Thanks to AI, the security software market is cautiously optimistic despite the economic and geopolitical upheavals that have upended the tech marketplace.
The second quarter of 2025 is projected to yield sharply higher growth in revenue than that of the first quarter of this year for five of the 15 publicly traded security software heavyweights and pure-plays with four additional vendors that are within 100 basis points of their first quarter performance. Of the six remaining, Cyberark guided investors that it would experience up to 41.5% increase, not too shabby by current industry standards, in total revenue for the current quarter, while Rubrik guided a robust 38% jump at the top end of its projected expansion for the same period.
Exhibit 1 – Comparing 1QCY25 Growth With 2QCY25 Projected Growth Rates of Cybersecurity Software Vendors
| Vendor | 1QCY25 Growth, % | 2QCY25 Growth Projected, % | Differentials, in basis point |
|---|---|---|---|
| SentinelOne | 22.9% | 29.8% | Plus 690 |
| Akamai | 2.8% | 5.4% | Plus 256 |
| Check Point | 6.4% | 8.7% | Plus 230 |
| F5 Networks | 7.3% | 9.3% | Plus 200 |
| Fortinet | 13.7% | 15.0% | Plus 130 |
| Qualys | 9.6% | 9.4% | Minus 20 |
| Crowdstrike | 19.7% | 19.4% | Minus 30 |
| Palo Alto Networks | 15.3% | 14.6% | Minus 70 |
| Tenable | 10.7% | 9.9% | Minus 80 |
| Okta | 11.5% | 10.2% | Minus 130 |
| Cloudflare | 26.5% | 24.9% | Minus 160 |
| Cyberark | 43.4% | 41.5% | Minus 190 |
| Zscaler | 22.6% | 19.2% | Minus 340 |
| Varonis | 19.6% | 15.2% | Minus 440 |
| Rubrik | 48.7% | 38.3% | Minus 1040 |
Another point of reference is the recent RSA Conference, one of the biggest trade shows focusing on security technologies that attracted over 43,500 attendees, a 6% rise from last year’s event. Number of exhibitors at this year’s RSAC Conference in San Francisco topped 650, compared with 600 in 2024.
The upbeat sentiment is particularly important as companies around the world are ramping up their Generative AI investments for AI applications and digital agent implementations, all of which will have tremendous implications on how security should be incorporated into their modeling work as they start opening up their digital agents to interact with the public at large.
Exhibit 2 – Comparing 1QCY25 and Projected 2QCY25 Total Revenues of 15 Cybersecurity Software Vendors
Not surprisingly, two of the keynotes from Cisco and Microsoft on the first day of the conference highlighted the importance of protecting AI infrastructure as more agentic development work is underway.
At the event, our researchers also met with executives from Wiz following the March 2025 announcement that the poster child of Cloud security for its superior usability would be bought by Google for $32 billion in cash, one of the largest software deals in recent history.
Wiz co-founder Ami Luttwak expressed unequivocally during the conference that cloud security and applications security are more intertwined than ever as the proliferation of agentic development projects are squeezing IT security resources, resulting in greater demand for a more user-friendly framework that is integrated and designed for multi-cloud deployment, not to mention it is inherently accessible to security professionals, developers and coders.
While usability has been the strong suit of Wiz in its five-year history, its ability to scale in a multi-cloud environment could be under the microscope after it is slated to be folded into the Google Cloud Platform following the deal completion. That would in turn help Alphabet better compete with Amazon Web Services, Microsoft Azure and Oracle Cloud Infrastructure by prioritizing security software in the race to secure their future.
In his keynote, Jeetu Patel, president of Cisco, suggested that AI is going to be challenging for cybersecurity, but the best way to handle it is through visibility and defenses that can be applied at machine scale.
Make no mistakes about it, Cisco spent $3.7 billion in 2017 for AppDynamics, which is now part of its observability product, in addition to doling out $28 billion in cash on its 2024 purchase of Splunk for its extensive portfolio of security software for threat prevention, detection, investigation, and response.
In other words, both Google and Cisco have invested at least $32 billion each on shoring up their security offerings, not to mention the $10-billion commitment that the former made in 2021 to strengthen cybersecurity specifically expanding its zero-trust programs to prevent any misuse of user identity, device, and application.
Exhibit 3 – RSAC 2025 Conference drew nearly 44,000 attendees
Despite such lavish spending to consolidate a highly fragmented cybersecurity marketplace, it remains an unfinished business with ransomware attacks, malware incidents and security breaches continuing to happen on a frequent basis disrupting operations of organizations big and small.
Against that backdrop is the fickle user sentiment in a sluggish economy bogged down by three wars happening all at once in different theaters. Our latest end-user survey shows that two priorities for IT key decision makers over the next 12 to 24 months are leveraging AI enhancements (63%), and reducing operating and support costs(54%), which is closely aligned with cybersecurity expenses.
On the other hand, vendors are either cutting back with increased numbers of layoffs (both Amazon and Microsoft have recently reduced their headcounts) or raising prices(the latest being Salesforce boosting its prices by 6% to help cover its Gen AI investments).
Exhibit 4 – Top CyberSecurity Software Categories evaluated based on APPS RUN THE WORLD Buyer Intent Signals
Source: APPS RUN THE WORLD Buyer Intent Data, June 2025
Demand for security software remains healthy. Based on our proprietary Buyer Intent Signals, hundreds of qualified buyers from all over the world access our premium content every month conducting rigorous research on different security software, as shown below. Exhibit 5 shows 930 Buyer Intent Signals that are being captured in Apps Run The World’s Buyer Insight Technographic Database as of June 2025. The database is being updated daily with fresh buyer intent signals:
Exhibit 5 – CyberSecurity Software Buyer Intent Signals, breakdown by Country, Industry, Vendor, Category
Over the past two decades, cybersecurity has grown tremendously since the late 90s when one of the first renditions of RSAC was held inside the San Francisco Nob Hill Masonic Auditorium big enough to fit just a few thousand attendees mostly involved in cryptography and anti-virus software.
Still, the herculean task of protecting digital assets is being carried out by a legion of software visionaries arriving and departing all in the hopes of taking on the unfinished business and fulfilling their dreams to make a difference. At this year’s RSAC event, security software pioneer Amit Yoran, the CEO and chairman of Tenable and former president of RSA who suddenly died of cancer at the age of 54 earlier this year, was presented posthumously a lifetime achievement award.
Coincidentally, ProjectDiscovery, which offers vulnerability management software, took home the title of Most Innovative Startup at the 2025 RSA Innovation Sandbox, as it starts making waves in the security software space by positioning its scanner product as a clear alternative to those from incumbent players like Tenable and Qualys.
Thanks to AI, security software providers big and small are confronted with a generational shift that calls for a better mousetrap not just to secure the future, but perhaps redefines how applications are being built, implemented and used.
Exhibit 6 – List of CyberSecurity Customers:
Source: APPS RUN THE WORLD Technographics Platform, June 2025
