EB SECURITIES: Under the generative AI wave, the upgrade of network security attack and defense, the emerging network security architecture is flourishing

According to the information from Zhitong Finance and Economics APP, EB SECURITIES released a research report stating that with the continuous advancement of enterprise digital transformation, traditional network security architecture is struggling to adapt to the trends in industries such as cloud computing, Internet of Things, and AI. Emerging network security architectures are flourishing and are expected to continue to change the industry competitive landscape, allowing more competitive suppliers to stand out. Under the current wave of generative AI, network security is facing extensive and profound changes. While the threshold for network attacks is decreasing, AI technology is enhancing threat detection capabilities and providing functions such as automated security assessment and vulnerability repair, significantly reducing the threshold for security personnel.

Stock Performance and Valuation: In 23, the stock prices of major network security companies in the US significantly outperformed the market, mainly driven by valuation increases. Companies like CrowdStrike, Palo Alto Networks, Zscaler showed strong stock performance. As of 24M4, the PS valuation of most network security companies is below the five-year average.

Strong Corporate Network Security Spending: Global information security spending in 24 is expected to grow by 14.3% year-on-year, with rapid growth in sub-sectors such as cloud security, data privacy security, and infrastructure protection. A CIO survey shows that in 24, 80% of enterprises increased their network security investments, with the proportion of network security in IT budgets increasing year by year.

Generative AI Enhances Network Security Attack and Defense: The threshold for network attacks is lowering, with an increase in the number of network attacks in 23. Social engineering attacks and web application attacks are made easier with the help of generative AI. However, AI also strengthens the monitoring and response capabilities of network security tools: 1) AI/ML technologies enhance threat detection and security protection capabilities; 2) Generate visual security logs; 3) Embed AI assistants to lower technical thresholds.

The Network Security Industry Chain Covers Endpoint Security, Network Monitoring, Permission Management, and Other Links: 1) Endpoint Security: including threat intelligence and identification, security assessment and risk management, defense technology deployment, etc.; 2) Network Monitoring: including cloud security, security information and event management, etc.; 3) Permission Management: including identity and access management, data privacy protection, etc.; 4) Others: including emergency response and incident handling, security training, compliance, etc.

Endpoint Security: Microsoft and CrowdStrike Forming a Duopoly: Endpoint security aims to protect devices accessing the network, mainly divided into EPP, EDR, XDR three types. In 22, the global market share of the top two endpoint security companies, Microsoft and CrowdStrike, were 19% and 15% respectively. There is an overall trend of supplier integration, with these two companies leading in third-party competitive landscape and security technology evaluations.

Cloud Security: Cloud development brings about changes in network security architecture, and the competitive landscape is still unstable: Cloud security solutions are mainly divided into CNAPP, CWPP, CSPM types, with Trend Micro and Palo Alto Networks as leading enterprises. Compared to the endpoint security market, the cloud security market is more fragmented, with CrowdStrike having a more advanced technology evaluation Identity and Access Management/Security Information and Event Management: Mature Market, Stable Competitive Landscape. The Identity and Access Management market is expected to achieve a CAGR of 13.2% from 2024 to 2032, with leaders being Okta and Microsoft; the Security Information and Event Management market is expected to achieve a CAGR of 17.1% from 2024 to 2029.

Secure Access Service Edge (SASE): Rapidly Growing Emerging Network Security Architecture. With the rise of edge computing, cloud services, and hybrid networks, the SASE architecture can address the complexity and latency issues of traditional architectures. Core technologies of SASE include edge computing, zero-trust network access, etc. Netskope, Zscaler, and Palo Alto Networks are leaders in the Secure Service Edge (SSE) industry.

Investment Recommendation: Initiate coverage with a "Buy" rating on the U.S. cybersecurity industry, recommend Microsoft, CrowdStrike, and suggest monitoring Zscaler.

Risk Warning: Intensified industry competition risk, AI technology development falling short of expectations, industry policy risks