Competition
In this document we detail companies that are on our radar. Not all of these would be classified as competition, some may be now, some may be in the future, with others that we may diverge from in the future too, but they're companies you should be aware of at this point in time.
Competitor Matrix
Source: FigJam File
This overlap analysis blocks out areas where these companies overlap and differentiate from us, focussing on our product pillars and ICP. It allows us to monitor areas where they are offering value to their customers (gaps) that we do not, and what they offer that we also sell as value (overlap). Our value-add proposition and risks can then be measured as flows:
- Overlap: How many items in our analysis matched the those for ESPROFILER (Max: 13). The higher this number, the less unique value we have to offer vs this competitor.
- Gaps: How many items did our competitor offer that ESPROFILER does not (Max: 12). The higher this number, the more chance that they offer something valuable to a customer that we cannot.
Competitor Matrix Chart
Direct Competition
These companies are ones we would consider as direct competition. We are competing for budget with them directly, and they are targeting the same ICPs as us, with major overlap on features and value-offered.
Balance Theory
| Founded: | 2021 |
|---|---|
| Employees: | unknown |
| ARR: | unknown |
| Funding: | $5.3m Funding, inc. $2.3m debt funding in 2025 |
| Scope: | Security |
|---|---|
| ICP: | CISO, Security Architect |
| Focus: | Portfolio Management, Spend Intelligence |
| Socials: | LinkedIn:700 followers |
Products
- Balance Theory Platform - "The AI-Native Platform for Cybersecurity Investment Decisions."
Other Services & Offerings
- Managed Services - "Managed Services Built for Modern Cyber and IT Leadership"
Taglines
- "
Security programs succeed or fail at the budget layer.
" - "
The AI-Native Platform for Cybersecurity Investment Decisions.
" - "
Bridge the gap between security and business
" - "
Plan > Invest > Govern
"
Notes
Subscribes to data from IT Harvest
Have “Scout” their cybersecurity strategy & spend co-pilot
Significant overlap with ESPROFILER in terms of mission statement
Clear value statements on their website
Have an open pricing page
IT Harvest
| Founded: | 2005 |
|---|---|
| Employees: | unknown |
| ARR: | unknown |
| Funding: | unknown |
| Scope: | Security |
|---|---|
| ICP: | Security Architects, CISOs |
| Focus: | Data Feeds, Portfolio Management |
| Socials: | LinkedIn:43,000 followers |
Products
- Research Platform / Dashboard - "Heavy overlap with ESPROFILER"
- HarvestIQ
Taglines
- "
The entire security world at your fingertips.
" - "
We deliver critical cybersecurity industry intelligence to users around the world.
" - "
Track Every Vendor, Product, and Investor in the world.
" - "
Helping navigate the /cybersecurity/ industry
"
Notes
Richard Stiennon
“I am busy creating the first and only platform for researching the cybersecurity industry. Seat holders get access to all our data on 4,060+ cybersecurity vendors and 10,500 products. A platform for every security architect and CISO.”
Significant Social Presence
Previously Barclays
Platform is AI-Generated through Bubble
Primary revenue generating through the data feed subscriptions
Known Customers: Balance Theory
Starting to branch into ESPROFILER spaces with portfolio mapping, etc.
Gallery
Tidal Cyber
| Founded: | 2022 |
|---|---|
| Employees: | 30 |
| ARR: | $3-4m ARR |
| Funding: | $5m Seed Funded + $10m Series A (Sept 2025) |
| Scope: | Security |
|---|---|
| ICP: | Security Intelligence |
| Focus: | Threat Intelligence, Portfolio Management |
| Socials: | LinkedIn:7,300 followers |
Products
Other Services & Offerings
- Threat Intelligence - ""
- Portfolio Management - ""
Taglines
- "
Threat-Informed Defense
" - "
A New Era in Thread-Led Defense Begins Here
" - "
Are Your Defenses Good Enough?
"
Notes
Ex-MITRE People
Hyper connected because of ex-Mitre relationship
£20m raised because US-Based
Community Edition helps deal registration
Platform looks shit, but good traction
$3-4mm ARR
Threat Informed Defence
Mitre model, understanding gaps against that
Overlaying threat intelligence against your portfolio
Aiming at threat intelligence, not CISO-level
Already deployed at CITI Bank
Onyxia
| Founded: | 2022 |
|---|---|
| Employees: | 25 |
| ARR: | ~$1m ARR |
| Funding: | $5m Seed (2022) + further funding in 2024 & 2025 (values unclear) |
| Scope: | Security |
|---|---|
| ICP: | CISOs, Security Leaders |
| Focus: | Portfolio Management, Threat Intelligence, Framework Mapping, Portfolio Management |
| Socials: | LinkedIn:4,000 followers |
Products
- Preemptive Cyber Defense Platform - "Preemptive Cyber Defense & Planning Platform."
- Nexa (AI Agent) - "AI agent redefining preemptive cyber resilience for CISOs and security teams."
- Mobile App - "Mobile experience for preemptive cyber resilience."
Taglines
- "
The World’s First AI-Powered Preemptive Cyber Resilience Platform
" - "
From Reactive to Proactive to Preemptive
" - "
…empowers CISOs and security leaders with powerful predictive insights and actionable data intelligence to continually strengthen their security programs and proactively reduce risk exposure.
"
Notes
Framework scope: scoped just to NIST to start, but you can add custom frameworks.
Very clear “Solutions” pages:
Just launched their own new AI agent (Nexa).
Threat Intelligence
These companies are near us in terms of budget competition, and we may sometimes see overlap in competition. However, these are more focussed on overlaying security intelligence to frameworks (e.g. MITRE, NIST).
Nagomi
| Founded: | 2023 |
|---|---|
| Employees: | 80 |
| ARR: | $12m ARR |
| Funding: | $30m Funding (2024) |
| Scope: | Security |
|---|---|
| ICP: | CISOs |
| Focus: | Threat Intelligence, Framework Mapping |
| Socials: | LinkedIn:5,000 followers |
Products
- Nagomi Control - "The execution layer for CTEM"
Taglines
- "
Control the exposure across your stack.
" - "
AI shrinks time to breach. Expose moves faster than human operations.
" - "
Over 60% of incidents trace back to control misconfigurations
"
Notes
Founded 2023, US-Based, Heavy Israel Presence
Reached $1m ARR within 6 months of being founded
Seems heavily focused on threat intelligence and assessing utilization of the existing portfolio
“Validate control deployment, configuration and performance over time”
They have the concept of importing/integrating your own data to track usage and implementation, but nothing around portfolio management w/contracts, etc., it’s more just alignment to the alerts being relevant to your tooling.
Exposure Lens - “An AI-driven engine that correlates vulnerabilities with business context to show which ones actually matter”
Focused alerting on “those that matter”
Reach Security
| Founded: | 2021 |
|---|---|
| Employees: | 70 |
| ARR: | $7m ARR |
| Funding: | $30m Funding Total, $10m raise in 2025 |
| Scope: | Security |
|---|---|
| ICP: | Security Teams, CISOs |
| Focus: | Fundamental Data, Actionability |
| Socials: | LinkedIn:6,000 followers |
Products
Taglines
- "
Automatically Find and Fix Security Blind Spots
" - "
Configured Right. Secured Tight.
" - "
Illuminate blind spots. Prioritize fixes. Proactively harden.
"
Notes
Founded 2021, SF-based
Heavy cross-over with Nagomi
Integrations with portfolio to monitor configurations and security gaps
Clear messaging and CTAs on their website
Problem Statement: “Most security teams lack a clear, unified view of how their security tools are actually configured and operating across the environment.”
“AI-Native Exposure Management”
We help organizations reduce risk by making better use of the tools they already have delivering clarity, prioritization, and automation to turn understanding into results.
Modern cybersecurity has reached a breaking point. Human-driven processes can no longer keep pace with the scale, complexity, and speed of change across tools, threats, and environments
Gallery
Picus Security
| Founded: | 2013 |
|---|---|
| Employees: | 300 |
| ARR: | $45m ARR |
| Funding: | Seed: $Xm (2013), Series A: $8m (2019), Series B: $27m (2021), Series C: $45m (2024) |
| Scope: | Security |
|---|---|
| ICP: | CISO |
| Focus: | Fundamental Data, Customer Context, Insights, Actionability |
| Socials: | LinkedIn:52,000 followers |
Products
- Picus Security Validation Platform - "Exposure Assessment, Security Validation & Exposure Validation"
Taglines
- "
Expose Which Attacks Can Breach Your Defenses
" - "
Unified Exposure Management from Discovery to Remediation
" - "
Unlock Your Security Stack’s Full Power
" - "
Attack Surfaces Expanding Faster Than Teams Can Manage
"
Notes
Founded 2013, Turkey
Heavy cross-over with Nagomi
Integrations with portfolio to monitor configurations and security gaps
Good Integrations page on their site with clear CTA to demo booking
Clear messaging and CTAs on their website
“AI-Native Exposure Management”
We help organizations reduce risk by making better use of the tools they already have delivering clarity, prioritization, and automation to turn understanding into results.
Framework mapping just for MITRE ATT&CK
Clear value statements and KPIs in landing content
Includes real event simulation of threat attacks
Gallery
Arco Cyber
| Founded: | 2022 |
|---|---|
| Employees: | 20 |
| ARR: | unknown |
| Funding: | unknown |
| Scope: | Security |
|---|---|
| ICP: | Security Teams, CISOs |
| Focus: | Threat Intelligence, Framework Mapping, Portfolio Management |
| Socials: | LinkedIn:1,500 followers |
Products
Other Services & Offerings
- Arco Cyber Services - "Three levels of services - Maturity, Assurance & Transformation"
Taglines
- "
See Every Gap. Before They Do…
" - "
Turns compliance from overhead into opportunity
" - "
Map once, report everywhere. Align your data across NIST CSF, CIS v8, CE+, and NCSC CAF — simultaneously.
" - "
We didn’t build the Arco Cyber platform to add yet another tool, but to make sense of them all.
"
Notes
Generally in the threat intelligence space, but do a lot of portfolio and capability mapping to frameworks too.
Acquired by Sophos (Feb 2026)
“Help organizations strengthen cybersecurity strategy and governance across all levels of maturity, delivered through the company’s global partner ecosystem”
“Arco Cyber will join Sophos as a dedicated team to advance Sophos CISO Advantage”
Very similar mission statement to us.
Portfolio Management
These companies ar ein hte business of full-stack portfolio management, which does include Security. We have found ourselves competing for budget and are also often asked on prospecting calls and by existing customers whether or not we would expand beyond security into other areas, as such, these companies should stay on our radar.
Given our focus in security though, we do offer a much more comprehensive value offering to the CISO and security teams.
Entrio.io
| Founded: | 2021 |
|---|---|
| Employees: | 40 |
| ARR: | ~$4m ARR |
| Funding: | $11m (Late 2023) |
| Scope: | Full Stack |
|---|---|
| ICP: | Enterprise Software Architects |
| Focus: | Spend Optimisation |
| Socials: | LinkedIn:8,000 followers |
Products
Taglines
- "
AI-Driven Technology Intelligence for Enterprise Architects.
" - "
We deliver critical cybersecurity industry intelligence to users around the world.
" - "
Track Every Vendor, Product, and Investor in the world.
" - "
Helping navigate the /cybersecurity/ industry
"
Notes
Israeli-based Startup
“Your enterprise runs on hundreds—maybe even thousands—of tech solutions. Managing this portfolio is no small feat. Application data is siloed, messy, and outdated.”
“Entrio delivers full visibility into your technology portfolio with continuously updated data, plus the ability to benchmark against peers and explore what’s in the market.”
High-level solution than ESPROFILER, covers full software stack and doesn’t cover security-specific landscape, but we are seeing crossover with them in competing for budgets.
Gallery
Vendr
| Founded: | 2018 |
|---|---|
| Employees: | 225 |
| ARR: | $100m+ ARR |
| Funding: | $150m Series B |
| Scope: | Full Stack |
|---|---|
| ICP: | CFO, Head of Procurement |
| Focus: | Software Portfolio Mgmt, Spend Optimisation |
| Socials: | LinkedIn:25,000 followers |
Products
- Vendr Pro
- Ruth, Vendr's AI Negotiator - "Includes API integration for Slack Agents"
Other Services & Offerings
- Consultations - "Specialist negotiators working alongside you to work out best prices" - "Specialist negotiators working alongside you to work out best prices"
Taglines
- "
Walk into every negotiation with the answer.
" - "
The ultimate negotiation advantage
" - "
Turn every quote into instant leverage
" - "
Know exactly what to pay and how to get it. Real pricing data, guided negotiations, guaranteed savings
"
Notes
AI-Assisted Optimisation of Spend
Consultation offerings too
Incredibly clear messaging, ROI and value offering on their homepage
Broader scope than ESPROFILER, but executing and growing fast