Executive Summary

The CISO AI market is splitting into two buyer questions. The first is defensive: how do security teams protect models, copilots, agents, data, code, and identity? The second is operating: how do CISOs use AI to run security with more speed, better follow-through, and less analyst drag? The strongest first-party signal is agent access — 22 of 40 small-base responses mentioned securing AI agents and their access. Data leakage and shadow AI followed, each with 10 of 40 any-mentions.

Funding is not settled. In the small-base funding question, a dedicated budget line and case-by-case buying tied at 14 of 40 any-mentions each, 8 of 40 were carved from existing security budget, and 6 of 40 had no AI security spend yet. The applicant pool is broader than security leads alone — 35 of 79 responses came from security leads, with the remaining responses answering no, other, or security-adjacent leadership. The signal is qualified interest, not verified buying.

“The CISO buyer is not asking for more AI language. They are asking who has access, what can leak, and who owns the risk when an agent acts.”Murray Newlands, founder, Open Future Forum

That means the market is real, but proof needs to be narrow: one workflow, one risk owner, one budget source, one sign-off path, and visible value inside two quarters. This is a market map in the CB Insights style. It is not a vendor ranking. Vendors are not scored, ranked, or placed on axes.

Part One: The CISO AI Market Map

The taxonomy follows how CISO teams work: protecting AI systems, detecting threats, controlling access, reducing exposure, securing code, protecting data, proving controls, and running security operations.

How to read the map

Start with workflow fit. A security buyer usually frames AI through work already owned by the security team. Then test proof — the demand overlay shows that proof, budget logic, and sign-off paths matter as much as product category. Read indirect categories with care. Cloud exposure, AppSec, GRC, and operating workflow claims fit the CISO map, but the survey set did not ask category-specific budget questions for them. Some vendors appear in more than one category where their product spans workflows.

1. AI agent, model and LLM security

AI applications, LLM systems, agent permissions, runtime protection, red teaming, and model-risk controls.

Demand signal — Strong

Agent security is the clearest demand signal. 22 of 40 small-base responses mentioned securing AI agents and their access.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
Noma SecurityCategory leaderNoma Security discovers, secures, and protects AI applications, models, agents, and AI supply chains across the AI lifecycle.V02
LakeraCategory leaderLakera provides AI guardrails for live agents and applications, including access controls, runtime protection, and data-leak prevention.V03
HiddenLayerCategory leaderHiddenLayer secures AI with model scanning, red teaming, threat detection, and controls for safe AI adoption.V04
Protect AICategory leaderProtect AI secures AI applications from model selection and testing through runtime, now part of Palo Alto Networks.V07
CalypsoAICategory leaderCalypsoAI provides adaptive AI security, real-time threat monitoring, and audit-ready governance for AI systems, now part of F5.V08, V65
Agentic FabriqEmergingAgentic Fabriq gives enterprises a control layer for AI agents, defining and enforcing what each agent can access and do for every user, with central credential management and action-level audit trails.V01
Lasso SecurityEmergingLasso Security gives enterprises visibility, control, red teaming, and runtime protection across AI models, agents, and applications.V05
Pillar SecurityEmergingPillar Security secures AI agents from design to runtime with visibility, control, and runtime defense for agentic workflows.V06

2. Threat detection, response and AI SOC

AI-assisted detection, investigation, incident handling, alert triage, threat hunting, and SOC response.

Demand signal — Directional

The survey set includes attacks that use AI, but only 6 of 40 responses named it. SOC claims need proof inside the buyer’s alert flow.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
Microsoft Security CopilotIncumbentMicrosoft Security Copilot uses generative AI to help security and IT teams investigate threats, process signals, and respond at machine speed.V09
CrowdStrike Charlotte AIIncumbentCrowdStrike Charlotte AI acts as an AI analyst inside the Falcon platform to help triage, investigate, and respond to security work.V10
Palo Alto Cortex XSIAMIncumbentPalo Alto Cortex XSIAM unifies SOC data, analytics, detection, incident management, automation, threat intelligence, and response workflows.V11
SentinelOne Purple AICategory leaderSentinelOne Purple AI brings natural-language investigation and AI-assisted threat hunting into the Singularity security platform.V12
Google Security OperationsIncumbentGoogle Security Operations combines Google threat intelligence, Mandiant expertise, and security operations workflows for detection and response.V13
DarktraceCategory leaderDarktrace uses self-learning AI to detect, investigate, and respond to threats across enterprise environments.V14
ExabeamCategory leaderExabeam applies behavioral analytics and AI to help security teams detect, investigate, and respond to threats.V15
Dropzone AIEmergingDropzone AI uses AI agents to investigate alerts inside existing SOC environments without replacing the security stack.V16

3. Identity, access and non-human identity

Human, machine, service, token, API, and agent identities that can reach sensitive tools or data.

Demand signal — Strong, read through the agent question

22 of 40 responses named securing AI agents and their access, and agent access is an identity, privilege, and non-human access problem. There is no identity-specific question in the survey set.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
CyberArkIncumbentCyberArk secures agentic AI by managing agent identities, privileges, and access to sensitive resources.V18
SaviyntCategory leaderSaviynt discovers AI agents, maps access, and manages posture risks inside identity governance workflows.V19
SailPointCategory leaderSailPoint uses AI-driven identity security to improve visibility, governance, and identity workflows across enterprise access.V20
BeyondTrustCategory leaderBeyondTrust covers privileged access, endpoint privilege, and identity security controls for high-risk access paths.V21
Astrix SecurityCategory leaderAstrix Security secures non-human connections across SaaS, third-party apps, service accounts, tokens, and API access.V23
Oasis SecurityEmergingOasis Security focuses on non-human identity management across service accounts, tokens, API keys, and machine identities.V22
Agentic FabriqEmergingAgentic Fabriq manages agent identity and delegated user context, enforcing per-agent, per-user access with credential handling and action-level audit trails.V01
SGNLEmergingSGNL applies continuous access evaluation to human, machine, and AI identities, with announced acquisition by CrowdStrike.V24, V66

4. Cloud, exposure and validation

Cloud posture, AI workload exposure, vulnerability context, attack validation, and exploitable risk.

Demand signal — Thin and indirect

The survey set does not ask a cloud or exposure-specific question. Exposure claims still fit the security workflow, but proof should be treated as category-specific work for the vendor.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
WizCategory leaderWiz connects code, cloud, runtime, and AI security context to help teams find and fix exploitable cloud risks.V25
Orca SecurityCategory leaderOrca Security provides cloud security and exposure management across cloud assets, workloads, identities, data, and risks.V26
Tenable One AI ExposureIncumbentTenable One AI Exposure adds AI exposure data to broader exposure management so teams can view AI risk beside IT, cloud, identity, and OT risk.V27
QualysIncumbentQualys provides vulnerability, asset, exposure, cloud, and compliance management for enterprise security programs.V28
Rapid7Category leaderRapid7 combines exposure management, vulnerability management, threat detection, and cloud risk workflows.V29
Palo Alto Prisma CloudIncumbentPalo Alto Prisma Cloud secures cloud-native applications across code, cloud infrastructure, workloads, identities, and runtime risk.V30
PenteraCategory leaderPentera runs AI-driven adversarial testing in production to validate exploitability and prioritize remediation.V31
Picus SecurityCategory leaderPicus Security validates security controls and attack paths so teams can test whether defenses stop known threats.V32

5. Application, code and software supply chain security

AI-generated code, AppSec, SCA, secrets, APIs, ASPM, and secure development workflows.

Demand signal — Thin and indirect

The survey set does not ask an AppSec-specific question. Code and supply-chain claims still fit the CISO workflow, but proof should be treated as category-specific work for the vendor.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
SnykCategory leaderSnyk validates AI-generated code, governs development agents, and secures AI-native applications.V33
GitHub Advanced SecurityIncumbentGitHub Advanced Security uses Copilot Autofix and CodeQL context to suggest fixes for code scanning alerts and reduce security defects.V34
SemgrepCategory leaderSemgrep scans source code and supply-chain risk with AI-assisted SAST, SCA, and developer security workflows.V35
ApiiroCategory leaderApiiro maps application risk to code owners, business context, and AI-driven development workflows.V36
VeracodeCategory leaderVeracode provides application risk management, static analysis, dynamic testing, and software supply-chain security.V37
CheckmarxCategory leaderCheckmarx secures code, APIs, open-source components, secrets, and infrastructure-as-code across the SDLC.V38
Endor LabsEmergingEndor Labs helps teams manage open-source dependency risk, package selection, and software supply-chain exposure.V39
Aikido SecurityEmergingAikido Security combines code, cloud, open-source, container, secrets, and domain risk into one developer-facing security product.V40

6. Data security and AI data leakage

DSPM, DLP, sensitive-data discovery, AI data access, and exposure through copilots or agents.

Demand signal — Moderate

Data leakage is a clear concern. 10 of 40 small-base responses mentioned data leaking into AI models.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
VaronisCategory leaderVaronis prevents sensitive data exposure through AI copilots, AI agents, and large enterprise data stores.V41
CyeraCategory leaderCyera discovers, classifies, governs, and protects sensitive data across cloud, SaaS, on-prem, and AI systems.V42
BigIDCategory leaderBigID combines DSPM, DLP, data access governance, privacy, and AI governance for sensitive data control.V43
SentraCategory leaderSentra provides DSPM and data security controls for cloud data and AI agent access paths.V44
NormalyzeEmergingNormalyze maps sensitive data, access, and risk across cloud data stores for data security posture management.V45
Nightfall AIEmergingNightfall AI detects and protects sensitive data across SaaS, email, endpoints, and AI use cases.V46
Polymer DLPEmergingPolymer DLP applies AI-assisted data loss prevention to SaaS collaboration tools and sensitive data workflows.V47
RubrikIncumbentRubrik combines cyber recovery, data security, and AI-assisted investigation for ransomware and data resilience programs.V48

7. GRC, compliance and cyber risk

Security compliance, audit, control evidence, third-party risk, and business-level cyber risk.

Demand signal — Thin and indirect

The survey set does not ask a GRC-specific question. Risk and compliance claims still fit the CISO workflow, but proof should be treated as category-specific work for the vendor.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
DrataCategory leaderDrata uses AI agents to automate compliance, risk, assurance, evidence work, and security posture proof.V49
VantaCategory leaderVanta automates security and compliance work with AI support for risk assessments, evidence, and ongoing monitoring.V50
SecureframeCategory leaderSecureframe automates compliance, risk management, vendor reviews, and security questionnaire workflows.V51
SprintoCategory leaderSprinto automates security compliance, evidence collection, risk workflows, and audit readiness for growing teams.V52
AnecdotesCategory leaderAnecdotes provides an AI-native enterprise GRC platform for audits, risk, evidence, and continuous control monitoring.V53
AuditBoardCategory leaderAuditBoard connects audit, risk, compliance, and control workflows for security and assurance teams.V54
Diligent OneIncumbentDiligent One supports board, audit, risk, compliance, and governance workflows for executive and security risk reporting.V55
SAFE SecurityCategory leaderSAFE Security translates cyber risk into financial terms and adds AI-SPM, third-party risk, exposure, and risk quantification workflows.V56

8. CISO operating system and security automation

AI chief-of-staff tools, workflow automation, SOC automation, response routing, and executive follow-through.

Demand signal — Thin and indirect

The survey set does not ask a security automation-specific question. Operating workflow claims still fit the CISO workflow, but proof should be treated as category-specific work for the vendor. The general funding read shows fragmented paths: a dedicated line and case-by-case buying tied at 14 of 40 any-mentions each, and 8 came from existing security budget.

Buyer proof need

One narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

ToolTierWhat it doesSource
TorqCategory leaderTorq uses AI agents and security automation to triage, investigate, and respond to SOC alerts.V58
TinesCategory leaderTines connects security and IT tools into governed AI workflows, agents, copilots, and automation paths.V59
BlinkOpsCategory leaderBlinkOps provides an agentic security operations platform for automating security work at scale.V60
SwimlaneCategory leaderSwimlane automates SOC, case management, response, and low-code security workflow processes.V61
D3 SecurityCategory leaderD3 Security provides security orchestration, incident response, and case management for SOC and MSSP teams.V62
AxariEmergingAxari gives CISOs and CIOs an AI chief of staff with digital workers that help run the security organization—from executive briefings and commitments to program execution, risk coordination, and organizational memory.V57
SimbianEmergingSimbian uses AI agents to execute security work across alerts, investigations, and operations tasks.V63
Radiant SecurityEmergingRadiant Security uses AI to triage alerts, investigate incidents, and guide SOC response work.V64

Table 1. CISO AI Market Map. Source: public vendor pages and public sources listed in the source register. Inclusion is editorial. No vendor paid for placement. Vendors are categorized only, not scored or ranked.

Cohort Quadrant

This is the only quadrant-style chart in the report. It plots buyer cohorts, not vendors. The source instrument did not ask deployment stage, so the x-axis uses AI security urgency and the y-axis uses funding clarity. Cohorts can overlap because a buyer can face an AI agent risk, still lack a clean budget, and still need proof before spend.

Buyer cohort quadrant: AI security urgency vs funding clarity
Key takeaway A buyer can feel urgent about agent risk and still lack a clean budget. Figure 1. Base n=40 for funding and AI security problem questions. Cohorts may overlap. Vendors are not plotted.

Part Two: The Buying Reality

Finding 1: Agent access is the sharpest AI security concern

Bar chart: biggest AI security problem, base 40, any-mention. Securing AI agents and their access 55%, data leaking into AI models 25%, shadow AI 25%, attacks that use AI against us 15%, nothing urgent yet 8%.
Key takeaway Agent access is the control problem buyers name first. Open Future Forum application-stage survey responses, 2026. Base n=40, any-mention.

Agent access is the clearest small-base demand signal. That supports the rise of agent identity, agent access control, runtime guardrails, AI-SPM, and non-human identity tools.

“The market is not waiting for a perfect category name. It is forming around the control problems CISOs already own.”Murray Newlands, founder, Open Future Forum

Finding 2: Funding is real, but not always clean

Bar chart: source of AI security spend, base 40, any-mention. Its own budget line 35%, case by case 35%, carved from existing security budget 20%, no AI security spend yet 15%.
Key takeaway Budget exists, but the path to it is split four ways. Open Future Forum application-stage survey responses, 2026. Base n=40, any-mention.

A dedicated line and case-by-case buying tie at the top. For vendors, the sales motion needs to handle four paths: a new AI security line, a pull from existing security budget, case-by-case approval, or a watch-and-wait buyer.

Finding 3: The applicant pool included security leaders and adjacent buyers

Bar chart: role status, base 79, single-select. Yes or security lead 44%, no 33%, other 16%, security-adjacent leadership 6%.
Key takeaway The room is qualified interest, not verified buying. Open Future Forum application-stage survey responses, 2026. Base n=79, single-select.

The role-status base is broader than the problem and funding bases. It qualifies the room but does not turn the dataset into an attendance or market-share claim.

Finding 4: Control problems outrank attack novelty

Bar chart: grouped AI security concern, base 40, any-mention. Agent access or agent governance 55%, data leakage or shadow AI 42%, AI-powered attacks 15%.
Key takeaway Buyers worry more about what agents can do than what attackers can send. Open Future Forum application-stage survey responses, 2026. Base n=40, any-mention grouping.

The first-party signal points more to control problems than novelty. The strongest categories are those that can show who or what has access, what data can leak, and how actions are logged or stopped.

Finding 5: Most buyers have some funding path

Bar chart: grouped funding read, base 40. Some funding path 85%, no AI security spend yet 15%.
Key takeaway Money can exist. The gate is the path and its proof. Open Future Forum application-stage survey responses, 2026. Base n=40, responses grouped for this read.

Thirty-four of 40 funding responses point to some way to pay for AI security. The question for vendors is not whether money can exist. It is which path the buyer must use and what proof that path demands.

Market Debate

Is CISO AI becoming a new software category?

Yes, in the parts of the stack where AI creates new control surfaces. Gartner lists agentic AI oversight among the top cybersecurity trends for 2026, while Evanta reports that enabling and protecting AI emerged as a top CISO priority. J.P. Morgan also reports that AI-enabled cybersecurity companies attracted a large share of U.S. cyber deal activity through May 2026. Sources: E01, E02, E03.

The strongest case for a new category is agentic security. Agents need identity, permissions, tool access, memory, data boundaries, runtime logs, and kill paths. Traditional controls help, but they were not designed for autonomous software actors.

Or will CISO AI be absorbed into existing platforms?

Also yes. The incumbent path is clear. Microsoft, CrowdStrike, Palo Alto Networks, CyberArk, Varonis, and Tenable are embedding AI security or AI-assisted workflows into existing security platforms. That means some point tools will become features, while others will win by owning new control planes. Sources: V09, V10, V11, V18, V41, V27.

External sources are cited for context. They are not affiliated with this report and do not endorse it.

What the Numbers Look Like Inside the Rooms

The pattern is not that CISOs are anti-AI. The pattern is that they are being asked to secure AI adoption faster than governance processes can adjust.

Agent access is where the debate becomes concrete. CISOs can reason about identity, permissions, audit trails, and data access. They are less patient with abstract AI risk language when the product cannot name the control boundary.

Funding also shapes the room. A buyer with a dedicated AI security line can test a product as a new control. A buyer funding case by case needs a smaller proof plan. A buyer carving budget from security needs a displacement argument against an existing tool.

“The room does not reward the broadest platform claim. It rewards the vendor that can name the control, show the proof, and make the budget path obvious.”Murray Newlands, founder, Open Future Forum

No participant names, company names, or identifying details are included. This section follows the Chatham House Rule.

How CISOs and Vendors Should Use This Report

For CISOs

Use the taxonomy to compare which workflow owns the pain: SOC, identity, data, cloud, AppSec, GRC, or CISO operations. Map each category to the current budget path: new AI security line, existing security budget, case-by-case approval, or no spend yet. Then ask vendors for one narrow workflow, a named budget source, a clear sign-off path, and value visible inside two quarters.

For vendors

Start your message with the workflow you improve, not with broad AI claims. Build a budget narrative for all four paths and do not assume a clean new budget exists. Bring a proof path that shows one control, one owner, one integration, one measurable outcome, and one sign-off path.

Questions This Report Answers

What is the CISO AI Market Map?

It is a workflow-based map of AI tools that serve CISOs and security team needs in 2026.

Is this a vendor ranking?

No. Vendors are grouped by category. They are not scored, ranked, or placed on axes.

How were vendors selected?

Vendors were selected editorially from public information based on relevance to CISO workflows.

What is the demand overlay?

It is a first-party read of application-stage survey responses from Open Future Forum sessions in 2026.

What is the Enterprise AI Buying & Budget Index?

It is an Open Future Forum research series tracking how AI buying, budget, proof, and sign-off are changing inside executive communities.

Can vendors pay to be included?

No. No vendor paid for placement in this edition.


Methodology and Disclosure

For publication and citation

First-party source: one application-stage survey instrument fielded around an Open Future Forum session in 2026. Responses were collected through July 7, 2026, when the Edition 1 dataset was closed. Sample: 79 reportable application-stage survey responses after restricting analysis to survey-answer fields. These are not attendees and not registrations. Base variation: role-status question n=79; AI security problem question n=40; AI security funding question n=40. Multi-select: any-mention percentages are used and can sum past 100 percent. Small bases are directional; decimal precision is avoided. Privacy: no participant names, emails, company sizes, exact identifying counts, tenures, or identifying achievements are published; the underlying identity data is held privately. Limits: the data measures application-stage responses. It does not measure attendance, spend, contract value, deployment success, or vendor performance. External sources and vendor pages are used for context and vendor descriptions and are not affiliated with this report.

Vendor Inclusion Note

Vendor inclusion is editorial. The map is based on public information. No vendor paid for placement. Categorization is not an endorsement. The map does not score, rank, or evaluate vendor quality. During source review, no vendor in the map was identified as an Open Future Forum sponsor. Disclosure: Agentic Fabriq and Axari are Murray Newlands advisory clients. That relationship was not paid placement in this report, did not influence inclusion or categorization, and those vendors had no editorial input into this edition. Each vendor in the map had an active public product or company page during source review. No shut-down vendor was knowingly included. Acquisition notes were included for CalypsoAI, Protect AI, and SGNL where relevant.

About Open Future Forum

Open Future Forum is a private executive community in Silicon Valley, founded in 2019, with 100 events to date. It runs Forum Select, invite-only private events for C-suite executives, and Forum Events, open gatherings including panels. The CISO AI Market Map is part of its Enterprise AI Buying & Budget Index, alongside the CFO AI Market Map, the CFO AI Leverage Report, the CMO, CISO, and CEO AI Leverage Reports, the Executive AI Leverage Report, and the AI Transformation Report.

Sources

External sources are cited for context. They are not affiliated with this report and do not endorse it. URLs were live at the time of source review.

Vendor sources

KeySourceURL
V01Agentic Fabriq product pagehttps://www.agenticfabriq.com/
V02Noma Security product pagehttps://noma.security/
V03Lakera Guard product pagehttps://www.lakera.ai/lakera-guard
V04HiddenLayer product pagehttps://www.hiddenlayer.com/
V05Lasso Security product pagehttps://www.lasso.security/
V06Pillar Security product pagehttps://www.pillar.security/
V07Protect AI product pagehttps://protectai.com/
V08CalypsoAI product pagehttps://calypsoai.com/
V09Microsoft Security Copilot pagehttps://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-security-copilot
V10CrowdStrike Charlotte AI pagehttps://www.crowdstrike.com/en-us/platform/charlotte-ai/
V11Palo Alto Cortex XSIAM pagehttps://www.paloaltonetworks.com/cortex/cortex-xsiam
V12SentinelOne Purple AI pagehttps://www.sentinelone.com/platform/purple-ai/
V13Google Security Operations pagehttps://cloud.google.com/security/products/security-operations
V14Darktrace product pagehttps://darktrace.com/
V15Exabeam product pagehttps://www.exabeam.com/product/
V16Dropzone AI product pagehttps://www.dropzone.ai/
V18CyberArk secure agentic AI pagehttps://www.cyberark.com/solutions/secure-agentic-ai/
V19Saviynt Identity Security for AI pagehttps://saviynt.com/products/identity-security-for-ai
V20SailPoint IdentityAI pagehttps://www.sailpoint.com/products/identity-ai
V21BeyondTrust product pagehttps://www.beyondtrust.com/products
V22Oasis Security pagehttps://www.oasis.security/
V23Astrix Security pagehttps://www.astrix.security/
V24SGNL product pagehttps://sgnl.ai/
V25Wiz product pagehttps://www.wiz.io/
V26Orca Security product pagehttps://orca.security/
V27Tenable AI Exposure pagehttps://www.tenable.com/products/ai-exposure
V28Qualys product pagehttps://www.qualys.com/apps/
V29Rapid7 product pagehttps://www.rapid7.com/products/
V30Palo Alto Prisma Cloud pagehttps://www.paloaltonetworks.com/prisma/cloud
V31Pentera product pagehttps://pentera.io/
V32Picus Security product pagehttps://www.picussecurity.com/
V33Snyk product pagehttps://snyk.io/
V34GitHub Copilot Autofix docshttps://docs.github.com/en/code-security/concepts/code-scanning/copilot-autofix-for-code-scanning
V35Semgrep product pagehttps://semgrep.dev/
V36Apiiro product pagehttps://apiiro.com/
V37Veracode product pagehttps://www.veracode.com/products/
V38Checkmarx product pagehttps://checkmarx.com/product/
V39Endor Labs product pagehttps://www.endorlabs.com/
V40Aikido Security product pagehttps://www.aikido.dev/
V41Varonis AI Security pagehttps://www.varonis.com/solutions/ai-security
V42Cyera product pagehttps://www.cyera.com/
V43BigID product pagehttps://bigid.com/
V44Sentra product pagehttps://sentra.io/
V45Normalyze product pagehttps://normalyze.ai/
V46Nightfall AI product pagehttps://www.nightfall.ai/
V47Polymer DLP product pagehttps://www.polymerhq.io/
V48Rubrik product pagehttps://www.rubrik.com/
V49Drata product pagehttps://drata.com/products/ai
V50Vanta AI pagehttps://www.vanta.com/products/ai
V51Secureframe product pagehttps://secureframe.com/
V52Sprinto product pagehttps://sprinto.com/
V53Anecdotes product pagehttps://www.anecdotes.ai/
V54AuditBoard product pagehttps://www.auditboard.com/
V55Diligent One product pagehttps://www.diligent.com/products/diligent-one-platform
V56SAFE Security product pagehttps://safe.security/
V57Axari product pagehttps://www.axari.ai/
V58Torq AI SOC pagehttps://torq.io/ai-soc-platform/
V59Tines AI platform pagehttps://www.tines.com/platform/ai/
V60BlinkOps product pagehttps://www.blinkops.com/
V61Swimlane product pagehttps://swimlane.com/
V62D3 Security product pagehttps://d3security.com/
V63Simbian product pagehttps://simbian.ai/
V64Radiant Security product pagehttps://radiantsecurity.ai/
V65F5 note on CalypsoAI acquisitionhttps://www.f5.com/company/blog/securing-ai-models-and-agents-without-compromise
V66Reuters report on CrowdStrike and SGNLhttps://www.reuters.com/technology/crowdstrike-buy-identity-security-startup-sgnl-740-million-tackle-ai-threats-2026-01-08/

External context sources

Entity and press sources

KeySourceURL
P04Programming Insider coverage of Open Future Forum executive communitieshttps://programminginsider.com/why-open-future-forum-has-become-one-of-the-top-executive-communities/

External benchmarks are used for context only. They are not affiliated with this report and do not endorse it.

Disclaimer

This report is for informational purposes only. It is not investment, legal, tax, accounting, or procurement advice. Vendor inclusion is not an endorsement. External sources are cited for context only and do not endorse this report.

© 2026 Open Future Forum. All rights reserved. The CISO AI Market Map and the Enterprise AI Buying & Budget Index are works of Open Future Forum. No part may be reproduced or redistributed for commercial purposes without permission. Quotation for journalism, research, and commentary is welcome with attribution to Open Future Forum.

Murray Newlands
Murray Newlands
Founder, Open Future Forum

Murray Newlands is the founder of Open Future Forum. He is the author of Online Marketing: A User’s Manual (Wiley) and a Fellow of the Royal Society of Arts. He writes on AI, venture, and enterprise strategy.

CISO Executive Forum

Join the CISO Dinner Series

Private invitation-screened dinners for security leaders navigating AI budget decisions and vendor evaluation. Off the record. No vendors. No agenda.