• After a volatile stretch, cybersecurity stocks have regained momentum, with Leiodos, Fortinet and Zscaler leading the rebound.
• It’s happening with the help of platform expansion, AI integration and growth of recurring revenue.
• Fortinet offers scale, profitability and deep platform penetration, while Zscaler remains a high-growth leader in Zero Trust cloud-native security.
• For investors who value durability over hype, Leidos offers a more-grounded opportunity, thanks to government contracts, steady execution and more reasonable prices.

Cybersecurity stocks have been quietly staging a comeback. They’re back in rally mode after a stretch marked by product fatigue and macro-driven pullbacks. Fortinet (FTNT) has surged 70% over the past year, while Zscaler (ZS) is up 50%, driven by renewed enthusiasm for AI-enabled threat detection and zero-trust architectures. Leidos (LDOS), by contrast, has taken a steadier path — rising just 10% but with deep ties to federal cyber operations and consistent execution.

The bigger picture? Global cybersecurity spending is expected to top $212 billion in 2025. And new cyber investments are fueled by four converging forces: the rise of generative AI, widespread cloud migration, a critical shortage of cyber talent and growing regulatory pressure. With cybercrime now costing the global economy trillions of dollars annually, organizations aren’t just protecting data anymore — they’re defending their entire digital infrastructure.

Generative AI is at the center of this shift as both a weapon and a shield. Attackers are using it to craft increasingly sophisticated phishing attacks and polymorphic malware, while defenders are deploying AI-powered tools for faster threat detection and automated response. Meanwhile, the move to cloud infrastructure has dismantled established network perimeters, expanding the attack surface and accelerating demand for secure access and identity technology.

To make matters worse, a global shortage of cybersecurity experts is leaving 4 million roles unfilled in the face of an increasingly complex regulatory environment. The takeaway is clear: cybersecurity is no longer optional. It’s a board-level priority. From Cloud Security Posture Management (CSPM) to Identity and Access Management (IAM), companies are reshaping the ways they manage digital risk — and investors are paying attention.

For investors looking to navigate the next leg of growth in cybersecurity, the question isn’t just who’s leading today. It’s who can keep delivering as budgets tighten, threats evolve and expectations reset. Today, we help answer that question.

Fortinet: Firewalls meet full-stack security

While it doesn’t command the spotlight like megacap cloud names or flashy AI startups, Fortinet is becoming one of the most important players in modern cybersecurity. Long known for its dominance in network firewalls, where it accounts for more than half of global deployments, the company is undergoing a strategic transformation.

In 2025, Fortinet has clearly shifted from a hardware-focused vendor to a full-scale, AI-enabled security platform. Its FortiOS operating system now powers an impressive array of integrated tools for cloud, network and endpoint protection. This convergence strategy is gaining traction: Most of the company’s global salesforce is now certified on its new AI suite, helping to fuel growth in two of its fastest-growing segments — unified secure access service edge (SASE) and security operations. 

That transformation is showing up in the numbers. In Q1, Fortinet reported $1.5 billion in revenue, up nearly 14% year-over-year. Product revenue rose 12%, but the real driver is services, which grew 14% and accounted for more than two-thirds of total sales. That shift toward higher-margin offerings helped the company deliver a record non-GAAP operating margin of 34%, along with $783 million in free cash flow, a staggering 51% margin.

Looking ahead, management expects full-year revenue to reach as high as $6.9 billion, with earnings per share continuing to beat Wall Street estimates, thanks to a combination of expanding margins and ongoing share buybacks. Annual recurring revenue (ARR) tied to Unified SASE now stands at $1.2 billion, while AI-powered Security Operations ARR has reached $434 million, both supporting the company’s guidance for double-digit growth in EPS (earnings per share) through at least fiscal year 2027.

Still, the stock isn’t cheap. After a 70% run over the past 12 months, Fortinet trades at 44x trailing earnings, 13x sales and over 42x book value — multiples that dwarf the sector median. Bulls argue the company’s margin profile justifies those numbers. It has $1.9 billion in annual free cash flow, and its subscription durability is increasing. Bears point to the crowded competitive field, with names like Zscaler, Palo Alto Networks (PANW) and CrowdStrike (CRWD) vying for share. It also faces the risk of tariffs because of 95% of Fortinet’s hardware manufacturing is located in Taiwan. Analyst sentiment is also mixed: while many acknowledge the company’s leadership and platform momentum, the majority of coverage now skews neutral, with 28 of 46 analysts rating the stock a “hold” and an average price target just above current levels.

For investors considering an entry, the current setup isn’t especially compelling. Fortinet is executing at a high level by expanding margins, growing its base of recurring revenue and steadily returning capital to shareholders. But with expectations already priced in and valuation multiples stretched well above sector averages, the stock now looks more like a momentum “hold” than a fresh breakout “buy.”

That’s not a knock on the fundamentals. Long-term, Fortinet’s trajectory remains strong, particularly if AI-driven adoption and the shift toward subscription-based services continue to accelerate. But in the near term, a better entry point could materialize if the market reacts to a tariff-related supply chain disruption, a broader macro hiccup or a rotation out of richly valued software names.

The bottom line is that Fortinet has evolved into one of the most resilient and profitable names in cybersecurity. The long-term case remains intact, but after a sharp run-up, the stock rates “hold,” at least until valuations or broader market dynamics shift the risk-reward equation back in investors’ favor.

Zscaler: Transforming cybersecurity for the cloud era

Zscaler has never tried to compete on scale alone. Instead, it has focused on building a modern, cloud-native platform that’s reshaping how large enterprises think about cybersecurity — and that strategy is clearly paying off. The company is on pace to surpass $3 billion in annual recurring revenue (ARR) by the end of this fiscal year, a milestone that underscores the strength and predictability of its subscription-driven model.

Moreover, some projections suggest Zscaler could reach $5 billion in ARR by fiscal 2027, driven by three fast-growing areas: Zero Trust Everywhere (which extends protection beyond users to devices, branches and cloud workloads), Data Security Everywhere (focused on protecting sensitive information in the age of AI) and Agentic Operations (an emerging category using AI to help manage IT and security operations). A new Z-Flex purchasing program is also gaining traction, giving customers flexibility to add or switch products without complex procurement, a smart move as companies look to consolidate cybersecurity vendors.

Those strategic bets are showing up in the numbers. In the latest quarter, revenue rose 23% to $678 million, while billings (a key indicator of future growth) jumped 25%. Deferred revenue, which represents sales yet to be recognized, climbed 26%, showing strong demand and long-term customer commitments. Zscaler’s operating margin held steady at 22%, and free cash flow was a solid $120 million, even with heavy spending on data centers and new products. Management raised full-year guidance and now expects revenue of around $2.7 billion and free cash flow margins of up to 26%. Notably, it continues to land larger enterprise customers — companies spending over $1 million annually — which reflects growing adoption of the platform in industries like healthcare, education and financial services.

But for all its strengths, the stock looks fully priced. After a 50% rally over the past year, Zscaler now trades at 19 X sales and 27x book value, far above the cybersecurity industry averages of 3x and 3.6x, respectively. The company isn’t consistently profitable on a GAAP basis, and stock-based compensation remains high. Even though 29 of the 48 analysts covering Zscaler rate it a “buy” or “overweight,” the average price target of $316 per share suggests modest upside from the current price of $300. These elevated multiples leave little room for error, especially if growth wavers because of macro headwinds (e.g. tariffs) or integration risks around its acquisition of the formerly privately held Red Canary.

To be clear, Zscaler is a category leader with powerful long-term trends at its back, including AI, Zero Trust architecture and enterprise security consolidation. The business is expanding, margins are improving and customer engagement is strong. But with expectations already high and the stock trading at a premium, this looks more like a “hold” (or even trim and take profits) than a compelling buying opportunity. 

The bottom line is that Zscaler is one of the most innovative names in cloud security, but after a big run it’s priced as though everything will go right. Long-term holders may want to stay the course, but new investors may want to consider waiting for a pullback or a fresh catalyst before jumping in.

Leidos: Helping build America’s cyber defense

Leidos isn’t a pure-play cybersecurity vendor. You won’t see it bidding head-to-head with CrowdStrike or Zscaler for endpoint deals. But it does build and run many of the government’s most sensitive cyber defenses. Roughly 87% of its $16-plus billion in annual revenue comes from long-term US federal contracts covering everything from classified network operations to AI-enabled threat hunting. That blend of bread-and-butter IT services and full-spectrum cyber work gives Leidos a foot firmly in the security arena while insulating it with multiyear funding streams. It’s a profile closer to Booz Allen Hamilton (BAH) than to high-beta software names.

Spun off from SAIC in 2013, the Virginia-based company operates at the intersection of defense, cybersecurity, healthcare IT and advanced engineering. It provides mission-critical support for the US Department of Defense, intelligence community and civilian agencies, with offerings ranging from secure cloud software and AI-powered surveillance to airport screening systems and classified cybersecurity work. Unlike traditional defense contractors that focus on hardware, Leidos is all about services and software, a positioning that’s increasingly valuable in an age of digital warfare and hybrid threats.

Financially, the story remains strong. In Q1, Leidos reported revenue of $4.3 billion, up 7% from the previous year, with growth in nearly all of its business segments. Net income rose 29% to $365 million, or $2.77 per share, while adjusted EPS came in even higher at $2.97, up 30% year-over-year. Adjusted EBITDA (earnings before interest, taxes, depreciation and amortization) reached $601 million, with margins expanding to 14.2% and reflecting improved program execution, higher volume in managed health services and better cost control. Moreover, the company reaffirmed full-year guidance, targeting $16.9 to $17.3 billion in revenue and non-GAAP EPS of $10.35 to $10.75.

That strength, however, hasn’t translated into big stock price gains. Shares are up just 10% over the past year, trailing peers in the defense and IT services industries. Part of the hesitation likely stems from weaker-than-usual free cash flow of just $36 million in Q1 because of timing around investments and debt refinancing. Still, management expects operating cash flow to reach $1.45 billion for the full year, supported by a robust backlog of $46 billion and a book-to-bill ratio that should improve as recent policy changes work their way through future quarters.

Meanwhile, Leidos continues to fine-tune its portfolio. It recently acquired a government-focused cyber platform firm for $300 million in a move that deepens its presence in full-spectrum cyber and classified defense. The company also scored a string of new task orders, including a $205 million deal with the Defense Threat Reduction Agency, a $150 million Navy contract for acoustic detection systems and a $148 million Air Force award for secure infrastructure support under Project Night Owl.

The bottom line is that Leidos is executing well and positioning itself for long-term relevance in digital defense infrastructure. The stock isn’t flashy, but with reliable contracts, strategic acquisitions and growing exposure to high-margin cyber work, it remains a steady name worth watching, especially if cash flow normalizes and backlog turns into stronger near-term growth.

Investment takeaways

Cybersecurity remains one of the most mission-critical sectors in tech as enterprises, governments and infrastructure providers face mounting digital threats. Fortinet and Zscaler, two of the most widely held names in the sector, offer strong brand recognition, differentiated architectures and long-term growth potential. But investors are paying a premium for that exposure: Fortinet trades around 44x GAAP earnings and 13x sales, while Zscaler fetches roughly 19x sales and 27x book value despite inconsistent profitability. Those lofty multiples leave little margin for error, whether it’s tariff exposure for Fortinet or integration risk for Zscaler.

In contrast, Leidos looks like a value outlier. It’s not a pure-play cyber company because nearly 90% of its revenue comes from U.S. federal contracts, many tied to classified networks, digital modernization and full-spectrum cyber defense. Yet the stock trades at just 16x GAAP earnings vs. a 25x sector median and 1.3x sales. Even its 5.0x price-to-book ratio, slightly above the 3.0x sector average, looks reasonable given a $46 billion backlog and margins now pushing 14%. Wall Street sentiment remains cautious, with only seven of 16 analysts rating the stock a “buy” or “overweight,” but the $175 average price target suggests ~7% upside from current levels, and that doesn’t account for a potential re-rating if free cash flow gains traction.

Notably, the cybersecurity sector sold off sharply yesterday with Fortinet and Zscaler each falling nearly 7% on the day, while Leidos bucked the trend and posted a gain. Though no single catalyst was confirmed, some analysts pointed to profit-taking or renewed concern about increased tariffs at the beginning of August. The move highlights just how vulnerable high-multiple stocks can be to shifts in market sentiment and, by contrast, reinforces Leidos’s appeal as a more stable, fundamentals-driven name than other companies in the sector.

Ultimately, the right cybersecurity exposure depends upon your time horizon and tolerance for risk. Fortinet and Zscaler remain central to next-gen security and cloud-scale defense, making them attractive to growth-oriented investors comfortable with volatility and valuation premium. But for those seeking steadier cash flow, multiyear contract visibility and a meaningful valuation discount, Leidos offers a compelling alternative. In a fast-moving, high-stakes industry, it delivers something rare: operational stability without sacrificing strategic relevance.

Andrew Prochnow, Luckbox analyst-at-large, has traded the global financial markets for more than 15 years, including 10 years as a professional options trader.

For live daily programming, market news and commentary, visit tastylive or the YouTube channels tastylive (for options traders), and #tastyliveTrending for stocks, futures, forex & macro. 

Trade with a better broker, open a tastytrade account today. tastylive Inc. and tastytrade Inc. are separate but affiliated companies.