What are the best cyber security companies?


TS Rookie
With this hacking thing with China and Apple and Amazon, along with Russia and elections. Facebook. etc. A lot of cyber security issues in the news. I am an investor and would like to know the opinions on the best companies in this space and any experiences with them.

I am looking at Fire Eye, Palo Alto Networks, Checkpoint and possibly Symantec. Any input would be appreciated. Thanks.


TS Ambassador
After 37 yrs in programming, I've found that it's a moving target and no single company has a lock on the protection, avoidance or recovery necessary today. Some of the names you site are very 'old school' which means (to me) they will continue to stretch out the capabilities of their existing products as long as possible. For example, Finger Printing detection is old and nearly useless as infections are no longer 'insert the infection' and await for it to be triggered.

Modern malware comes in multi-staged portions from multiple sources and is not easily found by just scanning the disk. One such attach has five sequential steps to complete the infection and when completed, it's invisible to scanning!! We have 'secure boot' systems and yes, they get infected too and are not scanned. There is code now being executed in the GPU - - and no product today can detect nor protect from them.

[I'll rant] once again as you may not be aware: there are two fundamental types of antivirus' (AV)
  • Reactive, where the HD code is scanned and corrected (if possible)
  • Proactive, where the effort is taken to avoid letting the code get modified in the first place.
There are few of the latter and obviously I much prefer these. The email is scanned before it is allowed into the INBOX and thus no contaminated Word, Excel, Adobe files are saved. The other is scanning of webpage links that lead to active, realtime actors to infect a system when one is clicked.

As I'm on a laptop where battery life is precious, scanning the HD is very wasteful use of scanning, rescanning and yet still more scanning when launching every program.

[/rant off]

Infections come from 'susceptible vectors';
  • poorly written code
  • I/o overflow of buffers
  • stack overrun
  • heap overrun
  • hidden back doors
  • failure to validate user inputs
  • the logical 'man-in-the-middle' which can take on various forms of external operations such as a proxy, tor and SSL interception.
  • unvalidate/untested browser add-ons and extensions
It should be clear that a reactive AV product can not address several of the above. The modern AV must detect code behavior(s).


TS Ambassador
With this hacking thing with China and Apple and Amazon, along with Russia and elections.
I take umbrage with the allegation the "the Russians HACKED our elections". IMO they used DISINFORMATION, redirection, FUD (fear, uncertainty & doubt) and let the masses have an emotional field day - - it certainly worked didn't it!

In WW II, the Allies planted evidence and rumors that the invasion of Europe would come via Callie, the logical point via distance traveled. Fooled Rommel and the Axis leadership to prepare their logistics hundreds of miles away from Normandy. See the wiki https://en.wikipedia.org/wiki/Operation_Fortitude for the extent of the ruse.

HACKING is an overt intrusion into servers and their code to alter the design intent.
The damage to the IRAN nuclear facilities WAS hacking their system to mal-perform such that it self-destructed.

As the last few months have shown, FUD and disinformation can be far more effective to those that refuse to verify facts.