A Walk Through of the New Analyst Dashboard

Still the only platform for researching the cybersecurity industry.

Version 6 of the Analyst Dashboard for cybersecurity industry research is a dramatic update to the user interface with some useful new tools.

Creating a great data tool on the cybersecurity industry starts with knowing all the cybersecurity product vendors. You can’t do that with Google. You cannot even find all the vendors in a particular category using search. ChatGPT is no help either. You have to do the heavy lifting of combing through tens of thousands of possible candidates on Linkedin (41,000), Pitchbook (25,000), Crunchbase (15,000), and hundreds of conference sites. The vast majority are consulting firms (pentesting), resellers, and distributors.

The next step is the most important: categorizing the product vendors into buckets. I expect GPT5 to be able to do this but for now it has to be done manually by an industry expert, there is no other way. If an existing analyst firm wanted to evolve into a data-driven analyst firm such as IT-Harvest they would need to assign the categorization task to ten very busy analysts who would have to devote 400 hours each to the task.

A quick calculation: I assume the fully burdended cost of an experienced cybersecurity analyst is at least my last salary as an analyst at Gartner ($187K in 2004) plus 25% for benefits. Thus, $117/hr X 4,000 hours = $468,000 to categorize the 3,754 cybersecurity vendors (don’t forget for every vendor you categorize yoiu have to evaluate ten and discard nine). But that does not come close to the opportunity cost. Gartner charges well over $3,000/hr for an analyst’s time.

Once you know all the vendors, and have captured data on each of them, you can answer questions that could not be answered in any other way. How many vendors are headquartered in Seattle? Austin? Boston? London? Paris?

List the vendors in Seattle sorted by year founded? No problem.

Output to a spreadsheet? Here you go.

If you also collect data on all the investors in each of the 1,700+ funded companies, you end up with another database of 8,000+ investors, from angels to the largest PE firms. Now you can do portfolio analysis on those investors. Here is BVPs portfolio of 37 cybersecurity investments.

And here is the biggest question we have asked: How many cybersecurity products are there? To answer that you have to analyze the product pages of 3,754 vendors and pull their products into a database. We have been doing that over the last eight weeks. We are up to 9,579 this morning. Based on the number we have scanned I expect the total, by the time we are done with this first pass, to be 18,000 products. That begs the question: How do companies find and select products from the 300 or so represented by 26 Gartner Magic Quadrants? It seems like having a little more data might help find a better match.

I’ve already described how much effort it is to categorize all the vendors. How do you find vendors of particular products? We built a search tool. In this example it turns up 158 products that have descriptions that mention “quantum.”

Wait! You can search on MITRE ATT&CK Technique?? Sure. Here are ten products that address T1586 Compromise accounts.

If you want to learn more about where this product database is going, feel free to reach out. In the meantime here is the latest demo of the Dashboard.

Comments

[H V]

Awesome work, looks like a great tool.