Vendor Ratings
All rated cybersecurity consulting firms.
12 firms rated as of February 2026. Sorted by CSCF Analyst Rating™. Scores are 0–100 composites; see methodology for how each dimension is evaluated.
| Firm | Tier | Score | Technical | Specialization | Scale Fit | Value | Presence | Pricing | |
|---|---|---|---|---|---|---|---|---|---|
| Coalfire | 88 | 20 | 19 | 18 | 17 | 14 | $100k+ | Profile → | |
| NetSPI | 86 | 20 | 18 | 17 | 17 | 14 | $50k-$100k | Profile → | |
| GuidePoint Security | 85 | 19 | 18 | 18 | 16 | 14 | $100k+ | Profile → | |
| Schellman | 84 | 19 | 20 | 17 | 16 | 12 | $50k-$100k | Profile → | |
| TrustedSec | 82 | 20 | 17 | 15 | 16 | 14 | $25k-$50k | Profile → | |
| Tevora | 78 | 18 | 17 | 17 | 16 | 10 | $50k-$100k | Profile → | |
| CynergisTek | 76 | 18 | 20 | 15 | 15 | 8 | $50k-$100k | Profile → | |
| Praetorian | 75 | 19 | 16 | 14 | 15 | 11 | $50k-$100k | Profile → | |
| Clearwater Compliance | 73 | 17 | 19 | 14 | 14 | 9 | $25k-$50k | Profile → | |
| Black Hills Information Security | 72 | 19 | 15 | 13 | 14 | 11 | $25k-$50k | Profile → | |
| Blumira | 65 | 15 | 16 | 18 | 16 | 0 | $10k-$25k | Profile → | |
| Cycurity | 62 | 16 | 17 | 16 | 14 | 0 | $100k+ | Profile → |
Leaders
Coalfire
Compliance & Risk Management
Cybersecurity advisory and assessment services for compliance and risk management
NetSPI
Penetration Testing
Penetration testing and attack surface management at enterprise scale
GuidePoint Security
vCISO / MDR
Cybersecurity solutions focusing on detection, response, and security transformation
Strong Performers
Schellman
Compliance Auditing
Independent compliance assessment and certification for SOC, ISO, HITRUST, and more
TrustedSec
Penetration Testing
Offensive security and penetration testing specialists
Tevora
Compliance / vCISO
Cybersecurity consulting specializing in compliance, risk management, and vCISO services
CynergisTek
Healthcare Cybersecurity
Healthcare-exclusive cybersecurity and privacy consulting
Praetorian
AppSec / Cloud Security
Offensive security firm specializing in application and cloud security
Clearwater Compliance
Healthcare Compliance
Healthcare privacy, security, and compliance solutions
Black Hills Information Security
Penetration Testing
Penetration testing, training, and security assessments with a focus on practical security
Contenders
Blumira
Managed Security (SMB)
Automated security monitoring and threat detection for small to mid-sized organizations
Cycurity
vCISO
vCISO services and security program management for mid-market companies
CSCF Analyst Ratings are version 1.0, published February 2026. Based on publicly available information. Ratings are reviewed quarterly. Read the full methodology.