Engineering, IT & AI · 69 categories

Security & Compliance

Security and compliance software covers the tools organizations use to protect systems, data, and networks from threats while meeting regulatory obligations, spanning identity and access management, vulnerability scanning, endpoint protection, SIEM, GRC platforms, and audit management across IT and security teams.

Last assessed June 2026 · re-scored quarterly via The Continuum.

Categories in Security & Compliance

Build or buy Active Directory / Identity Posture & Attack Path Management? Build or buy AI / LLM Runtime Security (AI Firewall & Guardrails)? Build or buy AI / LLM Security (Runtime Guardrails & AI-SPM)? Build or buy AI Model Supply-Chain Security (Model Scanning & AI-BOM)? Build or buy API Security? Build or buy Bot Management & Abuse Prevention? Build or buy Breach & Attack Simulation (BAS)? Build or buy Business Continuity Management (BCM) Software? Build or buy Certificate Lifecycle Management (CLM) / Machine Identity? Build or buy Certificate of Insurance (COI) Tracking & Compliance? Build or buy Cloud Access Security Broker (CASB)? Build or buy Cloud Infrastructure Entitlement Management (CIEM)? Build or buy Container & Kubernetes Runtime Security (CWPP)? Build or buy Customer Identity & Access Management (CIAM)? Build or buy Cyber Asset Attack Surface Management (CAASM)? Build or buy Cyber Deception Technology / Distributed Honeypots? Build or buy Cyber Threat Intelligence (CTI) Platform? Build or buy Cyber-Physical Systems (CPS) / Connected-Device Security Platform? Build or buy Data Loss Prevention (DLP)? Build or buy Data Security Posture Management (DSPM)? Build or buy DDoS Protection? Build or buy Digital Forensics & Incident Response (DFIR) Tooling? Build or buy Digital Risk Protection / Brand Protection & Takedown? Build or buy Digital Risk Protection & Dark Web Monitoring? Build or buy Email Security? Build or buy Endpoint Detection & Response (EDR)? Build or buy Enterprise Risk Management (ERM) Platform? Build or buy Enterprise Secrets Management? Build or buy Enterprise Secure Browser? Build or buy Environmental, Health & Safety (EHS) Management Software? Build or buy Extended Detection & Response (XDR)? Build or buy External Attack Surface Management (EASM)? Build or buy FedRAMP / Government Compliance Authorization Software? Build or buy GRC? Build or buy GRC Automation (Compliance Automation)? Build or buy Identity & Access Management (IAM)? Build or buy Identity Governance & Administration (IGA)? Build or buy Identity Threat Detection & Response (ITDR)? Build or buy Internal Audit Management Software? Build or buy Microsegmentation / Zero Trust Network Segmentation? Build or buy Multi-Factor Authentication (MFA)? Build or buy Next-Gen Firewall (NGFW)? Build or buy Non-Human Identity (NHI) Security & Governance? Build or buy Operational Resilience / DORA Management Software? Build or buy OT / ICS Security Platform? Build or buy Passwordless & Phishing-Resistant Authentication? Build or buy PCI DSS Compliance & Scope Management? Build or buy Penetration Testing as a Service (PTaaS)? Build or buy Privacy Rights / DSAR Automation? Build or buy Privileged Access Management (PAM)? Build or buy Protective DNS / DNS Filtering? Build or buy Regulatory Intelligence? Build or buy Remote Browser Isolation (RBI)? Build or buy Retail Loss Prevention & Shrink Analytics? Build or buy SaaS Security Posture Management (SSPM)? Build or buy Secrets Management? Build or buy Secure Remote Access for OT (Privileged OT/ICS Access)? Build or buy Security Awareness Training & Phishing Simulation? Build or buy Security Data Pipeline Platform (SDPP / Telemetry Pipeline)? Build or buy Security Orchestration, Automation & Response (SOAR)? Build or buy SIEM? Build or buy Single Sign-On (SSO)? Build or buy Software Supply Chain Security / Malicious-Package & Build-Integrity Protection? Build or buy SOX Compliance & Internal Controls Management? Build or buy Third-Party Risk Management? Build or buy Vendor Risk Management? Build or buy Vulnerability Management? Build or buy Web Application Firewall (WAF)? Build or buy Workload Identity & Secretless Access (Machine IAM)?

More in Engineering, IT & AI

Dev & Engineering IT Operations AI & Machine Learning Bioinformatics & Scientific Data Management Satellite Mission Operations & Ground Control Industrial Control & SCADA Geospatial Intelligence & Earth Observation Connected Vehicle Platform

Every category is scored on two axes, strategic differentiation and AI feasibility, and classified Build, Buy, Bridge, or Beware. See the full B4 framework.

The Build Report

Bi-weekly analysis of software categories through the B4 Framework. What to build, what to buy, and how to use AI to make better decisions for your company.