Cybersecurity remains one of the clearest secular growth areas in public equities because the attack surface keeps expanding while the cost of breaches, ransomware, identity theft, and cloud misconfiguration keeps rising. AI is intensifying that urgency on both sides: defenders are using automation to reduce alert fatigue and speed response, while attackers are using AI to scale phishing, social engineering, and exploit development. That dynamic keeps security spending high on the enterprise priority list even when broader IT budgets are scrutinized more closely.
For investors, the sector is best understood in layers: identity and access management, network and SASE, endpoint and XDR, security subscriptions, and broader platform vendors that bundle multiple modules into one operating system for security teams. Recent results reinforce the durability of demand. CrowdStrike reported fiscal 2026 revenue of $4.81 billion and ending ARR of $5.25 billion, while Zscaler said fiscal 2025 revenue rose 23% to $2.67 billion and ARR exceeded $3 billion. Fortinet and Check Point also showed meaningful growth in security subscription revenue, supporting the case for recurring, high-visibility business models.
This list focuses on cybersecurity companies with commercially proven platforms, recurring revenue exposure, and financial profiles that still matter when the market gets selective. The picks are ranked in countdown order from No. 7 to No. 1 based on overall investment quality, balancing business strength, growth, profitability, and valuation support. That means the best pick appears at the end, not the beginning.
We screened for US-listed cybersecurity-related companies with market capitalizations above $500 million, then ranked them primarily on investment quality using our composite grade alongside profitability, growth, valuation, and earnings execution. We also considered whether each company has a clearly defined security platform tied directly to real customer outcomes such as identity protection, zero-trust access, endpoint defense, cloud security, or security operations. This is a countdown, so the names appear from No. 7 to No. 1, with the strongest overall setup reserved for the final section.
What they do. The company is an identity-focused security platform built around single sign-on, adaptive MFA, API access management, universal directory, identity governance, privileged access, and Auth0. Okta sells cloud-based identity infrastructure that helps enterprises secure access to applications, devices, APIs, hybrid environments, and now AI agents, making it one of the clearest pure-play ways to invest in identity-centric security.
Why it fits. Identity is a foundational layer in modern cybersecurity, especially as zero-trust architectures move decision-making closer to the user, device, and workload. Okta’s portfolio spans workforce identity, customer identity, identity threat protection, posture management, and governance, which aligns directly with the market’s shift toward identity-centric controls and cloud-delivered security.
Numbers that matter. Okta generated $2.92 billion in revenue, with year-over-year revenue growth of 11.6% and earnings growth of 170.8%. Profitability has improved meaningfully, with a 77.4% gross margin, 6.57% operating margin, and 8.05% net margin. The trailing P/E is 64.12, but the forward P/E drops to 22.42, which helps explain why the valuation picture looks better on forward earnings than on trailing results.
Recent momentum. Okta has beaten EPS estimates in 7 straight reported quarters, including a 40.0% surprise in March 2026 and an 11.7% surprise in May 2025. Analysts remain cautious rather than aggressive, with 8 Buy, 18 Hold, and 1 Sell ratings, but the average target of $100.21 still sits above current levels. With its next earnings report scheduled for May 28, execution remains the key near-term catalyst.
What they do. The company is a long-established cybersecurity vendor spanning cloud, network, mobile, endpoint, IoT, workspace security, threat exposure management, AI security, and cyber services. Its product set includes firewalls, hyperscale firewall offerings, XDR, email and browser security, managed detection and response, and consulting services, giving Check Point a broad installed-base model anchored in enterprise security infrastructure.
Why it fits. Check Point fits this theme because cybersecurity buyers increasingly want fewer vendors covering more layers of the stack, and the company already spans network, workspace, cloud, and AI security. It is especially relevant for investors who want exposure to durable enterprise security spending without relying entirely on the highest-multiple growth names.
Numbers that matter. Check Point produced $2.76 billion in revenue with 4.8% year-over-year revenue growth and 5.8% earnings growth. Its profitability profile is elite: 87.7% gross margin, 27.69% operating margin, and 38.37% net margin, plus ROE of 38.02% and ROA of 7.79%. Valuation is also restrained relative to most cybersecurity peers, with a trailing P/E of 13.20 and forward P/E of 12.08.
Recent momentum. The company has beaten EPS estimates in 7 of the last 8 quarters, including a 23.2% surprise in February 2026 and a 5.5% surprise in April 2026. Analyst sentiment is measured, with 3 Buy and 22 Hold ratings, which is typical for a steadier, mature security name. The average target stands at $144.32, and the next earnings report is due July 29.
What they do. The company provides cybersecurity and converged networking-security solutions built around FortiOS, FortiGate firewalls, SASE, secure connectivity, cloud security, AI-driven security operations, endpoint protection, XDR, NDR, DLP, and threat intelligence services. Fortinet’s model combines hardware, software, and recurring security services, which gives it exposure to both product refresh cycles and subscription revenue.
Why it fits. Fortinet sits at the intersection of network security, SASE, security operations, and recurring subscriptions, all of which are central to the current cybersecurity spending cycle. As enterprises consolidate vendors and look for integrated operating systems for security teams, Fortinet’s Security Fabric and unified platform approach are strategically well aligned with that demand.
Numbers that matter. Fortinet generated $7.11 billion in revenue, with revenue growth of 20.1% and earnings growth of 28.6% year over year. Margins are strong across the board, including an 80.3% gross margin, 31.28% operating margin, and 27.49% net margin, while ROE stands at 132.39% and ROA at 13.59%. The trade-off is valuation: the trailing P/E is 50.58 and the forward P/E is 43.10, which is not cheap for a company already operating at scale.
Recent momentum. Fortinet has beaten EPS estimates in 7 consecutive reported quarters, including a 32.3% surprise in May 2026 and a 25.9% surprise in February 2025. Even so, analysts are more restrained than enthusiastic, with 7 Buy and 27 Hold ratings, and the average target is $107.17. That combination suggests investors already recognize the quality, but debate how much upside remains after the stock’s strong run.
Get AI research on any stock
Instant reports, daily intelligence, and an AI analyst in your pocket.
What they do. The company is a cloud security specialist built around zero-trust access, internet security, private application access, zero-trust firewall, browser isolation, data protection, cloud security posture tools, and security operations offerings. Zscaler’s architecture is designed for cloud-delivered security rather than legacy perimeter hardware, making it one of the purest public-market plays on zero-trust networking.
Why it fits. Zero-trust remains one of the most important structural shifts in enterprise security, and Zscaler is directly tied to that trend through products such as Zscaler Internet Access, Zscaler Private Access, Zero Trust Branch, and data security offerings. The theme context is especially supportive here because the company’s fiscal 2025 revenue rose 23% to $2.67 billion and ARR exceeded $3 billion, underscoring durable adoption.
Numbers that matter. Zscaler generated $3.00 billion in revenue and posted 25.9% year-over-year revenue growth, one of the stronger growth rates on this list. Gross margin remains high at 76.6%, but profitability is still a work in progress, with operating margin of -6.2% and net margin of -2.25%. The trailing P/E is not meaningful because EPS is -0.44, though the forward P/E is 37.74, reflecting expectations for a sharp earnings improvement.
Recent momentum. Zscaler has beaten EPS estimates in 7 straight quarters, including a 12.2% surprise in February 2026 and a 36.4% positive surprise in November 2025. Analyst sentiment is constructive, with 9 Buy, 11 Hold, and 1 Sell ratings, and the average target is $223.39. The next earnings report is scheduled for May 26, which could be an important checkpoint for whether strong growth is translating into cleaner profitability.
What they do. The company is one of the broadest platform vendors in cybersecurity, spanning network security, SASE through Prisma Access, cloud-native application protection, AI security through Prisma AIRS, and security operations via Cortex XSIAM, XDR, XSOAR, and Xpanse. Palo Alto also sells subscription services and professional services, giving it a diversified revenue base across products, software, and ongoing security operations.
Why it fits. Palo Alto fits this list because it is directly aligned with the market’s push toward platform consolidation. Instead of betting on a single security layer, investors get exposure to network security, cloud security, AI security, and security operations in one scaled vendor, which is increasingly attractive as enterprises try to simplify tool sprawl and unify workflows.
Numbers that matter. Palo Alto generated $9.89 billion in revenue, with year-over-year revenue growth of 14.9% and earnings growth of 60.5%. Profitability is solid for a growth-oriented security platform, with a 73.5% gross margin, 15.5% operating margin, and 12.96% net margin. The main valuation challenge is obvious: the trailing P/E is 132.67 and the forward P/E is 60.24, so investors are paying a premium for scale and breadth.
Recent momentum. The company has beaten EPS estimates in 7 straight quarters, including a 9.6% surprise in February 2026 and a 6.7% surprise in August 2025. Analysts remain constructive, with 11 Buy and 13 Hold ratings, though the average target of $214.66 suggests expectations are not uniformly aggressive. With the next earnings report due June 2, investors will be watching whether platform consolidation continues to support durable growth.
Pick #2Subscribers only
Subscribers see this pick's full breakdown — investment thesis, key financial metrics, recent earnings execution, and analyst consensus.
Subscribers get the complete breakdown — pick rationale, financial metrics, and recent earnings detail.
This monthly screen starts with US-listed cybersecurity and security-adjacent software companies above $500 million in market value. From there, the ranking emphasizes investment quality using our composite grade, primary-source financial data, profitability measures, growth rates, valuation multiples, and earnings consistency. We also require a clear connection between the company’s commercial platform and real cybersecurity outcomes, such as identity protection, zero-trust access, endpoint defense, cloud security, or security operations. Because the list is refreshed regularly, spot prices are not used in the ranking itself; the focus is on business quality and financial setup rather than short-term trading moves.
▌The Daily Briefing · Free
A new stock idea, every evening.
One stock worth watching each weekday, plus the analysis behind it. Free, in your inbox.
