emerging threats. The branded portal gives full access to chat forums, product documentation, training, product release notes and more.


Proofpoint — Proofpoint Information Protection - 

“Proofpoint Information Protection is a strong business-focussed and comprehensive solution,” said the judges. They also praised the submission for its clarity. 

Data doesn’t lose itself. A new people-centric approach to data leakage prevention (DLP) is needed to effectively respond to data loss because data loss originates with people. Proofpoint is the only vendor that brings together the telemetry of content, user behaviour and threats across the most critical DLP channels – email, cloud services, endpoint, on-premises file repositories and web. 

Built on a scalable, modern cloud backend, the common incident management, data classification, robust policy templates, workflows and reports delivers consistency and simplified day-to-day operations, minimising DLP complexity for optimal manageability for small team or limited resources.

Proofpoint Information Protection is designed to work for small teams with limited resources in an efficient fashion regardless of the size of the organisation. It provides administrators with all tools, policies, workflows, dashboards, and reports to do their job in the most efficient fashion. And as a true cloud solution, Proofpoint Information Protection is also able to scale in a cost-effective way as organisations grow.

No other solution in the DLP market is as threat and behaviour aware. Proofpoint correlates explicit email, cloud and other threat intelligence with behavioural insight and advanced data classification to determine data loss potential and upstream risk. All other solutions focus primarily on data classification to assess data sensitivity and attempt to control data loss through data sensitivity.


Ericom Shield, Ericom Software

“Ericom Shield is a really clear and fantastic product,” said the judges. “It’s something organisations absolutely need, in particular large organisations where education of staff, whilst important, is difficult given it only takes one click. We love the ‘trust nothing, verify everything’ strapline.

When protected by Ericom Shield, web sessions launched from URLs embedded in emails are completely safe. If a user clicks on a phishing URL, malware can’t be delivered, and login credentials can’t be stolen. This is possible, because the session is isolated in a cloud container, completely remote from the device. 

By eliminating the traditional approach of having to first detect a threat in order to prevent it, Shield dramatically improves security. Shield stops 100% of malware from phishing URLs and is a significant innovation compared to traditional anti-phishing solutions.    

Ericom Shield provides Zero Trust email protection that defeats the most sophisticated phishing attacks. The Shield email threat isolation gateway, available as a cloud service or on-premises software, blocks all web-borne threats and phishing malware introduced through URLs embedded in emails by rendering all website code in a remote, isolated container instead of executing it directly on a device. 

Ericom Shield protects organizations from the primary threat vector they face today – malware delivered by email and web. As a result, it significantly lowers the likelihood that their operations will be disrupted, preventing lost business/services and expense associated with remediation and system recovery, brand damage, and more. 


Snyk Container, Snyk

“Automating security for developers is incredibly valuable for their time and the peace of mind of the end user,” said the judges of Snyk Container. “This company is a worthy winner.”

Launched in September 2019, Snyk Container is aimed at the increasing number of developers who are deploying their workloads as containers into Kubernetes. It’s specifically targeted at helping those developers add layers of security into their containers from their earliest creation through to defining how they will run in a Kubernetes cluster.

Container-based software contains four elements: application code, the dependencies of that code, the container, and the application’s configuration when it’s running. Snyk Container enables developers to handle security issues across each of these areas.

First, it looks at the composition of containers and identifies vulnerabilities in the dependencies they contain. Then the company helps developers eliminate those vulnerabilities, allowing them to build safer containers. Then, it ensures the definition of how those containerised workloads will run in their clusters is safe as well. 

It’s critical that developers are empowered in these tasks. Containers can be created and deployed too quickly by developers for the security team to manually review and approves them all. Snyk Container takes the security team’s knowledge and best practices, then embeds it in developers’ workflows. This allows developers to handle security themselves, early in the development lifecycle, ensuring what gets deployed is secure.

So far, the company has received excellent feedback from its customers. Reddit, for example, has told Synk that it was able to reduce 94% of its container vulnerabilities for one of its core images with Snyk Container.


F-Secure Elements EPP, F-Secure

The judges described F-Secure Protection Service for Business as “strong” and a “relevant product for complex digital environments”. They also noted that it appears to be cost-effective and simple to use, when compared with similar products. They then went on to praise the clarity of the award submission.

One of the biggest stumbling blocks businesses face in securing their networks is the complexity of managing and protecting thousands of different devices. F-Secure Protection Service for Business (PSB) cuts through this by providing a central cloud-based management system incorporating patch management, support for mobile device management and malware protection.

No longer do security teams have to spend hours manually monitoring and updating systems using a range of solutions. With PSB portal, security teams can monitor devices, track security and protect against threats all in one place. PSB supports all devices including those running on Android, Apple iOS and Microsoft Windows and macOS. 

A comprehensive security package incorporating pioneering security technologies, such as real-time threat intelligence and advanced machine learning algorithms, PSB helps businesses always stay one step ahead of attackers. Unlike competitor unified multi-endpoint security solutions, Protection Service for Business is the only product that has received six AV-Test Best Protection Awards.  

Key features of F-Secure Protection Service for Business include its single portal for deployment, management and monitoring; the fact that it’s cloud-based, eliminating the need to own and manage servers; the full integration it offers for a range of third-party tools and automatic patch management. 


Tanium Platform, Tanium

The judges described the Tanium Platform as a “multi-faceted endpoint security solution that provide capabilities to identify, protect and detect against security threats.”

Tanium is a highly scalable platform, allowing the management of hundreds of thousands of endpoints from just a single set of servers deployed centrally. Customers using their on-premises solution can decide as to when they upgrade components, many of them choosing to do so first in testing labs before deploying to production, but many also choose to update directly in production.

Tanium provides a world-class “white glove” service that is unparalleled in the industry. Technical account managers (TAMs) partner with the customer throughout the full lifecycle of technology adoption, from sourcing to onboarding and training to full optimisation.

Tanium also has a robust customer community that provides a space for customers to interact with each other alongside our experts to discuss best practices, product enhancements and breaking industry news such as new vulnerabilities.

The Tanium Platform continues to make critical capabilities available to all customers. Some examples include lateral movement risk analysis, increased visibility into offline and unmanageable devices, improved insights from real-time and historical endpoint data as well as the ability to quickly remediate incidents when traditional safeguards fail, all from a single platform.

A large healthcare customer notes, “You can't say much better about a vendor than that they listen and they develop their product in line with customer requirements. I've attended a number of forums with Tanium and it's clear there is a culture of putting the customer at the centre of everything they do. And it's very much appreciated.”


Ping Intelligent Identity Platform, Ping Identity

“Ping identity is a truly enterprise grade product,” said the judges. “It allows for the phenomenal demands of time-driven transaction events, such as concert ticket release via TicketMaster, or for secure robust retail banking experience such as that provided to Tesco Bank.”

The Ping Intelligent IdentityTM Platform enables organisations to use a unified digital identity for a secure and seamless user experience. It works across business functions and siloes, allowing enterprises to achieve greater business value and agility. Proven in scale and performance — with over two billion identities under management — the comprehensive, standards-based platform allows users and devices to securely access any service, application or API from any device.

The platform provides enterprises a consistent way for customers, employees, partners and, increasingly, IoT identities, to access cloud, mobile, SaaS and on-premises applications and API resources, while also managing identity and profile data at scale. 

Known for non-standard application enablement, API access controls and self-service capabilities, Ping supports complex IT environments including full cloud, on-premises, and hybrid. The platform also leverages identity intelligence to balance between security and convenience with powerful adaptive authentication policies that evaluate a user’s devices, behaviour and other contexts to assess risk and respond appropriately. 

Ping Identity protects more than two billion identities worldwide and serves over 60% of the Fortune 100. Its customers include thirteen of the largest US banks, 7 of the 9 largest global healthcare companies, 5 of the largest global aerospace companies, and 5 of the 7 largest U.S. retailers. The platform has an industry-leading net promoter score (NPS score of +65).


Cyber Crisis Simulator, Immersive Labs

“This is a great product that gets to the heart of the human element within security,” said the judges of Inkhouse’s Cyber Crisis Simulator. “It benefits from a different approach, which looks at story-lining and crisis simulation which together with low costs makes this an attractive proposition.”

Immersive Labs’ progressive cyber-preparedness platform creates human assets capable of responding to cyber incidents more effectively.  Informed by the latest psychological theory, the simulator places decision-makers into emerging attack scenarios through the browser, helping them gain experience in responding to a wide range of threats, adaptably and in real time.

For enhanced realism, the platform uses dynamic storylines. Incident-response teams play through a simulated cyber crisis featuring rich, realistic narratives using straightforward business language. 

Simulations update continually, using the latest attack techniques to ensure the skills learned are kept continually fresh and relevant.  Decisions have an impact on indicators — and these include not only technical but also business metrics, such as share price and reputational scores.

This gives participants a much clearer idea of what they’ll be facing in a real attack — and the consequences. It also lets the company see exactly how its teams perform. This means fewer knowledge gaps and better performance when facing the real thing. 

Using the Immersive Labs Crisis Simulator, companies can prepare incident responders in technical, legal, customer liaison and other skills required during a cyber-attack. At the same time, Immersive works with its client to collect data on the readiness of cyber crisis teams — as their activity relates t



The Claroty Platform, Claroty

“The Claroty Platform is a market leader for a very good reason,” said the judges of this entry. “It delivers great interaction with clients, a clear return on investment and a great usage demo.”

Assets in industrial environments — including operational technology (OT), IoT, and IIoT — are hard to detect, hard to manage, and even harder to secure. No network is fully immune to cybersecurity threats, so the ability to detect and respond to them quickly and effectively when they do surface is imperative. 

Claroty, the industrial cybersecurity company, is trusted by the world’s largest enterprises to help them reveal, protect, and manage their industrial assets. The comprehensive platform connects seamlessly with customers’ existing infrastructure and programs while providing a full range of industrial cybersecurity controls for visibility, threat detection, risk and vulnerability management, and secure remote access—all with a significantly reduced TCO. 

Any vendor can claim to offer the best OT/IoT/IIoT visibility in the industry, but Claroty is the only vendor whose calibre of visibility is proven and endorsed by the world’s top three industrial automation leaders: Rockwell Automation, Schneider Electric, and Siemens — all of which are long-time investors, customers, and partners. 

The Claroty Platform is the first and only industrial cybersecurity solution with fully integrated OT secure remote access and incident management capabilities. It enables detection, investigation, and response to security incidents across the broadest attack surface area, from any location.

Claroty is backed and adopted by leading industrial automation vendors, with an expansive partner ecosystem and award-winning research team. 


Cyber Security as a Service, NormCyber Limited

“Comprehensive protection at an affordable price,” was the judges’ verdict on NormCyber. 

NormCyber Limited delivers comprehensive protection against known and unknown cyber threats. It does this by addressing the three pillars of an effective strategy: people, process and technology. The service costs around one third of the price of buying and managing an in-house solution.

The platform delivers unrivalled visibility, giving customers detailed and in-depth insights on the strength of current cyber security measures. It does this using its online Visualiser platform, which displays an overall cyber resiliency score, insight into the strength of defences against each pillar, and clear actions for improvement.

Previously, many SMEs chose to deploy a small number of point products and manage them internally. This was a complex, time-consuming and costly exercise. This platform does the hard work for them by combining technology from FireEye, Fortinet, Qualys and CybSafe, as part of a fully managed service. It does this on a pay-as-you-go basis, with complete flexibility to scale up or down as the organisation requires.

NormCyber has made it a priority to provide an enterprise-grade cyber security solution at an affordable price. Deploying NormCyber costs just 23% of what the same set of cyber security tools and measures managed internally would cost. 

And if a breach does occur, the service provides customers with real protection and mitigation measures to minimise the impact, either by alerting the business via NormCyber’s 24*7 SOC or automating the isolation of the impacted asset.


Secure-D, Upstream

“Secure-D shows a really good focus on the important emerging threat of mobile transaction fraud and reducing fraudulent transactions,” said the judges. “It stands out with its use of emerging technology.”

In recent years, more of the world’s Internet traffic and users than ever have shifted to mobile. Inevitably, that means so have bad actors. Mobile malware threats are soaring in the wake of COVID-19. In Indonesia alone, 98% of 164 million mobile transactions processed in Q3 2020 were fraudulent. 

This represents five times the number of transactions Upstream blocked in the country during the same period last year and three times larger than the previous quarter of 2020.

Another way in which the authors of mobile malware exploit consumers and businesses is through ad-fraud: by infecting mobile devices and use them to generate unwanted purchases and ad clicks. They do this to earn illicit affiliate and publisher commissions. 

It’s these threats that Upstream protects against. Upstream’s full-stack security platform targets the epidemic of mobile purchase and ad fraud at the operator level. The solution processes mobile transactions via applied machine learning and behavioural analytics to tackle the ever-growing issue of mobile malware.

Upstream is the only product in the market to include a module which actually removes malware from infected devices. It is integrated into the operator’s purchase page via HTML fragment. 

This simple process enables Upstream to prevent fraudulent transactions and allows the system to pinpoint the exact device that is impacted, enabling personal communications from the operator to inform their customer and empower them to remedy the issue.



Privileged Access Manager, CyberArk

CyberArk delivers the most comprehensive privileged access management (PAM) solutions for cloud and hybrid environments and across DevOps workflows. Using CyberArk reduces risk and improve operational efficiency. CyberArk helps control, manage and audit privileged accounts, credentials and secrets for both human and non-human users.

“CyberArk is a comprehensive solution and a market-share leader,” noted the judges. They went on to describe CyberArk as a “strong, third-party-endorsed PAM solution” and to praise the quality of the company’s award entry. 

The company pioneered the PAM market and remains the leader in market share, innovation and breadth of offering. It was the first to introduce behavioural analytics to detect and alert on anomalous privileged account activity and the first to secure privileged remote vendor access with its password-free biometrics-based authentication solution.

It also blazed the trail for securing DevOps workflows with an innovative secrets management solution. CyberArk offers the industry’s broadest set of just-in-time use cases to enable least privilege, regardless of user type, target system or environment.

CyberArk helps customers strengthen their security posture and confidently implement digital transformation and cloud migration strategies faster, with less risk while also simplifying audit and compliance. 

The company has established itself as the security partner of choice for global enterprises across a range of industries from government, through manufacturing, to healthcare and financial services. As of 25 February 2021, Gartner Peer Insights show that 86% of our customers recommend CyberArk, with an overall review score of four-and-a-half stars out of five. 


Professional Development Institute (PDI), (ISC)2

“An impressive offering,” said the judges of the Professional Development Institute (PDI) courses delivered by cybersecurity training specialists (ISC)2. “The training on offer meets the challenge of giving time-poor security professionals on-demand training that enables their professional development. This has enabled cybersecurity professionals all over the world to continue their professional development education throughout the COVID-19 pandemic”.

(ISC)2 established the PDI in 2019 as a revolutionary movement to provide timely, topical and quality continuing education opportunities free to its members, thereby improving skills training to better defend the organisations that the learners represent. The Institute is an investment in the essential learning that comes after certification. Member subject matter experts guide the development of PDI course material. 

To date, more than 75,000 courses have been completed and 258,000 continuing professional education (CPE) credits have been awarded to (ISC)² members and associates. More than $20 million in equivalent professional development value has been provided in less than two years.

PDI courses come in three formats: Immersive courses, which are in-depth investigations of a single topic; “Labs” or hands-on courses, in which students practice specific technical skills; and Express Learning Courses, which are condensed into 1-2 hours and are brought to market nimbly to address industry topics or trends. These formats give learners the flexibility to choose the depth of instruction they prefer.

What also differentiates PDI from other training programs is that the course content is developed by the real experts in the field. Member subject matter experts guide the development of the course material, supported by a team of highly qualified adult education experts and creative professionals. 


Tripwire ExpertOps, Tripwire Inc.

“This is a good product and an interesting Security-as-a-Service solution that helps to reduce the user’s security risks and simplify policy compliance,” said the judges of Tripwire Compliance. Tripwire ExpertOps provides rapid time-to-value with secure configuration management (SCM) and file integrity monitoring (FIM) to reduce security risks and simplify compliance. 

The platform automates compliance with the industry regulations and standards that organizations are subject to. Standards supported include PCI, NERC, SOX, FISMA and DISA, among many others. Easy deployment as a co-managed service, all hosted on cloud infrastructure, helps to ease the burden on in-house security teams.

Tripwire also maintains a comprehensive library of policies, regulations and frameworks. This allows it to offer thousands of out-of-the-box tests to assess the security of more than a thousand platforms, compliance policies, standards, regulations and vendor guidelines.  

Built on Tripwire’s industry-leading experience with file integrity monitoring (FIM) and security configuration management (SCM) experience, the solution also comes with support from Tripwire’s world-class experts. This includes personalized consulting, audit support, and tailored advice on cloud-based infrastructure to help organizations achieve and maintain compliance.

With audit-friendly evidence of compliance and customizable options for scalable reporting, Tripwire helps speed time and effort during auditing. The platform’s co-managed service offering also enables organisations to quickly achieve and ensure cyber integrity across large heterogeneous environments without the need for additional training and tool administration.

“Tripwire ExpertOps has been a great resource through our Tripwire deployment and continued development. They always have answers for our questions and time to help.”

Tripwire customer review


Digital Shadows - Risk Management

“Digital Shadows SearchLight enables a holistic vision of the vulnerability landscape that an organisation faces at any one point in time,” noted the judges. “The company helps customers make sense of the vast threat intelligence feeds that corporations currently have. It then provides tailored relevant threat intelligence to their clients, enabling risks to be correctly prioritised and mitigated.”

Unmanaged, digital risks can lead to the loss of sensitive corporate data, violation of privacy laws, and suffer damaged reputations. Security teams lack the capabilities to effectively visualize and manage these digital risks beyond the perimeter of their organization and lack the tools and expertise to communicate these risks.

Digital Shadows makes threat intelligence work for organizations of all sizes. Companies no longer need to invest a disproportionate amount of resource to get real value out of threat intelligence. 

The firm’s industry-leading SearchLight service delivers relevant threat information that allows organizations to quickly understand and act on their external exposure minimizing their risk without hiring additional headcount.

Among other things, Dark Shadows offers its customers tailored threat intelligence, by industry, brand, domain names and other criteria, dark-web searches, real-time analyst alerts, identification of data loss (for instance, of intellectual property), identification of data loss — and more.

In 2018, Forrester listed the company as a “leader” in digital risk protection. It gave Digital Shadows the highest marks for its current product and service offering, and its strategy. Thanks to these market-leading capabilities, Digital Shadow is an essential part of over 300 organisations’ cyber security teams.



The judges described Darktrace as a “leader in threat detection”. They went on to praise for the company for having a “clear and direct offering with solid foundations”. They also pointed to its AI platform as a key point of differentiation from competitors in the field. 

Founded in 2013, Darktrace was the first company to develop an AI system for cyber security. Today, over 4,500 organizations across 110 countries rely on Darktrace for to secure their digital infrastructure. These include Rolls Royce, the Vatican Library, the International Baccalaureate, Salve Regina University and eBay. 

The company’s dynamic understanding of normal activity allows it to catch threats that other security tools miss in 95% of trials. The platform’s core technology, the Enterprise Immune System, leverages unsupervised machine learning to understand an enterprise’s DNA and immediately detect abnormal activity anywhere it emerges across the digital infrastructure. It marks a transformative departure from the standard approach to cyber defence.

Once it identifies an emerging attack, Darktrace Antigena surgically intervenes to contain the threat within an average of just two seconds. Today, Antigena autonomously responds to a cyber-threat somewhere every 3 seconds, and the concept has been embraced by Gartner as a key goal of security modernization. 

Throughout the pandemic, Darktrace offered free 24/7 proactive threat notification (PTN) services to its customers. This service ensures that high-fidelity incidents are funnelled directly into the global Darktrace security operations centres (SOC) for triage and assessment by an expert team of Cyber Analysts. 

“Darktrace is a leader in next-generation threat detection and applying advanced machine learning to security analytics.”
Tera Davis, Managing Director of Critical Start 



“The Marken team has worked in a very challenging environment and has demonstrated a very strong focus on culture and external engagement to drive measurable improvements,” said our judges.”

The global pandemic resulted in the deaths of almost 2.5 million people. As soon as there were approved vaccines available to protect people from the virus, vaccine distribution became critical to preventing further deaths. This was borne out by Interpol issuing a global alert to law enforcement agencies across 194 member countries warning them to “prepare for organised crime networks targeting COVID-19 vaccines, both physically and online”.

As wholly-owned subsidiary of UPS – the world's largest package delivery company – Marken globally serves the complex and volatile supply chain needs of the pharma and life sciences sectors. Marken’s 2000 employees coordinate millions of drug products and biological materials shipments to over 220 countries annually.

Marken is currently supporting over 50% of COVID-19 vaccines and treatments in Phase 2 and Phase 3 development. Its 2,000 dedicated staff members manage 100,000 drug product and biological sample shipments every month, at all temperature ranges and in more than 220 countries. This was vital to ensuring the first vaccines were distributed globally. Any disruption to the distribution of these vaccines would have cost lives and would have a detrimental impact on millions of lives. 

The recently redesigned Marken architecture unifies a suite of best-in-class security solutions. It leverages a ‘hub and spoke’ design and utilises a standardised set of APIs to facilitate cross-product communication. The seamless workflow – and tight integration across multiple threat vectors – enables potential threats to be analysed using a 360° context.


Sumo Logic Cloud SIEM. Sumo Logic

“Sumo,” noted the judges, “was voted Gartner ‘cool vendor’ for a very good reason.” They then went on to praise the quality of the solution, the training courses on offer to users, the case studies of enthusiastic customers and the quality of the awards submission itself.

Enterprise security teams average thousands of alerts every day. Unsurprisingly, according to recent research, 93% admit they can’t properly analyse them all. In addition to supporting a wide spectrum of security use cases, including audit and compliance, Sumo Logic fuses analytics and SOC automation to perform security analyst workflows and automatically triage alerts—increasing human efficiencies and enabling analysts to focus on higher-value security functions.

Sumo Logic's Cloud security information and event management (SIEM) solution provides security analysts with enhanced visibility of the security statis of their entire network in a modern user interface that is built by analysts for analysts. This allows them to seamlessly monitor customers’ on-prem, hybrid, and multi-cloud infrastructures and thoroughly understand the impact and context of an attack. 

Innovative features of Sumo Logic Cloud SIEM include its automated security operations centre (SOC) analyst workflows for improved analyst efficiency.

Information aggregation from all sources, including cloud apps and on-prem infrastructure, ensures a complete threat picture at all times. 

Centralised monitoring for all activity, with information delivered by visual dashboards provides analysts with 360-degree insight of the threat landscape at any given time. And to minimise training and onboarding costs, Sumo Logic provides extensive remote and local certification courses, as well as dedicated technical account managers to assist customers. 


CyGlass NDaaS, CyGlass

“CyGlass is a disruptive player opening up "network defence as a service" at an affordable pricepoint for SMEs,” said the judges. “This means those SMEs may then have more access to market. The panel also liked the company’s relatively lean "distribution via partners" model, which has allowed it to expand its growth and market reach.”

CyGlass delivers a state of the art, AI-driven network-detection-and-response SaaS solution (NDaaS), designed specifically for the SME market. Unlike other security solutions, CyGlass NDaaS identifies, detects, and responds to threats on your network without any additional hardware, software, or people. This ensures the total cost of ownership (TCO) remains very low.

The solution can be up and running in hours and maintains a low false-positive rate through the use of AI. This further reduces the TCO as limited security and IT staff are not distracted or overburdened with alerts. The Platform offers full enterprise scalability as it continuously analyzes billions of conversations on a company's network to learn what's normal and what is not. 

CyGlass recently released Network CyberScore, a risk-based threat score that can be calculated for any node, subnet, zone, or partner on a network. CyberScore delivers actionable intelligence that highlights vulnerabilities, and gives clear remediation guidance, greatly simplifying the remediation process.

Finally, CyGlass is also developing tools to measure network resilience with our Network Defense Goals project. These reports enable customers to understand their overall risk and prove compliance for frameworks like NIST CSF and CMMC.


IntSights External Threat Protection Suite, IntSights

“This is a highly impressive entry,” said the judges. “Not only does it help its users to find the threat, it also provides users the option to help mitigate the threat, which is an excellent differentiator.”

Developed by IntSights, which specialises in cybersecurity, IntSights enables organisations of any type or size to gain the full benefit of external threat intelligence no matter the size or level of sophistication of their threat intelligence program. Unlike other similar solutions on the market, IntSights takes the complexity out of threat intelligence and delivers instant value without the heavy lift or resource allocation that traditional threat intelligence solutions require.

Designed to scale, the platform takes a tailored approach which makes it ideal for the widest range of companies, from those just beginning their threat-intelligence journey right through to established players who need a “full-bore” service. The platform provides enterprise-grade external threat intelligence capabilities, deployed in twenty-four hours or less. It dramatically lowers customers’ costs, improves their security capabilities, and easily scales to meet the evolving demands of their business.

Among other things, IntSights delivers tailored threat intelligence that maps directly to digital assets; dark-web monitoring by analysts with unique access to invitation-only hacker forums and criminal marketplaces; one-click remediation including takedowns facilitated by our team of experts (not outsourced); and centralised and enriched threat feeds plus automated push of IOCs and vulnerabilities to existing security devices. 

IntSights also offers extensive reporting capabilities and integrations with security infrastructures that help security analysts save time and reduce effort. 


Orpheus Cyber

“Orpeus Cyber delivers a unique threat-intelligence service and demonstrable ROI,” said the judges. 

Orpheus uses threat intelligence to know which attack methods are already being exploited by hackers, so that those can be forestalled. It uses its artificial intelligence (AI) to specify which vulnerabilities will be exploited in the near future. That means clients can move faster than the adversaries they face – and stop cyber risks before they happen.

Orpheus is the only regulator-accredited cyber-threat intelligence company delivering risk-based vulnerability management. It deploys its unique threat intelligence datasets and processes intelligence reports to deliver the most accurate common vulnerabilities and exposures (CVE) scoring on the market. 

Because it combines its threat intelligence with sophisticated AI, the company is able to provide a uniquely rich understanding of which CVEs should be prioritised for patching. Its AI algorithm scores CVE-risk based on an assessment of seventeen features. These include a wide range of raw datasets and a large library of human-processed intelligence reports.

The output of the Orpheus Cyber AI is an easy-to-read CVE report which provides an easy-to-understand CVE risk score, backed up by human-readable reports, graphs and data. Together, these provide customers with the evidence they need to understand why Orpheus has made a particular CVE risk assessment. Equally, the company’s datasets are machine readable and all of its content can be disseminated via API.

Orpheus’ approach to enabling the prioritisation of CVE management through AI and threat intelligence is unique and set to disrupt the vulnerability-management market.


WINNER, Tenable

“With huge amounts of vulnerabilities being discovered every day — the challenge is not to patch them all, but to patch the ones which represent the greatest risk first,” said the judges. “’s VPR identifies those vulnerabilities which are at greatest risk of exploitation and enables the correct prioritisation to minimise cyber risk exposure.”

Managed in the cloud, provides a risk-based view of your entire attack surface — from IT to cloud to OT and containers — so users can quickly identify, investigate and prioritize vulnerabilities. The platform’s Predictive Prioritization technology combines vulnerability data, threat intelligence and data science so customers get an easy-to-understand vulnerability priority rating (VPR) so they know which vulnerabilities to fix first. is a complete end-to-end vulnerability management solution that enables customers to see exposures in their organization, predict potential threats and act to address cyber risk.

Powered by Nessus, one of the most widely deployed security technologies in the world, provides the industry's most comprehensive vulnerability coverage (covering more than 60,000 vulnerabilities and over 150,000 plugins) with the ability to predict which security issues to remediate first. With a unified, risk-based view of their entire attack surface—from IT to OT to cloud to containers— customers can quickly identify, investigate and prioritize vulnerabilities based on business risk. equips security teams with real-time vulnerability insights to streamline vulnerability response workflows. It includes the integrated software development kit (SDK) and documented and application programming interface (API) to automate reporting metrics. This allows security teams to showcase vulnerability mitigation efforts and demonstrate program ROI.


Michael Jenkins, CISO, Brunel University

The judges praised Michael Jenkins for “delivering a strategy for Brunel and making good use of his partner ecosystem.” They expressed themselves “pleased to see that Michael's vision and approach has focussed on 'caring' for data, cybersecurity and resilience. It certainly sounds like Michael has built an impressive capability for higher education.”

Michael Jenkins MBE is a dynamic individual whose achievements in delivering advanced cybersecurity capability to Brunel University London have been phenomenal. The last year saw the culmination of his three-year technical delivery strategy, offering exceptional security rewards for the entire university community. His vision, thought leadership, and energetic drive have helped establish Brunel as the most cyber secure higher education establishment in the country.

Through his infectious enthusiasm and total commitment to Brunel, one of Michael’s core achievements in the last year is cementing a culture within the university community that focuses on caring for data, cybersecurity and resilience to cyber-attacks. This cultural shift is the absolute apogee of any CISO’s vision, with the community itself now proactively helping solidify and strengthen the university’s overall defensive posture, for the benefit of all.

The results have been remarkable. A unique model to the UK academic sector with a data lake and AI that allows Brunel’s cyber researchers to further their own analytical aims, achieving a reduction from 894 cyber incidents in 2018 to below seventy in 2020. Not only has this saved Brunel thousands of pounds, but it’s also delivered a powerful return on investment for the executive board. 


Emma Heffernan, Dell Technologies

“Emma shows really impressive engagement in the industry, promoting the industry and engagement. I see a very strong career ahead of her,” said the judges. “She has achieved many things during a short space of time. Its impressive to see someone who is also devoting their time and energy to schools and colleges given the rising digital and cyber skills gap. Well done, Emma!”

A student at the Technological University Dublin, where she is completing a Bachelor of Science (Hons) of Computing in Digital Forensics and Cybersecurity. At the same time, she is also employed as a Security Analyst at Edgescan. 

As if this weren’t demanding enough, she was also in 2020 a UniBuddy Student Ambassador for the Technological University Dublin. In this capacity, she helps by engaging with enquirers, answering any questions they have around joining the institution and reassuring and guiding prospective students in their journey.

At DefCon Delhi Emma gave a presentation on “Exploiting the Human Vulnerability”. She was also invited to take part in a panel discussion for International Women’s Day, where she had the chance to speak alongside the president of Dell and a number of inspiring women in cybersecurity. These are just some of the events she has attended as an ambassador. 

Emma’s other achievements include being a founding member of the Dublin Chapter Lead of the ‘Humans of Cyber Network’. Designed to connect, collaborate and link industry professionals, students and those seeking a career change in the sector. This forum is designed to connect, collaborate and link industry professionals, students and those seeking a career change in the sector.


Ian Glover, President, CREST

“This award is long overdue,” said the judges. “Ian has delivered consistently to our industry for more than 40 years, always successfully and forever looking for new ways to direct his talents and energy for the collective good. Countless individuals in our industry have cause to be grateful for all that Ian has done and achieved. This would be a fitting recognition of his lifetime of effort.”

There are many people making a positive impact on our industry, but few for so long and with such a consistent impact as Ian. Just this last year he has been involved in a project to help build cyber security capability and capacity in Africa and Asia. CREST received a $1.4 million grant from the Bill & Melinda Gates foundation as part of its Financial Services for the Poor program. 

Ian has worked in the IT industry for the last 44 years, and in information security for the last 40. Prior to being asked to be the President of CREST, Ian worked for the MoD, Treasury (CCTA), E&Y and established a consultancy, Insight Consulting, which was acquired by Siemens.  Ian then sat on the EMAE Board for Siemens Communications. 

Through his work, he has elevated the CREST organisation to become a global influencer in the cyber security industry, positioning it as thought leaders in technical cyber security assurance. He has also been instrumental in many major government and industry initiatives.

Currently, Ian is primarily working on the professionalisation of the technical cyber security industry by supporting, encouraging and promoting young people interested in technology and cyber security.


Nicola Jakeman, Head of UK CyberSOC

“Nicola has created and trained a team to the point of readiness in which it always has a security mindset and look beyond the task,” said the judges. “Her passion is easy to see and scores highest in this category.”

In her early 20s, Nicola began her career in the telecoms industry, joining AdEPT Technologies. She quickly worked her way up to a management role by offering to take on extra projects and injecting passion into everything she did. In her time with AdEPT, the company placed her in various management positions within operations where she quickly became a go-to trouble shooter.

In 2016, after ten years in the industry, SecureData (now Orange Cyberdefense UK) approached Nicola and asked her to set up a new intelligence services department which, is now known as the UK CyberSOC. Four years on and Nicola now head up this department. She has responsibility for consultants, analysts, presales support, platform management, research and a thriving Vulnerability Management team in South Africa.

When Nicola began her career in threat detection, there were no frameworks in place, there was no blueprint for how the technology should be set up and which types of roles should exist in these teams. Her team, with the help of different experts within Orange Cyberdefense UK, has worked together to establish these standards. It watches over its clients, ensuring that they were protected from the relentless criminal cyber underworld.