Why Security Buying Has Become Harder
Enterprise security buying is not getting simpler. Security teams are evaluating more vendors across more categories, under tighter scrutiny, with more stakeholders involved. That complexity is one reason CISO Whisperer’s new TVC Analyst Official Sales Leaders Rankings feels well-timed.
Rather than focusing on the technology stack alone, the report turns to the people leading the commercial efforts behind the vendors trying to win those decisions. The report was developed in collaboration with Onfire.
The argument behind it is straightforward. Cybersecurity now spans identity, cloud protection, threat intelligence, application security, and security analytics. Organizations operate across public cloud, SaaS, edge environments, remote endpoints, APIs, and hybrid infrastructure. Traditional perimeter defenses have weakened, identity has become more central to defense strategy, and compliance requirements increasingly shape purchase decisions.
In short, the security market is wider, more operationally important, and harder to navigate.
Measuring Commercial Leadership in Cybersecurity
That environment has elevated the role of commercial leadership. CISO Whisperer describes modern revenue leaders as executives responsible not just for hitting targets, but for coordinating global sales teams, ecosystem partnerships, customer expansion, operations, and strategic growth.
In cybersecurity, where products may require technical validation and lengthy stakeholder review, those responsibilities are especially important. The ranking’s methodology is built accordingly, using sales organization growth, market positioning, and aggregated industry signals to produce a total score.
That approach frames commercial leadership as a serious market variable. It suggests that enterprise complexity does not only reward strong products. It also rewards the companies best able to explain, position, and scale those products.
The Full Ranked Field
The list starts with Trellix at No. 1, represented by Chief Revenue Officer Natalie Polson. The company posts 50 percent sales growth and a total score of 100. Corelight is second with Chief Revenue Officer Kevin Williams at 42 percent and a score of 88. Netskope follows with Chief Revenue Officer Raphaël Bousquet, showing 27 percent growth and a score of 78. Okta is fourth with Steve Finch, Vice President, Sales Development, at 20 percent growth and 75 points. Imperva rounds out the top five with Rob Elliss, VP Worldwide Sales, Application & Data Security, at 12 percent growth and a score of 70.
The middle of the ranking includes AppViewX and Marc Lecuyer, iboss and Joe Cosmano, Invicti Security and Noel Slane, Abnormal AI and Kevin Moore, and Qualys and Shawn O’Brien. It then continues with Delinea and Jessica Krowel, Rubrik and Mike Tornincasa, Keysight and Steve Yoon, Black Duck and Tom Herrmann, and ExtraHop and Michelle Reynaud. Intel 471 and Gerard Simon appear at No. 16 and are notable for the ranking’s highest sales growth rate at 82 percent. Proofpoint with Rich Green and Barracuda with Miles Persky follow, while Contrast Security with Jack Ekelof and Checkmarx with Yigal Elstein complete the list.
The Categories Behind the Momentum
The report also gives brief category framing to many of these companies, and that matters because it explains why the list spans such a range. Corelight and ExtraHop are tied to network detection and response. Netskope is linked to security service edge. Okta and Delinea reflect identity and privileged access priorities. Imperva, Invicti Security, Black Duck, and Checkmarx sit in different parts of the application and software security world. Rubrik represents cyber resilience and recovery. Qualys remains important in vulnerability management and cloud monitoring. Proofpoint and Abnormal AI are associated with email and human-centric risk. Intel 471 reflects demand for threat intelligence. AppViewX’s presence points to machine identity and certificate lifecycle management. Barracuda remains visible with SMB and mid-market customers. Keysight brings testing and validation into the picture.
This breadth lines up with the report’s larger observations. It says go-to-market investment is accelerating and that categories such as cloud security platforms, identity and access management, security service edge, application security testing, and network detection and response show especially strong momentum.
Why These Results Matter to the Industry
Seen through that lens, the ranking is less about rewarding familiar names than about describing where commercial energy is concentrating. It shows which vendors appear to be investing in sales capacity, which categories are attracting enterprise attention, and which leaders are associated with that movement.
CISO Whisperer’s report suggests that in a complicated buying environment, the companies that stand out are often the ones with commercial organizations built for that complexity. That makes the ranking useful not just as recognition, but as a way to understand how cybersecurity demand is being translated into expansion.