Corero Network Security plc

https://www.corero.com/

Corero Network Security plc is a global leader specializing in Distributed Denial of Service (DDoS) defense solutions. The company's mission is to redefine DDoS protection and ensure uninterrupted service availability for businesses worldwide, contributing to the overall security and availability of the internet. Headquartered in London, United Kingdom, Corero also maintains key operational centers in Marlborough, Massachusetts, USA, and Edinburgh, UK.

Corero offers a comprehensive suite of products and services, primarily centered around its Corero SmartWall family, which includes SmartWall Threat Defense System appliances, SmartWall Threat Defense Director, and SmartWall Threat Defense Cloud, as well as SmartWall ONE. These solutions are designed for automatic attack detection and mitigation. The company also provides SecureWatch Managed Services, encompassing configuration optimization, monitoring, and mitigation response, alongside specialized services like Emergency Response, Security Optimization, and Forensic Investigation. Additionally, Corero's cloud-native CORE platform leverages AI-driven insights for application layer protection, zero trust admission control, advanced anti-bot protection, comprehensive threat intelligence, and real-time traffic analytics. Corero serves a diverse market, including service providers, hosting providers, co-location facilities, edge and SaaS providers, and digital enterprises.

Carl Herberger serves as the Chief Executive Officer, appointed in January 2024, leading a management team focused on innovation and market expansion. Recent strategic appointments include Michelle Ragusa-McBain as Global Channel Chief and VP of Channel Sales in January 2026, and Adrian Crawley as VP of International Sales in May 2025. The company reported strong full-year 2025 results, with a 23% increase in Annual Recurring Revenue (ARR) to $23.9 million and a 20% growth in order intake to $33.8 million, driven by the adoption of subscription-based and DDoS Protection-as-a-Service (DDPaaS) offerings. In January 2026, Corero secured two significant deals with Tier-1 telecommunications operators in the Asia-Pacific region, deploying its SmartWall ONE solution. Furthermore, Corero's April 2026 Threat Intelligence Report highlighted the evolving nature of DDoS attacks, with many now evading traditional defenses due to AI-driven, multi-vector threats, underscoring the relevance of Corero's advanced protection strategies. The company also maintains strategic alliances with industry leaders such as HPE + Juniper Networks, Akamai, and GTT.

Latest updates

DDoS Defenses Fail as AI-Driven Attacks Shrink and Accelerate

Event summary

  • Corero Network Security's 2026 Threat Intelligence Report reveals over half of sub-1 Gbps attacks are now below 200 Mbps, evading traditional defenses.
  • Attack campaigns now routinely combine 50+ vectors and adapt in real-time, with six-second pulse attacks becoming commonplace.
  • Peak DDoS attack sizes have increased 262% year-over-year, with terabit-scale attacks occurring in seconds.
  • More than 90% of attacks now last less than 10 minutes, rendering manual intervention impossible.
  • Corero attributes this shift to AI-driven automation, enabling attackers to identify vulnerabilities and adapt rapidly.

The big picture

Corero's findings highlight a fundamental breakdown in traditional DDoS defense models, driven by the increasing sophistication and automation enabled by AI. This represents a significant challenge for organizations of all sizes, particularly those with limited network capacity, as smaller, faster attacks can still cause substantial disruption. The need for real-time, automated mitigation is no longer a best practice but a critical requirement for maintaining service availability.

What we're watching

Adoption Rate
The pace at which organizations adopt automated, always-on DDoS protection solutions will determine their resilience against increasingly sophisticated attacks.
Competitive Response
How other cybersecurity vendors will adapt their offerings to address the shift towards low-volume, high-velocity attacks remains to be seen, potentially triggering a new wave of product development.
AI Arms Race
The ongoing evolution of AI-powered attack techniques will likely accelerate, requiring constant innovation in defensive strategies and potentially leading to a continuous escalation of capabilities.

Corero Wins Cyber Resilience Award, Signaling Shift in DDoS Protection Focus

Event summary

  • Corero Network Security received two Global InfoSec Awards in March 2026, including Publisher's Choice for Cyber Resilience.
  • The Publisher's Choice award highlights Corero's platform approach, extending beyond DDoS mitigation to include network visibility and operational control.
  • Corero's Cyber Resiliency Platform combines SmartWall ONE™, CORE, Zero Trust Admission Control (ZTAC), and managed services.
  • The company is listed on the London Stock Exchange's AIM market (CNS) and the US OTCQX Market (DDOSF).

The big picture

The awards underscore a growing recognition that effective cybersecurity extends beyond simply preventing attacks. Businesses are increasingly prioritizing continuous service availability and operational control, a trend that favors companies like Corero offering comprehensive cyber resilience platforms. This shift represents a potential expansion of the DDoS protection market beyond traditional security budgets into broader IT operational expense categories.

What we're watching

Market Perception
The Publisher's Choice award signals a broader industry shift away from solely focusing on attack blocking towards holistic cyber resilience, which could impact Corero’s marketing and sales strategies.
Platform Integration
The success of Corero's platform hinges on the seamless integration of SmartWall ONE™, CORE, and ZTAC; any integration challenges could hinder adoption and impact financial performance.
Competitive Landscape
The recognition from Cyber Defense Magazine, while positive, will likely intensify competition within the DDoS protection and cyber resilience market, requiring Corero to continually innovate to maintain its edge.

Corero's Subscription Model Drives 23% ARR Surge Amid Rising DDoS Threat

Event summary

  • Corero Network Security achieved 23% ARR growth, reaching $23.9 million for the year ended December 2025.
  • Order intake increased by 20% to $33.8 million, driven by subscription and DDoS Protection-as-a-Service (DDPaaS) adoption.
  • The company maintained a 98% customer retention rate, including a $6.8 million renewal and expansion deal with a leading U.S. cloud provider.
  • Corero expanded its global presence into Latin America, the Middle East, and APAC through strategic partnerships.

The big picture

The accelerating demand for real-time DDoS protection, fueled by the increasing sophistication and frequency of cyberattacks, validates Corero’s strategic shift towards subscription-based services. This trend reflects a broader market move towards 'as-a-service' models in cybersecurity, as organizations prioritize resilience and operational efficiency. Corero's success hinges on its ability to maintain technological leadership and expand its reach beyond its current partnerships.

What we're watching

Partner Dependency
The reliance on partnerships like TechEnabler and HPE Juniper for market access presents a risk if these relationships weaken or competitors gain traction with alternative alliances.
Cloud Provider Concentration
The significant renewal and expansion deal with a single U.S. cloud provider highlights a concentration risk; losing this customer would materially impact revenue.
400G Appliance Adoption
The continued adoption rate of SmartWall ONE™ 400G appliances will be a key indicator of Corero’s ability to maintain a competitive edge in the evolving DDoS protection landscape.

Corero's 'Star' Rating Signals DDoS Market Consolidation

Event summary

  • Corero Network Security has been designated a 'Star' in the MarketsandMarkets DDoS Protection & Mitigation Security Market report.
  • The report highlights Corero's strengths in regional presence, breadth of offering, vertical focus, and overall execution, earning 'Excellent' ratings across all categories.
  • The DDoS protection and mitigation market is projected to grow from $5.9 billion in 2025 to $10.6 billion by 2030, a 12.4% CAGR.
  • Corero utilizes hybrid integrations with partners like Akamai to provide layered resilience across cloud and on-premises environments.

The big picture

The rapid growth of the DDoS protection market reflects the escalating sophistication and frequency of cyberattacks targeting both enterprises and critical infrastructure. Corero's recognition underscores the increasing demand for specialized, real-time mitigation solutions that can deliver performance without disruption. The 'Star' designation signals a potential inflection point for Corero, positioning it to capitalize on this expanding market, but also highlighting the competitive pressures inherent in a rapidly consolidating sector.

What we're watching

Market Positioning
The 'Star' designation suggests Corero is gaining ground against larger competitors; analysts should monitor if this translates to increased market share and revenue growth.
Partner Reliance
Corero's reliance on integrations with companies like Akamai introduces potential dependency risk; the terms of these partnerships and their impact on Corero's margins warrant close observation.
National Infrastructure
Continued selection by critical national infrastructure providers is a key revenue driver; any shifts in government procurement practices or security priorities could significantly impact Corero's future prospects.

Corero Expands DDoS Protection in LatAm via EdgeUno Partnership

Event summary

  • Corero Network Security and EdgeUno have partnered to offer automated DDoS protection as a managed service across Latin America.
  • The service will initially target EdgeUno's IP Transit customers, with expansion planned for enterprises and service providers.
  • Corero's SmartWall ONE™ platform underpins the new offering.
  • EdgeUno operates a network spanning 17 countries and over 50 data centers across the Americas.

The big picture

The partnership highlights the growing demand for specialized cybersecurity services in Latin America, driven by increasing cyberattacks and a need for robust business continuity solutions. EdgeUno’s extensive regional network provides Corero with a significant distribution channel, accelerating its expansion beyond existing markets. This move reflects a broader trend of security vendors leveraging regional connectivity providers to deliver localized, managed services.

What we're watching

Regional Adoption
The speed of adoption by EdgeUno's customer base will be a key indicator of the partnership's success and Corero's penetration into the Latin American market, given the phased rollout.
Competitive Landscape
How Corero and EdgeUno’s combined offering will differentiate against existing DDoS protection providers in the region, particularly those with established local presence, will be crucial for market share gains.
Service Economics
The pricing model and margin structure of the managed service will determine its long-term profitability and Corero's ability to scale the partnership sustainably.

Corero Secures APAC Deals, Highlights DDoS Protection-as-a-Service Trend

Event summary

  • Corero Network Security secured two contracts with Tier-1 telecommunications operators in the Asia-Pacific (APAC) region.
  • One operator is leveraging Corero to protect up to 500Gbps of network capacity.
  • The second operator intends to use Corero to offer DDoS Protection-as-a-Service (DPaaS) to enterprise and consumer customers.
  • The wins underscore growing demand for automated DDoS protection and differentiated security services in APAC.

The big picture

The APAC region represents a significant growth opportunity for cybersecurity firms, driven by increasing network capacity and a heightened awareness of DDoS threats. Corero's wins highlight the trend of telecommunications operators seeking to monetize security services, transforming DDoS protection from a cost center into a revenue generator. The reliance on DPaaS suggests a broader shift towards consumption-based security models within the telecom sector.

What we're watching

Service Adoption
The success of Corero's DPaaS model will depend on the willingness of APAC operators to embrace and market these services to their customers, which could be impacted by regional pricing sensitivities and competitive offerings.
Scalability
Corero's ability to maintain its performance and cost-effectiveness as it scales to protect increasingly larger networks, particularly beyond the 500Gbps demonstrated, will be a key determinant of future contract wins.
Competitive Landscape
The emergence of alternative DDoS mitigation solutions and the potential for in-house development by Tier-1 operators could erode Corero’s market share and pricing power in the long term.

Corero Secures APAC Deals, Bolstering DDoS Protection-as-a-Service Trend

Event summary

  • Corero Network Security secured two contracts with Tier-1 telecommunications operators in the Asia-Pacific (APAC) region.
  • One operator is utilizing Corero to protect up to 500Gbps of network capacity.
  • The second operator is leveraging Corero to offer DDoS Protection-as-a-Service (DPaaS) to enterprise and consumer customers.
  • The deals underscore growing demand for automated DDoS protection and resilience in APAC.

The big picture

The wins highlight the increasing importance of DDoS protection for telecommunications operators, particularly in high-growth regions like APAC. The trend towards offering DDoS protection as a managed service (DPaaS) represents a shift towards recurring revenue models and increased value-added services for telecom providers. These contracts suggest Corero is positioned to capitalize on this trend, but execution and competitive pressures remain key factors.

What we're watching

Revenue Impact
The actual contract values and ramp-up timelines will be critical to assess the immediate financial impact on Corero's revenue stream, given the scale of the Tier-1 operators.
DPaaS Adoption
The success of Corero’s DPaaS offering will depend on the willingness of Tier-1 operators to embrace and market this service to their customers, which could be influenced by pricing and perceived value.
Competitive Landscape
Corero’s ability to maintain its competitive advantage in the APAC DDoS protection market will hinge on its continued innovation and ability to differentiate its solutions from larger, established players.

Corero Secures Latin American Foothold with Auben Networks Partnership

Event summary

  • Corero Network Security has partnered with Argentina-based Auben Networks to expand its DDoS protection services in Latin America.
  • Auben will resell Corero’s full portfolio, including the SmartWall ONE platform, across Argentina, Chile, and neighboring markets.
  • This marks Corero’s first regional partnership in Argentina and aims to strengthen its presence in Mexico.
  • The partnership is intended to address rising demand for DDoS protection driven by accelerating digital transformation in Latin America.

The big picture

The partnership highlights the growing demand for specialized cybersecurity solutions in Latin America, driven by increased digital adoption and a rising threat landscape. Corero’s move to leverage a regional partner like Auben demonstrates a shift towards localized distribution models to overcome market entry barriers and compete effectively against larger, global players. This strategy is increasingly common for Western cybersecurity firms seeking to penetrate emerging markets.

What we're watching

Regional Adoption
The success of this partnership hinges on Auben’s ability to effectively integrate Corero’s solutions and gain traction with local service providers and enterprises, which will dictate the speed of expansion beyond Argentina.
Mexico Penetration
Corero’s stated goal of strengthening its footprint in Mexico will depend on Auben’s ability to navigate the competitive landscape and build trust within the Mexican market, given the presence of established players.
Competitive Response
Other DDoS protection providers may react to Corero’s expansion into Latin America, potentially intensifying competition and requiring Corero to demonstrate a clear value proposition to maintain market share.

Corero Network Security Posts 23% ARR Growth, Displaces Incumbents in DDoS Protection

Event summary

  • Corero Network Security achieved 23% year-over-year ARR growth, reaching $23.9 million in full-year 2025.
  • Growth was primarily driven by displacing existing DDoS and network security vendors, indicating a shift in market preference.
  • The company expanded geographically across North America, EMEA, APAC, and Latin America.
  • Corero is increasingly adopting subscription-based and DDoS Protection-as-a-Service (DDoS PaaS) models.
  • Strong customer retention rates suggest continued demand and validation of Corero’s solutions.

The big picture

Corero's success highlights the increasing importance of automated, real-time DDoS protection as cyberattacks become more sophisticated and frequent. The company's ability to displace incumbents suggests a growing dissatisfaction with existing solutions, potentially signaling a broader shift in the network security market. The company's geographic expansion indicates a global demand for its services, but also exposes it to varying regulatory environments and economic conditions.

What we're watching

Competitive Dynamics
The pace at which Corero can continue to displace established vendors will be crucial for sustaining its growth trajectory, as incumbents likely respond with competitive offerings or pricing pressure.
Partner Reliance
Corero's reliance on strategic alliances (HPE, Juniper, Akamai, GTT) introduces a degree of dependency; changes in these partnerships could impact deployment speed and market reach.
Subscription Adoption
The shift towards subscription-based and DDoS PaaS models will determine the predictability of Corero’s revenue stream and its ability to attract larger enterprise clients.

Corero Taps Channel Veteran as DDoS Protection Market Intensifies

Event summary

  • Corero Network Security appointed Michelle Ragusa-McBain as Vice President of Channel Sales, effective January 8, 2026.
  • Ragusa-McBain brings over 20 years of experience in cybersecurity, SaaS, and IT, previously holding leadership roles at Cisco, SonicWall, and CompuCom.
  • The appointment signals a renewed focus on partner-led growth and expansion of Corero’s go-to-market strategy.
  • Ragusa-McBain has received multiple industry recognitions, including CRN Top 10 Channel Chiefs and CompTIA Woman of the Year.

The big picture

The appointment of a seasoned channel executive like Ragusa-McBain underscores the growing importance of indirect sales in the cybersecurity sector. As DDoS attacks become more sophisticated and prevalent, specialized protection solutions require broader distribution networks to reach a wider range of potential customers, particularly SMBs. Corero’s move signals a strategic shift towards leveraging partners to accelerate growth and expand market share in a competitive landscape.

What we're watching

Channel Effectiveness
The success of Corero’s strategy hinges on Ragusa-McBain’s ability to rapidly integrate and motivate the existing partner network, and whether she can attract new, high-value partners.
Market Saturation
The DDoS protection market is increasingly competitive; Corero must demonstrate that its adaptive, real-time approach offers a distinct advantage over rivals to justify increased channel investment.
Financial Impact
The pace at which partner-led growth translates into measurable revenue increases will be a key indicator of the appointment’s overall impact on Corero’s financial performance.
CID: 386