Some administrators who logged in last week found their on-premises Microsoft SharePoint servers silently uploading web shells instead of documents. A single, carefully forged packet had slipped past every guardrail and granted attackers full remote control before any human had typed a password.
What unfolded is now known as the ToolShell exploit chain. Security researchers at the Dutch firm Eye Security noticed an unusual file on a client’s server and sounded the alarm.
Thousands of organizations worldwide use SharePoint.
Does this prove that hackers are becoming better and more dangerous? The uncomfortable answer is yes. As the internet becomes the primary place where corporations store their valuable data, cybersecurity is only going to get more important.
Here are three cybersecurity stocks that have seen positive price action since the exploit. They have also topped Barchart’s cybersecurity stocks list, sorted by analyst recommendations.
CyberArk Software (CYBR) is not as familiar as a name as CrowdStrike (CRWD) or Palo Alto (PANW), but the Israeli company has built its reputation on privileged access management. More than half of Fortune 500 companies and roughly 35% of the Global 2000 rely on CyberArk to lock down the credentials that attackers prize most.
Its solutions portfolio stretches from the classic Privileged Access Manager to newer software-as-a-service offerings such as Privilege Cloud, Endpoint Privilege Manager, and Secure Cloud Access, all unified under an identity security platform that now includes machine identities and, most recently, artificial intelligence agents.
Q1 revenue increased 43% to $318 million. Subscription sales grew 60% year-over-year, and annual recurring revenue crossed the $1 billion mark for the first time at $1.215 billion. 85% of that total now comes from subscriptions rather than older perpetual licenses.
Management guided full-year revenue to roughly $1.3 billion, implying 31.5% growth without assuming any additional large deals.
The mean price target here is $449, with targets going up to $500.
Broadcom (AVGO) is as much a cybersecurity company as it is a chip designer. It acquired the Symantec division in 2019, and its Endpoint Security Complete is now the default choice for enterprises that run virtual machines like VMware.
