Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cybersecurity Tools and Categories - Coggle Diagram
Cybersecurity Tools and Categories
SIEM (Security Information and Event Management) 📊
Splunk
– Real-time monitoring and log analysis
IBM QRadar
– Comprehensive SIEM with threat detection
ArcSight
– Enterprise-level log correlation
LogRhythm
– SIEM with built-in analytics
AlienVault USM
– Unified security management
Elastic SIEM
– Open-source and scalable SIEM
Exabeam
– User behavior analytics (UBA) and SIEM
IDS/IPS (Intrusion Detection/Prevention Systems) 🔍
Snort
– Open-source IDS/IPS
Suricata
– High-performance IDS/IPS engine
Zeek (Bro)
– Network traffic analysis and IDS
Cisco Firepower
– Next-gen IPS
Palo Alto Networks
– Integrated IDS/IPS
McAfee NSP
– Network security platform
TippingPoint
– Network-based IPS solutions
Vulnerability Management 🛠️
Nessus
– Vulnerability scanning
Qualys
– Cloud-based vulnerability management
OpenVAS
– Open-source vulnerability scanner
Rapid7 Nexpose
– On-prem vulnerability scanning
Tenable.io
– Continuous vulnerability monitoring
InsightVM
– Real-time vulnerability detection
Acunetix
– Web vulnerability scanner
Firewalls 🔥
pfSense
– Open-source firewall
Cisco ASA
– Enterprise firewall solution
Fortinet FortiGate
– Next-generation firewall (NGFW)
Palo Alto NGFW
– Application-aware firewall
SonicWall
– Advanced threat protection firewall
Check Point
– Firewall with threat prevention
Sophos XG Firewall
– Unified threat management
Endpoint Security 🖥️
CrowdStrike Falcon
– Endpoint detection and response (EDR)
Microsoft Defender
– Endpoint security platform
Symantec Endpoint Protection
– Comprehensive endpoint defense
Trend Micro Apex One
– AI-driven endpoint protection
Kaspersky Endpoint
– Malware defense for endpoints
McAfee ENS
– Endpoint threat protection
Bitdefender GravityZone
– Next-gen endpoint defense
Web Application Security 🌐
Burp Suite
– Web vulnerability scanner
OWASP ZAP
– Web app penetration testing
Qualys WAS
– Web app scanning
Netsparker
– Automated web app security
Acunetix
– Web application vulnerability scanner
Imperva WAF
– Web application firewall
F5 BIG-IP
– Application delivery and WAF
Network Scanning and Mapping 🌐
Nmap
– Network mapper and port scanner
Angry IP Scanner
– Fast IP and port scanner
Zenmap
– GUI for Nmap
Advanced IP Scanner
– Local network scanner
Fing
– Network analysis and mapping
SolarWinds
– Network performance monitor
Netcat
– Network analysis tool
Identity and Access Management (IAM) 🔑
Okta
– Identity management and SSO
Ping Identity
– Access control and authentication
Microsoft Azure AD
– Cloud identity solution
CyberArk
– Privileged access management
Auth0
– Application identity platform
RSA SecurID
– Multi-factor authentication
OneLogin
– IAM with adaptive MFA
Digital Forensics and Incident Response (DFIR) 🕵️
Autopsy
– Digital forensics tool
The Sleuth Kit
– Disk analysis and forensics
Volatility
– Memory forensics framework
GRR Rapid Response
– Live forensics and incident response
X-Ways Forensics
– Advanced disk analysis
Magnet Axiom
– Comprehensive digital investigation tool
FTK (Forensic Toolkit)
– Forensics imaging and analysis
Phishing Defense 🎣
KnowBe4
– Security awareness and phishing simulation
Cofense
– Phishing defense and incident response
Proofpoint
– Email security and phishing protection
Barracuda
– Phishing prevention and email filtering
Mimecast
– Anti-phishing training
Ironscales
– AI phishing detection
PhishLabs
– Threat intelligence for phishing
Container Security 🐳
Aqua Security
– Container runtime security
Twistlock (Palo Alto)
– Container vulnerability scanning
Snyk
– Container and open-source vulnerability scanning
Anchore
– Container compliance tool
Docker Bench for Security
– Docker container security check
Sysdig
– Container monitoring and defense
JFrog Xray
– Container artifact scanning
Threat Intelligence 🧠
Recorded Future
– Threat intelligence platform
ThreatConnect
– Intel aggregation and sharing
IBM X-Force
– Threat intel feeds
Anomali
– Threat data management
Mandiant Advantage
– Real-time threat insights
Open Threat Exchange (OTX)
– Open-source threat intel
FireEye
– Cyber threat intelligence
Cloud Security ☁️
Prisma Cloud (Palo Alto)
– Multi-cloud security platform
AWS Security Hub
– AWS threat detection and monitoring
Azure Security Center
– Microsoft cloud security solution
Google Security Command Center
– Google Cloud asset and threat monitoring
Dome9
– Cloud compliance and visualization
Check Point CloudGuard
– Multi-cloud threat prevention
Lacework
– Cloud workload and container security
DevSecOps 🔄
SonarQube
– Code analysis and security
JFrog Xray
– Artifact vulnerability scanning
Snyk
– CI/CD vulnerability detection
Aqua Security
– DevOps pipeline security
Twistlock
– Container security during development
Anchore
– DevOps container compliance
GitLab
– Built-in DevSecOps pipeline tools
Email Security 📧
Proofpoint
– Email threat protection
Mimecast
– Phishing prevention and email continuity
Barracuda Email Security
– Email filtering and spam protection
Cisco Email Security
– Email gateway defense
Microsoft Defender for Office 365
– Cloud email protection
IronScales
– Email phishing protection
Sophos Email
– Email filtering and encryption
Data Loss Prevention (DLP) 🔒
Symantec DLP
– Comprehensive data loss prevention
Digital Guardian
– Endpoint and network DLP
McAfee Total Protection for DLP
– Data breach protection
Forcepoint DLP
– Data security across endpoints
Varonis
– Data monitoring and access control
Microsoft Purview (DLP)
– Microsoft data protection solution
Check Point DLP
– Data flow monitoring and blocking
Wireless Security 📡
Aircrack-ng
– Wi-Fi network penetration testing
Kismet
– Wireless packet sniffing and IDS
Wireshark
– Wireless packet analysis
Ekahau
– Wireless site surveys
NetSpot
– Wi-Fi performance and analysis
Cisco Meraki
– Secure cloud-managed Wi-Fi
Wifiphisher
– Rogue access point simulation
Privileged Access Management (PAM) 🔐
CyberArk
– Leading PAM solution
BeyondTrust
– Privileged access management and vulnerability management
Thycotic Secret Server
– Secrets management and PAM
ManageEngine PAM360
– Privileged access control
Centrify
– Privileged identity management
One Identity
– Comprehensive PAM suite
Delinea (Thycotic + Centrify)
– Unified PAM platform
Web Proxy & Filtering 🌍
Blue Coat (Symantec)
– Web proxy and filtering
Zscaler
– Cloud-based web security
Cisco Umbrella
– DNS-level protection and web filtering
Forcepoint Web Security
– Web access control and threat prevention
Palo Alto Networks
– URL filtering and proxy
McAfee Web Gateway
– Web protection and anti-malware
Sophos Web Gateway
– Web traffic monitoring and control
Industrial Control System (ICS) Security 🏭
Nozomi Networks
– ICS and OT security
Dragos
– OT/ICS threat monitoring
Claroty
– Critical infrastructure security
SCADAfence
– Industrial network protection
Tenable.ot
– ICS vulnerability detection
Fortinet FortiGate OT
– OT firewall and monitoring
Radiflow
– ICS/SCADA security monitoring
Ransomware Protection 🛡️
Sophos Intercept X
– Ransomware rollback and prevention
CrowdStrike Falcon
– Ransomware mitigation
Microsoft Defender ATP
– Endpoint ransomware defense
Bitdefender GravityZone
– Anti-ransomware protection
SentinelOne
– Autonomous ransomware protection
Carbon Black
– Ransomware analysis and prevention
Acronis Cyber Protect
– Backup with anti-ransomware
Threat Hunting 🏹
Elastic Stack (ELK)
– Log analysis and threat hunting
Splunk Enterprise
– Real-time data analysis for threat detection
CrowdStrike Threat Graph
– Endpoint behavior analysis
Cisco Threat Grid
– Malware sandboxing
Mandiant Threat Intelligence
– Proactive threat identification
Microsoft Sentinel
– Threat detection and hunting platform
FireEye Endpoint Security
– Threat hunting capabilities
Security Automation and Orchestration (SOAR) 🤖
Palo Alto Cortex XSOAR
– Automated incident response
Splunk SOAR (Phantom)
– Security orchestration
Swimlane
– Security automation and case management
Tines
– Automation of security workflows
IBM Resilient
– Incident response automation
FortiSOAR
– Security automation platform
Siemplify
– SOAR platform for SOC teams