SC Awards

2026 Trust Awards finalists announced ahead of RSA Conference

For 29 years, the SC Awards have recognized companies and individuals driving innovation in cybersecurity — those working every day to defend our digital world and advance the practice of information security.

This year 39 esteemed judges volunteered their time and expertise to evaluate 497 submissions across 33 categories.

SC Awards:

We are proud to announce the 2026 SC Awards finalists today. Winners will be revealed at the RSA Conference 2026 in San Francisco on March 24.

Trust Awards

These awards recognize excellence in information security products and services across the industry. Judges evaluated not only the strength of each cybersecurity solution, but also the real-world problems it addresses and its impact in the market.

Criteria included functionality, manageability, ease of use, scalability, customer service and support, and overall value.

BEST AI /ML DATA ANALYTICS SECURITY SOLUTION

New generative artificial intelligence (GenAI) and machine learning (ML) technologies have helped cybersecurity elevate existing solutions and drive the creation of new ones. This category focused on excellence in leveraging the GenAI/AI/ML in applications such as detecting anomalies in large language/data models, juggling threat intel with vulnerability research, behavioral analytics, or building predictive threat models.

Finalists:

  • Abnormal AI
  • Anomali
  • Dropzone AI
  • Exabeam
  • SentinelOne

BEST API SECURITY SOLUTION

The rapid transition to cloud computing, reliance on multiple cloud environments, and the prevalence of mobile devices and applications to support business operations, have led to piling threats tied to application programming interfaces. Failure to lockdown an API can result in unauthorized access to otherwise secure networks.

Products in this category help prevent or mitigate attacks on APIs by addressing any of three API security categories described by the OWASP Foundation:

API Security Posture, providing visibility into the security state of a collection of APIs

API Runtime Security, detecting and preventing malicious requests to an API

API Security Testing, evaluating the security of a running API by interacting with the API dynamically

Finalists:

  • Cequence Security
  • Fastly
  • Wallarm

BEST APPLICATION SECURITY SOLUTION

The OWASP Automated Threat Handbook provides key industry standards by which organizations should set their security controls to detect and mitigate threats occurring through malicious internet-based automation attacks.

Such assaults, from spamming, credential stuffing, CAPTCHA defeat, fraudulent account creation, Denial of Service (DoS) and still more, can cause monetary and brand damage to companies experiencing them.

This is where technologies such as web application firewalls (WAFs) and bot mitigation technologies and services come into play. WAFs typically use deep-packet inspection, provide logging and reporting, block real-time traffic, provide alerting capabilities and auto-update features, perform web caching, provide content filtering, offer web-based access to reporting and/or logging, protect traffic from reaching the underlying operating system, and filter application traffic to only legitimate requests. Bot mitigation solutions, have also proven increasingly useful to organizations trying to avoid falling victim to malicious web automation attacks.

Finalists:

  • CrowdStrike
  • Minimus
  • OX Security
  • RoonCyber
  • Veracode

BEST AUTHENTICATION TECHNOLOGY

Products here provide enhanced security to end-users or devices by offering credentials for access to an authenticator or authentication server. Software and hardware that specializes in the biometric authentication of users is also included here. These solutions may use a tangible device (something you have) for authentication and knowledge (something you know) for authentication. For biometrics, the solution provides identification and authentication using any of the following methods: finger/thumb print/retinal scan/voice recognition/hand/palm geometry/facial recognition. Solutions that include behavioral analytics for authentication also fall into this category.

Finalists:

  • DigiCert
  • Imprivata
  • 1Kosmos
  • Portnox
  • Prove Identity

BEST BUSINESS CONTINUITY/DISASTER/RANSOMWARE RECOVERY SOLUTION

Almost daily, organizations of all sizes are impacted by cyberattacks, which puts whole systems, databases and files at risk. Nation-state attacks and unexpected weather events have also prompted companies to be more prepared for down-time and interested in quick recovery strategies to keep their businesses up and running.

Solutions for this category can support various components of backup, business continuity and disaster recovery plans and efforts - from supporting back-up protocol when systems have been threatened or taken offline to addressing infrastructure demands to get back up and running in the event of physical disasters or online attacks by insiders and outside malicious actors, inside or outside the organization.

Finalists:

  • Cohesity
  • Commvault
  • CrashPlan
  • Fenix24
  • Veeam

BEST CLOUD SECURITY MANAGEMENT SOLUTION

Cloud breaches stem from a number of common cloud management issues including misconfigurations (CSPM), workload protection (CWPP), Security Incident and Event Management (SIEM), Secure Access Service Edge (SASE) and more.

Solutions for this category help ensure security in the configuration and management of cloud environments and may also include any security tools that are designed to monitor the cloud infrastructure in real time enforcement of security policy.

Finalists

  • CrowdStrike
  • Delinea
  • Qualys
  • Sweet Security
  • Wiz

BEST CLOUD WORKLOAD PROTECTION SOLUTION

Business decisions vary in the types of assets that are maintained in the cloud, and for each of those assets, there are often distinct security considerations.

Solutions for this category provide protection to the containers, servers and code that reside in the cloud. They may help define risks associated with cloud workloads, and should contribute to their performance, availability, and security

Finalists:

  • Aqua Security
  • CrowdStrike
  • Impart
  • Oligo Security
  • Orca Security

BEST CONTINUOUS THREAT EXPOSURE MANAGEMENT SOLUTION

Continuous Threat Exposure Management (CTEM) involves identifying, assessing and mitigating vulnerabilities in an organization's publicly accessible IT assets and services.

Entrants to this category show best-of-breed technology for web application scanning, domain certificate monitoring, network perimeter scanning, third-party service assessment, misconfigured cloud assets and unpatched software and systems.

Finalists:

  • AISLE
  • Cobalt
  • Reach Security
  • RedSeal
  • Zafran

BEST DATA SECURITY SOLUTION

Securing data is critical for any organization and presents the greatest potential risk. Solutions in this category focus first and foremost on the protection of data from unauthorized access and data corruption throughout its lifecycle. They may include data encryption, data discovery and classification and data loss prevention.

Finalists:

  • Bedrock Data
  • Concentric AI
  • Deep Instinct
  • OPSWAT
  • Symmetry Systems

BEST ENDPOINT SECURITY SOLUTION

Increasingly, endpoint devices with applications are exchanging data on corporate networks. Examples for this broad category include employee laptops, handsets, tablets and also IoT devices such as security systems, cameras and virtual machines.

Products in this category center around the collapsing network perimeter and those devices that have direct or indirect access to corporate resources. Each of these devices require strong endpoint security, point-to-point encryption and more. Security can be for data at rest in the device itself, secure access to data in the enterprise, and encryption for data in motion between the enterprise and the device. It also includes anything from hard disk encryption solutions, and tools that track lost mobile devices to USB/thumb drive security solutions.

Finalists:

  • CrowdStrike
  • Huntress
  • TXOne Networks
  • SentinelOne
  • WatchGuard Technologies

BEST IDENTITY MANAGEMENT SOLUTION

As a core pillar of zero trust, identity security protects all types of identities across the enterprise human or machine, to detect and prevent breaches.

Products in this category address the identity management life cycle in an enterprise environment, including password management, user provisioning and enterprise-access management.

Finalists:

  • CrowdStrike
  • ID Dataweb
  • Okta
  • Silverfort
  • Teleport

BEST INSIDER THREAT SOLUTION

Modern insider threats in organizations and businesses range from intentional malicious acts, unintentional errors, or negligence. Solutions nominated for this category include ones that help cybersecurity teams reduce the impact of credential sharing, accidental data exposure, risky shadow IT, social engineering and network and lateral network access control.

Finalists:

  • Darktrace
  • EchoMark Inc.
  • Securonix
  • SpyCloud
  • Vectra AI

BEST MANAGED DETECTION AND RESPONSE SERVICE

These offerings provide remotely-delivered security operations center capabilities to detect, investigate and mitigate incidents. MDR services typically combine advanced analytics, threat intelligence, and human expertise.

Finalists:

  • Arctic Wolf
  • Blackpoint Cyber
  • CrowdStrike
  • Huntress
  • ThreatLocker

BEST MANAGED SECURITY SERVICE

These offerings provide a turnkey approach to an organization’s primary technical security needs. They can either be a collocated device at the client’s organization facility or can be a completely outsourced solution where the application to be protected would reside at the vendor’s data center.

Finalists:

  • CDW Canada
  • Huntress
  • LevelBlue
  • UltraViolet Cyber

BEST RISK/POLICY MANAGEMENT SOLUTION

These products measure, analyze and report risk, as well as enforce and update configuration policies within the enterprise, including but not limited to network, encryption, software, and hardware devices.

Contenders’ products offer a reporting format that covers the frameworks of multiple regulatory requirements, such as SarbanesOxley, Gramm-Leach-Bliley and other acts and industry regulations. In addition, this feature should be network-centric, provide reporting to a central administrator and allow companies to centrally manage the product.

Products are enterprise-centric; collect data across the network, including threats and vulnerabilities; report associated risk, endpoint configuration, enforcement, auditing and reporting; provide remediation options (but are not exclusively patch management systems); and, finally, offer centralized reports based on regulatory requirements and local policies.

Finalists:

  • AlgoSec
  • Optro
  • Cynomi
  • FireMon
  • Keyfactor

BEST SASE SOLUTION

Efforts by businesses to implement a zero-trust model require effective management of network visibility of user activity and access. Solutions for this category contribute to that effort, offering secure access service edge (SASE) to combine wide area networking, or WAN, and network security services into a single cloud offering. They enable secure, policy-based access to the appropriate application or data regardless of user or device location.

Finalists:

  • Aryaka
  • Booz Allen Hamilton
  • Cato Networks
  • Fortinet
  • Zenarmor

BEST SECURE MESSAGING SOLUTION

Messaging security addresses the ability to exchange messages securely whether it be email, a collaboration platform or cross-platform messaging apps to send text, voice or video communications.

Solutions ensure the privacy of sensitive messages, limit the repercussions of forgery, and manage other aspects of safeguarding messaging within business communications. These products are enterprise-centric and should have, but are not required to have, some form of centralized management. They may include spam filters, content filters, malware safeguards, unauthorized content (sometimes called “extrusion protection” or “data leakage protection”), phishing and other types of undesirable content. However, these are not simply anti-spam filters. They typically provide features such as encryption, digital signatures, automatic shredding of messages and attachments and more.

Finalists:

  • Barracuda
  • Darktrace
  • Proofpoint
  • SendSafely
  • StrongestLayer

BEST SUPPLY CHAIN SECURITY SOLUTION

Cybersecurity supply chain risks are vulnerabilities and threats that exist within the supply chain of information technology systems and products. These types of threats are behind the massive SolarWinds breach and costly hacks tied to the MOVEit vulnerability. Products in this category provide solutions that might add code and component transparency, validate development tools and address third- and fourth-party risks.

Finalists:

  • Bitsight
  • Black Duck
  • Black Kite
  • Checkmarx
  • RunSafe Security

BEST THREAT DETECTION TECHNOLOGY

Closely aligned to threat intelligence technologies and processes, threat detection techniques have necessarily graduated from simpler network-based detection solutions to technologies focused on improving detection times, alerting and mitigating attacks as they are happening. Not only can a wide range of organizations now readily fall victim to an attack, bad actors can often infiltrate systems undetected, leveraging various points of entry and methods of obfuscation.

As such, products in this category deliver solutions that offer detection and/or remediation capabilities for the entire network, including mobile devices, cloud applications, IoT-based devices and more. This category includes deception technologies that detect threats, then automates the creation, deployment, and management of digital traps (decoys), lures and deceits to engage and prompt the attacker into revealing their trade craft, tools and techniques.

Finalists:

  • CrowdStrike
  • ExtraHop
  • Gurucul
  • Oligo Security
  • Permiso Security

BEST THREAT INTELLIGENCE TECHNOLOGY

Products in this category help cybersecurity teams research and analyze cybercrime and other threat trends and any technical developments being made by those engaging in cyber-criminal activity against both private and public entities.

These technologies facilitate the understanding and contextual relevance of various types of data, often an overwhelming amount, collected from internal network devices, as well as from external sources, such as open source tools, social media platforms, the dark web and more.

Armed with these more digestible analyses on risks and cyberthreats, cybersecurity teams should be able to enhance their tactical plans preparing for and reacting to an infrastructure intrusion prior to, during and after an attack, ultimately improving their overall security posture so their long-term security strategy is more predictive rather than simply reactive.

Finalists:

  • Anomali
  • Armis
  • CrowdStrike
  • Flashpoint
  • Intel 471

BEST VULNERABILITY MANAGEMENT SOLUTION

An increasingly sophisticated threat landscape requires ongoing efforts to track potential security gaps within networks and systems. These products perform network/device vulnerability assessment and/or penetration testing. They may use active or passive testing and are either hardware-or-software-based solutions that report vulnerabilities using some standard format/reference.

Finalists:

  • ArmorCode
  • NopSec
  • Nucleus Security
  • Phosphorus Cybersecurity
  • Spektion

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds