AI Strengthening Cybersecurity Software, ISG Says

Enterprises build complete security frameworks incorporating automated access, endpoint protection, data recovery and other tools, new research says

Growing and evolving security threats make it increasingly important for enterprises to deploy advanced cybersecurity software and to understand its intricacies and capabilities, according to new research from global AI-centered technology research and advisory firm Information Services Group (ISG) (Nasdaq: III).

The ISG Buyers Guides™ for Cybersecurity, produced by ISG Software Research, provide the rankings and ratings of 57 software providers and their products that address enterprise cybersecurity needs. The research is designed to help enterprise security leaders make informed decisions on selecting and deploying tools to foster a safer digital environment. The research finds that a growing majority of organizations will use advanced security software in the coming years as generative AI transforms the capabilities of these products.

Unlike in business application software, there is no one cybersecurity provider with a complete offering to address all enterprise security challenges. Reacting to new vulnerabilities and an amorphous attack surface puts security teams at a disadvantage.

“Given the massive financial and reputational damage data breaches can cause, proactive strategies for identity management, data recovery and threat detection and response are essential,” said Jeff Orr, director, ISG Software Research. “Providers are using AI to improve all categories of security software, so enterprises need to stay informed to know what is possible.”

The backbone of modern cybersecurity operations is security information and event management (SIEM), a comprehensive system for collecting, aggregating and analyzing security data from multiple sources, the research finds. By centralizing logs and security events from network devices, servers and applications, SIEM platforms offer real-time visibility into incidents and analyze the data so security teams can detect patterns of malicious behavior. SIEM also helps companies comply with data privacy regulations by providing audit trails and required controls.

Providers are enhancing SIEM platforms with GenAI by automating anomaly detection and responses to threats, the research shows. AI algorithms can constantly process vast amounts of security data. GenAI-enabled natural-language processing automates investigations of security alerts and generates detailed narratives and recommendations.

Identity and access management (IAM) integrates with SIEM to perform a crucial role in enterprise security, managing user identities and access permissions for employees, contractors, partners and the growing number of non-human identities that need to access enterprise resources, ISG finds. Using GenAI, IAM software providers automate routine functions such as provisioning and de-provisioning of user accounts, streamlining enterprise processes. In the future, agentic AI may enable fully autonomous management of access controls and user identities, proactively adjusting permissions based on emerging threats or changes in user roles.

Endpoint detection and response (EDR) software, which monitors endpoints for suspicious behaviors and indicators that they have been compromised, is another valuable tool for enterprise resilience against sophisticated cyberattacks, the research shows. GenAI enables EDR software to automatically analyze endpoint telemetry and prioritize alerts based on risk.

Given the prime importance of data as an enterprise asset, data backup and recovery tools are also critical to resilience against ransomware and other threats. By 2027, ISG expects three-quarters of enterprises to adopt backup and recovery programs with continuous data protection, which uses real-time backups of data and enables recovery to specific points in time.

For its 2025 Buyers Guides™ for Cybersecurity, ISG evaluated software providers across four platform categories — SIEM, Identity and Access Management, EDR and Data Recovery — and produced a separate Buyers Guide for each. A total of 57 providers were assessed: Acronis, Arcserve, Arctic Wolf, AvePoint, AWS, BeyondTrust, Bitdefender, Broadcom, Check Point, Cisco, Cohesity, Commvault, CrowdStrike, CyberArk, Cybereason, Delinea, Dell, Devo Technology, Druva, Elastic, Entrust, ESET, Eviden, Exabeam, Fortinet, Fortra, Google Cloud, HPE, IBM, JumpCloud, ManageEngine, Microsoft, N-able, NetWitness, NinjaOne, Okta, OpenText, Oracle, Palo Alto Networks, Ping Identity, Qualys, Quest, Rapid7, RSA, Rubrik, SailPoint, Securonix, SentinelOne, SolarWinds, Sophos, Splunk, Sumo Logic, Thales, Trellix, Trend Micro, Veeam and WithSecure.

ISG Software Research rates software providers in seven evaluation categories. Five are related to product experience: usability, manageability, reliability, capability, and adaptability. Two are related to customer assurance: validation and total cost of ownership and return on investment (TCO/ROI). Providers ranked in the top three for each evaluation category are named as Leaders. Within each platform category, those with the most Leader rankings are named as Overall Leaders.

The Overall Leaders of the 2025 Buyers Guides™ for Cybersecurity were the following:

SIEM: The overall leaders were Microsoft in first place, Splunk in second place and ManageEngine in third place. Microsoft was designated a Leader in six evaluation categories, Splunk in five and ManageEngine in four. All three overall leaders were rated Exemplary, along with Elastic, Google Cloud, OpenText and Sumo Logic. No providers were rated Innovative.

Identity and Access Management: The overall leaders were Microsoft in first place, IBM in second place and Oracle in third place. IBM was named a Leader in all seven performance categories, Microsoft in five and Oracle in two. All three overall leaders were rated exemplary, along with Broadcom, Google Cloud and Okta. Delina was rated Innovative.

EDR: Microsoft was the top overall leader, followed by SentinelOne in second place and Palo Alto Networks in third place. Microsoft was designated a Leader in all seven evaluation categories, while SentinelOne and Palo Alto Networks each were named Leaders in one evaluation category. Arctic Wolf, Bitdefender, Cisco, ManageEngine, Microsoft, Palo Alto Networks and Trend Micro were rated Exemplary. SentinelOne was rated Innovative.

Data Recovery: AWS was the top overall leader, followed by Microsoft and IBM, which had the same performance score. Microsoft and IBM were designated Leaders in six evaluation categories each, while AWS was named a Leader in four. All three overall leaders were rated Exemplary, along with AvePoint, Commvault, Druva, HPE, OpenText and Veeam.

“Effective cybersecurity in enterprises requires a unified approach covering all types of attacks and all means of prevention and recovery,” said Mark Smith, partner and chief software analyst, ISG Software Research. “The software to build this type of defense is rapidly evolving, and changes caused by AI and future quantum computing will require the right software partners. Our ratings and rankings of cybersecurity software, in the context of an end-to-end approach, guide enterprises and CISOs that seek to supercharge existing frameworks for an unknown future.”

The ISG Buyers Guides™ for Cybersecurity are the distillation of more than a year of market and product research efforts. The research is not sponsored nor influenced by software providers and is conducted solely to help enterprises optimize their business and IT software investments. It provides the industry’s most comprehensive review of all viable software options, comparing their strengths to give enterprises insight to make critical selection decisions.

Visit this webpage to learn more about the ISG Buyers Guides™ for Cybersecurity and read executive summaries of each of the four reports. The complete reports, including provider rankings across seven product and customer experience dimensions and detailed research findings on each provider, are available by contacting ISG Software Research. Enterprises that want access to the research and subject matter experts can do so through a subscription to ISG Software Lens.

About ISG Software Research

ISG Software Research provides authoritative coverage and analysis of the business and IT software industry. It distributes research and insights daily through its user community, and provides a portfolio of consulting, advisory, research and education services for enterprises, software and service providers, and investment firms. Its ISG Buyers Guides™ help enterprises evaluate and select software providers through tailored assessments powered by ISG’s proprietary methodology. Visit research.isg-one.com for more information and to sign up for free community membership.

About ISG

ISG (Nasdaq: III) is a global AI-centered technology research and advisory firm. A trusted partner to more than 900 clients, including 75 of the world’s top 100 enterprises, ISG is a long-time leader in technology and business services that is now at the forefront of leveraging AI to help organizations achieve operational excellence and faster growth. The firm, founded in 2006, is known for its proprietary market data, in-depth knowledge of provider ecosystems, and the expertise of its 1,600 professionals worldwide working together to help clients maximize the value of their technology investments.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250707503202/en/

Given the damage data breaches can cause, strategies for identity management, data recovery and threat detection and response are essential. Providers are using AI to improve all categories of security software, so enterprises need to stay informed.