Introduction
This is an ongoing project to capture the layout of the industries that comprise cybersecurity, privacy, and risk.
The mapping project is a combination of visuals, definitions, and examples from each area of the ecosystem. Seeing the ecosystem from multiple views is the most practical approach to grappling with the enormity of it all.
A table of contents is available to help you navigate through the mapping. It's large, and there is no way to simplify it without losing important details.
Various image formats and source files are also available at the bottom. You're welcome to use them as you please.
For more background on the thought process behind the project, check out the introductory article:

I hope you find this useful as you build your understanding of cybersecurity and plot your course in the industry.

Application Security
API Security
Overview: Processes and tools for preventing and monitoring malicious attacks and misuse of APIs.
Example(s): Salt Security, Wallarm, 42Crunch
Bot Management
Overview: Techniques and tools for assessing website bots and blocking malicious activity.
Example(s): PerimeterX, Netacea, Imperva Advanced Bot Detection, F5 Distributed Cloud Bot Defense
DevSecOps
Overview: An approach to software development that includes the combination of development, security, and operations as a shared responsibility throughout the lifecycle of an application.
Example(s): NIST: DevSecOps
Software Composition Analysis
Overview: Processes to identify use of open source software in a codebase to evaluate security, quality, licensing, and other software supply chain risks.
Example(s): Veracode, WhiteSource, Sonatype, Cloudsmith
Software Supply Chain Security
Overview: The identification, analysis, monitoring, and mitigation of security risks from third party software vendors, packages, integrations, and other components.
Example(s): Chainguard, Cloudsmith, Phylum
Static and Dynamic Application Security Testing (SAST/DAST)
Overview: Methodologies and tools for identifying security vulnerabilities in applications.
Example(s): Snyk, Acunetix, Stackhawk, Cobalt Strike
Web Application Firewall (WAF)
Overview: Systems to protect web applications or APIs against exploits, bots, and attacks that compromise the security and availability of web applications.
Example(s): F5 Advanced WAF, Signal Sciences, Cloudflare Web Application Firewall, Reblaze
Blockchain and Web3
Overview: Tools for securing and managing risks on blockchain and Web3 platforms.
Example(s): valid.network, Fireblocks, GK8, NuID, Remme
Cloud Security
Cloud Access Security Brokers (CASB)
Overview: Platforms to help secure and manage use of cloud-based SaaS applications and infrastructure.
Example(s): Netskope, Bitglass, McAfee MVISION Cloud
Cloud Infrastructure Entitlements Management (CIEM)
Overview: Tools to help companies manage permissions and detect excessive or risky access in cloud environments.
Example(s): Authomize, Ermetic
Cloud Security Posture Management (CSPM)
Overview: Continuous management, monitoring, policy enforcement, and compliance for cloud environment configurations.
Example(s): Wiz, Orca, Bridgecrew, Cloudanix, CrowdStrike Falcon Horizon
Cloud Workload Protection Platforms (CWPP)
Overview: Processes and tools for securing containers and workloads within different cloud environments.
Example(s): Aqua, Portshift, Intezer Protect, Zscaler Cloud Protection
Microsegmentation
Overview: Techniques and tools to logically divide networks into security segments at the workload level with specific controls based on the risk and requirements of each segment.
Example(s): Akamai Guardicore, Illumio
Certifications and Training
Certifications
Overview: Official cybersecurity professional credentialing programs offered by governing bodies.
Example(s): Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH)
Training
Overview: Education and learning courses or materials about cybersecurity-related topics.
Example(s): SANS Institute, The Cyber Mentor, Cybrary
Cyber Crime
Advanced Persistent Threats (APT)
Overview: Organized groups of threat actors who gain unauthorized access to networks for political or economic reasons.
Example(s): Cozy Bear, Double Dragon
Botnets
Overview: A network of compromised devices under the organized control of an attacker.
Example(s): Mirai, Necurs, Bredolab
Dark Web
Overview: A hidden area of internet sites and services, accessible only from a specialized web browser or proxy.
Example(s): The Hidden Wiki, ProPublica, Daniel, Silk Road
Fraud and Scams
Overview: Content, phishing, spam, and other fraudulent activity intended to trick users into sharing sensitive information.
Example(s): Marketplace Fraud, Account Takeover (ATO), Employment Scams
Malware
Overview: Intrusive software developed by cybercriminals to steal data or damage systems and networks.
Example(s): Pegasus, Petya, Morris worm
Ransomware
Overview: A specific type of malware and associated techniques for restricting access to data or other resources until a ransom is paid.
Example(s): REvil, WannaCry, DarkSide
Spyware and Stalkerware
Overview: Tools that enable someone to spy on another person's digital activity without their knowledge.
Example(s): Pegasus, mSpy, ClevGuard
Digital Identity
Authentication
Access Management
Overview: Platforms for identifying, tracking, controlling, and managing user access to applications and infrastructure.
Example(s): Okta Single Sign-On, Ping Identity Single Sign-On, ForgeRock Access Management
Biometrics
Overview: Use of physical or behavioral traits to authenticate and verify identity.
Example(s): Clear, Prove, Keyless
Customer Identity (CIAM)
Overview: Systems for controlling customer access to applications and managing customer profile information.
Example(s): Okta, ForgeRock, Ping Identity, FusionAuth
Electronic Identification
Overview: Government systems for digital proof of identity for citizens and organizations.
Example(s): Aadhaar, Israeli ID
Identity Graphing and Resolution
Overview: Services that correlate online and offline identifiers with consumer identities to create an accurate view of customers.
Example(s): LiveRamp Identity Resolution, Amperity Identity Resolution, Tapad
Identity Proofing
Overview: A service used for verifying a user's identity based on life history or other data aggregated from public and proprietary data sources.
Example(s): Persona, Trulioo, Jumio, AU10TIX
Passwordless and Multi-Factor Authentication
Overview: Authentication that replaces traditional passwords or combines two or more authentication requirements (e.g. password and one-time token) for increased security.
Example(s): Stytch, Transmit Security, HYPR, Beyond Identity, Duo Security, Authy, Trusona
Password Managers
Overview: Tools to help users generate, store, and use secure passwords.
Example(s): 1Password, LastPass, Dashlane
Social Login
Overview: Sign in to third party sites using authentication from social networks.
Example(s): Facebook Login, Google Sign-In, Sign in with Slack, Passport
Authorization
Background Screening
Overview: Services that compile and help verify employment, criminal, financial, and other records for people and organizations.
Example(s): Checkr, Truework, HireRight
Data Access Governance
Overview: Systems for gaining visibility and enforcing access control policies on unstructured data (spreadsheets, documents, PDFs, etc.).
Example(s): Varonis, StealthBits, SailPoint File Access Manager, Immuta
Directory Services
Overview: A repository for collecting information about users, devices, and resources for authentication and authorization. LDAP is a common standard for directory services.
Example(s): Microsoft Active Directory, ForgeRock Directory Services, JumpCloud
Identity Governance and Administration (IGA)
Overview: Systems for administering accounts and credentials, access provisioning, and access reviews.
Example(s): SailPoint, Oracle Identity Governance, ForgeRock Identity Management
Identity Theft Protection
Overview: Services that monitor and restore the personal data of consumers in the event of abnormal activity and theft.
Example(s): LifeLock, Identity Guard
Identity Wallets
Overview: Identity stores that allow users to manage and share their digital identity credentials and data.
Example(s): Spruce, Auth0 Sign In With Ethereum (SIWE), Proxy
Physical Access Control
Overview: Solutions that manage physical identities and access to physical locations and spaces.
Example(s): Envoy Visitor Management System, Openpath, Kisi, Sine
Privileged Access Management (PAM)
Overview: Systems for managing privileged (elevated) access for users, shared accounts, secrets, keys, and other high risk credentials.
Example(s): CyberArk, BeyondTrust, HashiCorp Vault
Fraud and Transaction Security
Fraud and Risk
Overview: Systems and processes to monitor, detect, prevent, and remediate fraudulent transactions and activities.
Example(s): Sift, Riskified, Deduce, Arkose Labs, BioCatch, Bolt Fraud Protection, MagicCube, Shift, DataVisor, Alloy
Trust and Safety
Overview: Business practices, workflows, and tools used by online platforms to reduce the risk of users experiencing harm, fraud, abuse, and other negative behaviors.
Example(s): Spectrum Labs, Cinder, Trustpage
Governance, Risk, and Compliance
Governance
GRC
Overview: Systems to automate and integrate enterprise, operational, and IT risk management processes and data.
Example(s): RSA Archer, LogicGate, ServiceNow GRC
Metrics and Dashboards
Overview: Tools used to track and display key performance indicators to measure cybersecurity risk and effectiveness.
Example(s): UpGuard, custom internal dashboards
Policies and Procedures
Overview: Written documents and tools for managing rules for individuals accessing an organization's systems and data.
Example(s): SANS Security Policy Templates, Zavanta, Tugboat Logic Information Security Policy Generator
Security Architecture
Overview: A core information security function that defines and guides architectural requirements and design of security-relevant elements within an organization.
Example(s): Zero Trust Architecture (ZTA), Software Defined Perimeter (SDP), Secure Access Service Edge (SASE) , Privacy by Design
Security Awareness
Overview: Training, instruction, and tools to educate users within an organization how to protect themselves and the company's assets from loss or harm.
Example(s): KnowBe4, CybSafe, Living Security
Segregation of Duties (SOD)
Overview: Automated enforcement of shared responsibilities among multiple people for execution of critical processes. Reduces fraud and errors.
Example(s): SAP Access Control, Pathlock
Standards and Frameworks
Overview: Documented guidance for policies and controls to systematically manage security and risk.
Example(s): NIST Special Publication 800-53, ISO 27002, ISACA COBIT, MITRE ATT&CK
Risk
Cyber Insurance
Overview: Specialty business insurance for protection against cybersecurity-related losses, including data breaches, ransomware, and other incidents.
Example(s): AIG Cyber Insurance, Chubb Cyber Insurance, Liberty Mutual Cyber Liability
Enterprise Risk Management
Overview: Identification, management, and remediation of company-wide risk at an executive level.
Example(s): COSO ERM Integrated Framework, ISO 31000
Risk Ratings
Overview: Assessment and quantification an organization's cybersecurity risk level.
Example(s): BitSight, SecurityScorecard, Corax
Compliance
Auditors and Assessors
Overview: Firms authorized to conduct independent reviews and certify compliance with regulations and standards.
Example(s): PwC – Trust Solutions, Deloitte – Audit & Assurance, EY – Assurance, KPMG – Audit, Trustwave
Compliance Automation
Overview: Tools for automating compliance processes and continuous controls monitoring.
Example(s): Vanta, Secureframe, Tugboat Logic, Drata, Very Good Security
Regulations
Overview: Official rules to enforce laws created by governments. Implemented and maintained by authorized government agencies.
Example(s): HIPAA, Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR)
Third Party Assurance
Overview: An examination of a service provider's services, internal controls, and risks conducted by a third party on behalf of customers. Results are documented in a compliance report.
Government and NGOs
Agencies
Overview: Government agencies specializing in cybersecurity policy, research, and protection.
Example(s): National Security Agency (NSA), Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Institute of Standards and Technology (NIST)
International Organizations
Overview: International government organizations specializing in cybersecurity policy, research, and protection.
Example(s): INTERPOL, NATO Cyber Defence, United Nations Office of Counter-Terrorism
NGOs
Overview: Nonprofit organizations specializing in cybersecurity policy, research, and protection.
Example(s): Electronic Frontier Foundation (EFF), Internet Watch Foundation (IWF), Information Security Forum (ISF), Center for Internet Security (CIS)
Universities
Overview: Cybersecurity research and education programs at public and private universities.
Example(s): Citizen Lab, Stanford Internet Observatory, Cybersecurity at MIT Sloan
Infrastructure Security
Network Security
DDoS Mitigation
Overview: Services to throttle and prevent distributed denial of service attack disruptions.
Example(s): Cloudflare DDoS Protection, Radware Cloud DDoS Protection Service, Akamai Prolexic
DNS/DHCP/IPAM
Overview: Services and administration for DNS, DHCP, and IP addressing used on a network.
Example(s): OpenDNS, Cloudflare DNS, BlueCat
Firewalls
Overview: Network security devices to regulate network traffic based on rules.
Example(s): CheckPoint Firewall, Cisco Secure Firewall, F5 Advanced Firewall Manager, Palo Alto Networks Next-Generation Firewall
Intrusion Detection System (IDS)/Intrusion Prevention System (IPS)
Overview: Systems to monitor and prevent network traffic matching recognized security threat profiles.
Example(s): CheckPoint Intrusion Prevention System, Cisco Secure IPS, Juniper SRX
Messaging Security
Overview: Processes and tools to secure and protect messaging and communication infrastructure, primarily focused on email-based threats.
Example(s): Tessian, ProofPoint Email Security and Protection, Mimecast Email Security, GreatHorn, IRONSCALES, Area 1
Network Access Control (NAC)
Overview: Systems that provide visibility and control of devices accessing a network.
Example(s): Aruba Secure Network Access Control, Netshield, Portnox
Secure Networking
Overview: Policies, processes, and tools to augment networking with additional security controls. An adjacent domain with several features related to cybersecurity.
Example(s): Exinda Network Orchestrator, Forescout
Secure Web Gateway
Overview: Systems to filter user-initiated internet traffic and enforce corporate and regulatory content policies.
Example(s): Menlo Secure Web Gateway, Zscaler Internet Access, Lookout Secure Web Gateway, Forcepoint Secure Web Gateway
SSL Visibility
Overview: Tools that provide visibility into encrypted network traffic for monitoring and threat analysis.
Example(s): F5 SSL Orchestrator, Broadcom SSL Visibility Appliance
Virtual Private Networks (VPN)
Overview: Systems that enable users to securely and privately browse public internet sites and access private networks across a public network.
Example(s): NordVPN, ProtonVPN, PulseSecure
Wireless Security
Overview: Prevention of damage and unauthorized access via wireless networks.
Example(s): 7SIGNAL, WatchGuard Secure Wi-Fi, Aruba Wireless
Zero Trust Network Access (ZTNA)
Overview: Products that broker access to applications and network resources based on identity and context.
Example(s): Appgate SDP, Zscaler Private Access, Palo Alto Networks Prisma Access
Endpoint Security
Application Control
Overview: Approach and tools for protecting against execution of malware and unapproved applications on endpoints.
Example(s): Thycotic Privilege Manager, McAfee Application and Change Control, VMware Carbon Black App Control
Endpoint Detection and Response
Overview: Tools installed on endpoints to record key activity for monitoring and threat investigations.
Example(s): SentinelOne, Cybereason, Tanium Threat Response, Sophos Intercept X Endpoint
Endpoint Protection
Overview: Software to protect endpoints from threats, including malware, ransomware, phishing, and data theft.
Example(s): Kaspersky, CrowdStrike Falcon Endpoint Protection, SparkCognition DeepArmor
File Integrity Monitoring
Overview: Solutions to monitor changes in operating system, database, and application files.
Example(s): CrowdStrike Falcon FileVantage, Tripwire File Integrity Manager, Qualys File Integrity Monitoring
Host Intrusion Prevention System (HIPS)
Overview: Endpoint-based intrusion detection and prevention system to monitor and analyze internals and network traffic on the endpoint for prevention and detection of threats.
Example(s): McAfee Host Intrusion Prevention
Secure Desktop
Overview: Management of endpoints for containment of threats and secure enterprise network access.
Example(s): Hysolate, Absolute, Ivanti
Secure Web Browsers
Overview: Security-focused web browsers and isolation for enterprises.
Example(s): Authentic8, Island, Talon
Data Center Security
Backup and Recovery
Overview: Processes and tools for creating, storing, and restoring copies of data to protect against data loss.
Example(s): Veritas, Rewind, Hewlett Packard Enterprise Data Protection
Secure Storage
Overview: Processes, hardware, and facilities for maintaining data security and integrity.
Example(s): Commvault, Veeam, Iron Mountain
Investors
Angel and Seed Investors
Overview: Independent individual investors or a group of individual investors who invest capital in early stage cybersecurity companies.
Example(s): Silicon Valley CISO Investments, SYN Ventures, Cyber Seed Fund I
Investment Banking
Overview: Advisors and intermediaries for financial transactions, including mergers, acquisitions, and large scale investments.
Example(s): Momentum Cyber, AGC Partners, DBO Partners
Private Equity
Overview: Late stage private equity firms and investment banks with significant portfolios of cybersecurity companies.
Example(s): Thoma Bravo, Vista Equity Partners, Symphony Technology Group
Venture Capital
Overview: Institutional venture capital firms with a significant number of cybersecurity investments and exits.
Example(s): Andreessen Horowitz, Sequoia, NightDragon, YL Ventures, AllegisCyber Capital, ForgePoint Capital, Ten Eleven
Media
Analysts
Overview: Firms and independent analysts covering cybersecurity companies and trends.
Example(s): Gartner, Forrester, Strategy of Security
Books
Overview: Authors writing books about cybersecurity topics.
Example(s): Bruce Schneier, Matt Bishop, Victoria Baines
Events
Overview: Conferences and events related to cybersecurity.
Example(s): RSA Conference, DEF CON, Oktane
News
Overview: Media and independent journalists covering cybersecurity news and events.
Example(s): CyberWire, This Week In Security, tl;dr sec
Publications
Overview: Magazines, journals, and other digital media about cybersecurity topics.
Example(s): SC Magazine, ISACA Journal, CISO Magazine
Mobile Security
Overview: Tools protect sensitive information stored on mobile devices, including smartphones, tablets, and wearables.
Example(s): Lookout Mobile Endpoint Security, Deep Instinct Mobile Security, SIRIN LABS
Physical Security
Connected Car Security
Overview: Protection of vehicle electronic systems, software, and data from malicious attacks.
Example(s): Foretellix, SafeRide, Otonomo
Connected Home Security
Overview: Protection of home electronic systems, software, and data from malicious attacks.
Example(s): Bitdefender BOX, CUJO AI, SAM
Firmware Security
Overview: Protecting the firmware of computers or devices from compromise.
Example(s): Trapezoid, Eclypsium, Vdoo, Finite State, Palitronica Anvil
Internet of Things (IoT) Security
Overview: Security for Internet of Things (IoT) devices and connected networks.
Example(s): Armis, Regulus, Bastille, Karamba Security
Operational Technology (OT) Security
Overview: Tools to monitor and control the security of Industrial Control Systems (ICS).
Example(s): Dragos, Claroty, Tenable.ot, Star Lab, Palitronica Palisade
Privacy
Consumer Privacy
Anonymous Communication
Overview: Tools and protocols for protecting and anonymizing user internet traffic to conceal location, usage, and identity against network surveillance or traffic analysis.
Example(s): The Tor Project, Freenet, Invisible Internet Project (I2P)
Breach Notification Services
Overview: Services that help inform users if their personal information, such as email address or passwords, have been leaked in data breaches.
Example(s): Have I Been Pwned, 1Password Watchtower, Firefox Monitor
Personal Data Economy
Overview: Platforms that enable individuals to take ownership of their information and potentially profit from selling data.
Example(s): Meeco, digi.me, CitizenMe, Dataswift
Personal Information Removal
Overview: Services that centralize and automate the process of opting out and removing personal data from data brokers.
Privacy Assistants
Overview: Tools to help users understand and manage access to their private data.
Example(s): Fastmail, MySudo, Jumbo, Rita, Privacy, Cloaked
Secure Collaboration
Overview: Platforms for private messaging and information sharing through encrypted communication channels.
Example(s): Signal, Telegram, WhatsApp
Data Protection
Data Loss/Leakage Prevention
Overview: Systems to detect and prevent transmission of sensitive data.
Example(s): Code42, Forcepoint Data Loss Prevention, McAfee Total Prevention
Database Security
Overview: Tools, controls, and processes to protect databases from compromise.
Example(s): Fortinet FortiGuard Database Security, IBM Guardium, Baffle
e-Discovery
Overview: Identification, collection, and storage of electronic information for investigations and legal requests.
Example(s): Relativity, Logicube, Nuix, Consilio
Public Key Infrastructure
Overview: Infrastructure to establish and manage public key encryption for user identities, device identities, and secure end-to-end communications.
Example(s): Entrust, Keyfactor, Let's Encrypt, Venafi
Rights Management
Overview: Software to help companies protect digital content (videos, images, files, etc.) from unauthorized distribution and duplication.
Example(s): Vera, Seclore EDRM
Enterprise Privacy Management
Data Discovery and Classification
Overview: The process of scanning data sources to find and classify structured and unstructured data, with a focus on sensitive and/or regulated data.
Example(s): BigID, ActiveNav, Tanium Reveal, Varonis Data Classification Engine
Data Deidentification and Pseudonymity
Overview: Tools to redact and deidentify data for use by researchers, data scientists, and other parties without compromising the privacy of people in the dataset.
Example(s): Privitar, Hazy, Statice, Sarus
Enterprise Communication
Overview: Messaging solutions to help employees and partners within an organization communicate securely.
Example(s): Mattermost, Silent Circle
Encryption and Tokenization
Overview: Processes and tools for transforming sensitive data into an encrypted or masked value.
Example(s): Very Good Security, Skyflow, Evervault, StrongSalt
Privacy Program Management
Assessment Managers
Overview: Workflows and automation for various functions of a privacy program.
Example(s): OneTrust Privacy Management, TrustArc, BigID Privacy Impact Assessment App
Consent Management
Overview: Systems and processes for notifying users about personal data collection and collecting explicit consent.
Example(s): UserCentrics, Osano, CookieYes
Data Mapping
Overview: Tools to help organizations map data flows across the enterprise.
Example(s): DataGrail, BigID Data Mapping
Data Subject Request Automation
Overview: Processes and tools to support individual requests for personal data and use under data privacy laws.
Example(s): Transcend, Metomic, Ethyca, Ketch Data Subject Rights Fulfillment
Privacy Information Managers
Overview: Information and updates for understanding global privacy laws and regulations.
Example(s): OneTrust DataGuidance
Website Scanning
Overview: Tools to check websites to identify which cookies, beacons, and trackers are in use.
Example(s): PrivacyScore, Sovy GDPR Scan, Blacklight
Professional Services
Managed Services
Managed Detection and Response (MDR)
Overview: Outsourced management and monitoring for advanced cybersecurity functions and systems, including threat intelligence, threat hunting, and incident response.
Example(s): eSentire, Arctic Wolf, Red Canary
Managed Security Service Provider (MSSP)
Overview: Outsourced management and monitoring for basic cybersecurity functions and systems.
Example(s): Optiv, IBM, Verizon
Outsourcing
Overview: External management of specific cybersecurity functions (typically operational tasks). Often focused on cost reduction.
Example(s): Wipro, TCS, Infosys
Consulting
Boutique
Overview: Specialized cybersecurity, privacy, or risk consulting practices within small professional services firms.
Example(s): Krebs Stamos Group, Mandiant, Praetorian
Large
Overview: Cybersecurity, privacy, and risk consulting practices within large professional services firms.
Example(s): Accenture, PwC, Deloitte
Talent Marketplaces
Freelance Consulting
Overview: Platforms for short-term cybersecurity gigs or contracts for 1099 workers through an employer.
Example(s): PwC Talent Exchange, EY GigNow, Accenture Contractor Exchange
Crowdsourcing
Overview: Public platforms for specific cybersecurity services, such as bug bounties.
Example(s): HackerOne, BugCrowd, Synack
Security Operations
Monitoring and Operations
Analytics
Overview: Data analytics platforms to proactively monitor and analyze security data.
Example(s): Awake, Exabeam, Darktrace
Application Performance Monitoring (APM)
Overview: Software for application monitoring, tracing, diagnostics, and performance. This domain is adjacent to cybersecurity with some common cybersecurity features.
Example(s): Datadog, New Relic, Sentry
Data Management
Overview: Processes and tools to extract, normalize, and enrich security data from multiple tools.
Example(s): Monad
Employee Monitoring
Overview: Monitoring tools for logging and measuring employee activity and productivity.
Example(s): Controlio, TeraMind
Network Performance Monitoring
Overview: Platforms to visualize, monitor, optimize, troubleshoot, and report on the health and availability of networks.
Example(s): NetScout, SolarWinds Network Performance Monitor
Security Information and Event Management (SIEM)
Overview: Tools to consolidate and correlate log data for identification of security incidents.
Example(s): Splunk Enterprise Security, Sumo Logic Cloud SIEM, Elastic SIEM, Panther
User and Entity Behavior Analytics (UEBA)
Overview: Processes and tools to detect threats based on patterns in user behavior.
Example(s): Securonix UEBA, Gurucul, Exabeam Behavioral Analytics
Vulnerability Assessment and Management
Cyber Range
Overview: Platforms for hands-on cybersecurity attack training and practice.
Example(s): Hack the Box, Cyberbit Cyber Range
Penetration Testing
Overview: Intentional attacks on applications, networks, and infrastructure to identify exploitable vulnerabilities.
Example(s): Wireshark, Metasploit, NMAP
Social Engineering
Overview: Techniques to manipulate people into exposing confidential information, allowing unauthorized access, and other human-exploitable vulnerabilities.
Example(s): Cofense, Proofpoint
Vulnerability Management and Testing
Overview: Processes and tools for discovering, classifying, prioritizing, and remediating software and infrastructure vulnerabilities.
Example(s): Qualys, Tenable, ThreadFix, Vulcan
Change Management
Asset Management
Overview: Processes and tools for identifying and managing IT assets and their potential security risks.
Example(s): Jamf, Axonius, Armis
Configuration Management Database (CMDB)
Overview: A database for storing information about hardware and software assets. CMDBs are primarily used for IT Service Management; however, much of the data is applicable to security operations.
Example(s): ServiceNow CMDB, Solarwinds CMDB, JupiterOne
Patch and System Management
Overview: Processes and tools for keeping applications and infrastructure up to date with patches to address bugs and vulnerabilities.
Example(s): Tanium Patch, Solarwinds Patch Manager, ManageEngine Patch Manager
Incident Management and Response
Deception
Overview: Tools and techniques to deceive and catch attackers by imitating real assets as traps and decoys.
Example(s): Canary, Illusive Attack Detection System, TrapX
Extended Detection and Response (XDR)
Overview: Systems to aggregate and analyze data to improve threat detection and incident response.
Example(s): Anomali, Cynet, FireEye XDR
Forensics
Overview: Tracking and analysis of data on networks, mobile devices, computers, and storage devices for cybercrime investigations.
Example(s): AccessData, The Sleuth Kit, EnCase
Security Orchestration, Automation, and Response (SOAR)
Overview: Systems and processes for collecting data from various security operations sources to define, prioritize, and automate incident response activities and workflows.
Example(s): FireEye Helix, Cyware, Swimlane, Tines
Intelligence
Open Source Intelligence (OSINT)
Overview: Collection of publicly available data and information sources to provide actionable intelligence.
Example(s): Shodan, Maltego, GreyNoise
Threat Intelligence
Overview: Collection of intelligence used to understand current or future threats to an organization.
Example(s): Recorded Future, RiskIQ, ZeroFox, Digital Shadows
Files
The cybersecurity ecosystem mapping is free for you to use and republish. Several variations in multiple file formats are available here.
The full ecosystem map was created in a resolution suitable for 24x36 posters.
SVG
A vector graphic in SVG format for dynamic resizing and printing.
PNG
A raster graphic in PNG format.
A printable graphic in PDF format.
Figma
The original Figma source file in read-only format.
GitHub Repository
Text for the definitions and mapping in Markdown format.
Credits
Multiple sources were used for this meta-analysis of the cybersecurity ecosystem, including the following:
- CB Insights: The Periodic Table of Cybersecurity Startups
- CTech: Israel's 2020 Cyber Landscape
- Foundation Capital: Cybersecurity, The Next Trillion-Dollar Market?
- Gartner: Information Technology Glossary
- Henry Jiang: Cybersecurity Domain Map
- IAPP: IAPP 2021 Privacy Tech Vendor Report
- Liminal: Liminal Landscape
- Michael Tefula: The Evolution of Privacy Tech
- Momentum Cyber: CyberSCAPE
- Okta: Identity and Access Management Glossary
- Optiv: Cybersecurity Technology Map, Cybersecurity Dictionary
- Redpoint: Introducing Redpoint’s Data Security Landscapes
- UC Berkeley: SCET Explains — Cybersecurity