Reading Time: 3 minutes

It seems Symantec has taken notice of Comodo earning the #1 position in SSL Certificate Authority market share based on a recent report from Symantec has posted a blog with their version of the “facts,” so we thought it would be a great opportunity to highlight the realities of the data:

  •, the research group that produced the original SSL Certificate Authority data, is a highly respected and independent organization. They are not “pay for play” like some other research firms. Their data is fully available to all.
  • monitors certificate authorities of the top 10 million websites around the world to calculate market share – and they update that data daily.
  • And to ensure data cannot be manipulated in any way, takes the issue of spamming right out of the equation.  Check out their FAQ and information below:

Which websites do you count? Do you crawl all the web?

For the surveys, we count the top 10 million websites according to Alexa, see our technology overview for more explanations. We do crawl more sites, but we use the Alexa top 10 million to select a representative sample of established sites. We found that including more sites in the sample (e.g. all the sites we know) may easily lead to a bias towards technologies typically used for “throw-away” sites or parked sites or other types of spam domains.

  • And lastly on this market share issue, Comodo’s market share in SSL Certificate Authority has increased even further since the original announcement fourteen days ago. Readers should feel free to look at the latest market share data anytime from here.

So, Symantec is in denial about market share data points.  Let us introduce a few more data points to consider.

How about the Symantec’s recent earnings report?  Here points out, “Symantec Corp. Thursday reported that revenue fell in two of its three segments–including 10% in its key security business–during the fourth-quarter, leading the cybersecurity company to post a downbeat guidance for the first-quarter.”  So Security revenues fell 10%, yet the IT security industry is growing leaps and bounds?  How can one sustain a number one position with falling revenues? Are customer voting with their feet and leaving Symantec?

How about the rapid departures of several senior executives at Symantec? A revolving door of three different CEOs since 2009.

And how about Symantec stating in the same blog post where they disputed the data, claiming “Symantec’s global infrastructure has NOT ONCE been compromised, never suffering a breach” A quick search reveals stories from CNET and Reuters that state “…. Symantec’s own networks had been infiltrated.” How can Symantec make such a blatantly false statement of ‘never suffering a breach’ while the Internet is full of contrary evidence?

Perhaps Symantec was referring to the PKI infrastructure they acquired from Verisign?  Another quick search reveals this story that shows the company Symantec acquired for their SSL certificate has been repeatedly hacked “… in charge of delivering people safely to more than half the world’s websites, has been hacked repeatedly by outsiders who stole undisclosed information from the leading Internet infrastructure company.”

And check out the ‘security concerns and controversies’ section here to read about Symantec’s problems with endpoint bugs, denial-of-service attack vulnerabilities, source code theft, data breaches, and even their products being used to hack the New York Times web site – causing the company to admit that anti-virus software alone is not enough.

So which company has “not once been compromised?”

We agree with Symantec when they say in their blog, ‘leadership is earned rather than claimed.’   Comodo has clearly earned the trust of its customers with market share leadership.  Customers are choosing Comodo.  So to our friends at Symantec – let’s allow the customers to decide. We simply wanted to provide the facts.