Treat this as a market briefing.
If you were an industry analyst sitting down to write a research note on the commercial spyware sector, you would start, as you would for any industry, with the basics. Who are the vendors. What do they sell. Who buys it. What does it cost. Where is the money coming from. What is the regulatory environment. What is the competitive structure.
This article is that briefing, written for an executive who has heard the words "Pegasus" and "Predator" in the news and wants a structured understanding of the industry behind them. The implication for your own company — and there is one — comes at the end.
The size of the market
The Atlantic Council's "Mythical Beasts" project, the most rigorous public dataset on the commercial spyware industry, tracks 561 entities across 46 countries over the period 1992 through 2024. These are firms that develop, distribute, finance, or otherwise participate in the commercial surveillance market. The cluster is dense and geographically concentrated. Israel alone — NSO Group, Candiru, Paragon Solutions, Cognyte, and a long tail of smaller firms — accounts for nearly 44% of all entities tracked. India and Italy are the other two notable hubs.
Public market-size estimates vary widely because the industry's revenue is intentionally opaque. Most contracts are with government buyers. Most pricing is bilateral and not disclosed. The Carnegie Endowment and Atlantic Council estimates put the global market in the low billions of dollars annually, with strong year-over-year growth despite multiple rounds of US sanctions, export controls, and litigation. The industry has not contracted. It has rotated and rebranded.
The vendors that matter
Five names cover most of what you'll read about in the public record.
NSO Group (Israel)
The market-defining vendor. NSO sells Pegasus, the spyware product whose name is now generic for the category. Pegasus has been documented in the hands of governments worldwide and used against journalists, activists, dissidents, lawyers, and politicians on every inhabited continent.
NSO's recent business history reads like a turnaround story going badly. They were placed on the US Commerce Department's Entity List in 2021. They lost a major civil suit against WhatsApp in 2024, with a US court ordering $168 million in punitive damages. They have been the subject of restraining orders, contract cancellations, and a serious effort by Western governments to limit their access to commercial banking. Despite all of this, they continue to operate. The Israeli government has consistently licensed their exports, with whatever quiet adjustments occur to the customer list.
For an analyst trying to read NSO's financial trajectory, the signals are mixed. Revenue has reportedly contracted. Operational capability has not. The market for state-grade exploitation chains has not stopped existing because one vendor's reputation took a hit; it has simply distributed across more vendors.
Paragon Solutions (Israel)
The newest entrant of significance. Paragon was founded by former Israeli intelligence personnel and sells Graphite, a Pegasus-equivalent product designed for similar customers and similar use cases.
What makes Paragon analytically interesting is their financing. In late 2024, the American private-equity firm AE Industrial Partners invested in Paragon. AE Industrial Partners is a Florida-based firm with strong relationships in the US defense and aerospace sector. The investment is a notable inflection: a US-domiciled fund is now meaningfully invested in an Israeli commercial spyware vendor whose product, in 2025, was used to compromise European journalists.
The Citizen Lab forensic confirmation of Graphite against two journalists at the Italian publication Fanpage.it, published in June 2025, represents Paragon's introduction to the broader public consciousness. Their operational capabilities, by this point, are comparable to NSO's.
Intellexa / Cytrox (Greece / North Macedonia)
The Intellexa consortium — an alliance of firms including Cytrox, the developer — sells Predator, the second-most-documented commercial spyware product after Pegasus. Predator was placed under US sanctions in 2023. As of 2025, Predator remains operational. The sanctions limit US-person involvement; they do not shut down a European-domiciled firm selling to non-US buyers.
Intellexa is structurally interesting because its corporate architecture is deliberately distributed. The "consortium" model — multiple legal entities across multiple jurisdictions, each handling a slice of the product lifecycle — makes regulatory enforcement materially harder. Sanction one entity, the others continue. This is a deliberate design choice that other vendors have, in various forms, adopted.
Candiru / Saito Tech (Israel)
Candiru has been on the US Commerce Department's Entity List since 2021 alongside NSO. Their product, primarily focused on Windows and macOS surveillance with mobile capability bolted on, has been documented in operations against dissidents in the Middle East.
The most recent investor news, from early 2025: the American firm Integrity Partners invested in Saito Tech Ltd (Candiru's renamed parent). The pattern of US-affiliated capital entering sanctioned vendors is, at this point, no longer an anomaly. It is a strategy.
Lower tier: Cognyte, FinFisher (defunct/restructured), Hacking Team (defunct/restructured), RCS Lab, DSIRF / Subzero
The market has a long tail of smaller vendors with narrower geographic reach or more specialized products. Several of these — FinFisher, Hacking Team, DSIRF — have formally shut down after various combinations of legal pressure, leaked source code, or operational embarrassment. The people who staffed them, in most cases, are now at competitors. The codebase IP has, in some cases, been transferred to successor entities under new names. The industry's apparent contractions are often reorganizations.
The pricing
Public information on pricing is sparse, but a few data points are well-attested. A working iOS or Android zero-click chain — the kind that delivers spyware without user interaction — has been documented selling on the zero-day market for sums in the range of $1 million to $5 million per chain, with the upper end for the freshest exploits against the most current platform versions. The exploit chains are the input. The spyware platform — Pegasus, Graphite, Predator — is the orchestration layer that productizes those exploits into a SaaS-style experience for the buying government.
Per-deployment pricing for the platforms themselves is reportedly in the range of $500,000 to several million dollars per year, with substantial multipliers based on customer concurrent target count, platforms supported, and capability tier. A small national government's modest deployment might run $5–15M annually. A larger deployment, with multi-platform support and high target counts, can run substantially higher.
This pricing structure is what defines the customer base. At these prices, no consumer cybercrime operation buys this software. The customer is, almost without exception, a government.
The customer base
The Atlantic Council's data identifies 56 out of 74 governments they tracked as having procured spyware or digital forensics technologies from firms connected to Israel. The actual global customer count is higher when you include vendors in other jurisdictions. The reasonable estimate is that over half of national governments worldwide have, at some point, contracted with a commercial spyware vendor.
Customer use cases divide into roughly three buckets. The first — the legitimate one most vendors cite in their marketing — is targeted surveillance of named individuals during criminal investigations, with judicial oversight. The second is national security surveillance: terrorist financing, espionage, foreign intelligence. The third — the one that drives most of the news coverage and most of the export-control activity — is surveillance of journalists, dissidents, opposition politicians, human rights lawyers, and activists. Citizen Lab and Amnesty Tech have documented this third category extensively. The first two are harder to study, by design.
The market-share split between these three is impossible to confirm from outside, because no government will admit publicly what they actually use the tools for. Educated estimates from researchers who have spent careers on this — Bill Marczak at Citizen Lab, John Scott-Railton, Ron Deibert — suggest the third category is far more common than vendors will admit and far less common than activists fear. Both estimates are likely true.
The regulatory environment
Three things have happened on the regulatory side in the last five years that, taken together, define the current landscape.
One: the US Commerce Department has placed multiple vendors on the Entity List, restricting US-person involvement. This was a significant move. It did not, by itself, shut down any vendor.
Two: a coalition of governments — the US, UK, France, Australia, Canada, others — issued the Pall Mall Declaration in February 2024, committing to "common principles" on commercial cyber intrusion capabilities. The declaration has no enforcement mechanism. Its actual impact has been to provide normative cover for individual country actions rather than to coordinate them.
Three: targeted civil litigation, most notably the WhatsApp v. NSO case, has produced precedent. The $168M judgment against NSO is the most concrete cost the industry has yet borne. Whether similar litigation against newer vendors will follow remains an open analytical question.
What has not happened: meaningful export-control coordination across major exporting jurisdictions. Israel licenses Israeli vendors. The EU regulates European vendors patchily. The US sanctions US-affiliated involvement. A vendor that structures itself across two or three of these gets to choose which constraints apply.
The economics of the chain
This is the part of the industry that distinguishes it from any other software market and is worth understanding even if you have no commercial reason to.
A commercial spyware product is a chain of exploits. The chain has a half-life. Apple ships an iOS update; one or more links in every active chain break. The vendor must replace the broken links — either by buying new exploits on the zero-day market, by developing them in-house, or by stockpiling enough alternatives to rotate through.
The economics: the chain costs millions to build, generates revenue across deployments while it functions, and decays continuously until it stops working. The vendor needs to amortize the chain across enough deployments to cover the build cost before the chain breaks. This creates an interesting structural pressure: vendors need either a high-volume customer base or very high per-deployment pricing. Most vendors choose the latter, which is why prices remain in the millions per deployment.
The implication for the industry is that the vendors are not principally adversaries of platform vendors. They are customers of the zero-day market. Apple, Google, and Microsoft are the producers of the security their customers want and the source of the bugs the vendors sell access to. The relationship is functionally extractive.
The strategic picture for buyers
If you are a government strategist or a defense analyst, the strategic picture is roughly this. The market has become significantly more competitive over the last five years. NSO's reputational and legal problems have not contracted the market; they have diversified it. Buyers now have meaningful supplier choice across three jurisdictions (Israel, Italy, Greece/North Macedonia, with some additional capacity in India and elsewhere). Pricing pressure is real. Capability is, by most assessments, broadly equivalent across the top three vendors.
For governments that want this capability, the question is no longer "can we get it" but "from whom, under what export licensing, with what legal and reputational risk." For sanctioning governments, the strategic picture is that traditional export controls have produced rotation rather than disruption. The next iteration of policy will likely have to be financial — going after the capital that funds these companies, rather than the products they ship.
What this means for your company
Now the part that's actually about your business.
For 99% of companies, no individual commercial spyware vendor will ever target your application directly. That is genuinely not the threat model. Pegasus is not coming for your SaaS.
But two things in this market briefing do apply to you, and they apply more than most executives realize.
First: your app may be used as a vector against your users. The commercial spyware industry's targeting model is "deliver a payload to a specific phone." The delivery channel is often a popular consumer app — iMessage, WhatsApp, Mail, Telegram. If your app is consumer-facing, particularly if it handles media uploads or messages or links, you have at some point been an unintentional component of the delivery chain. The bug doesn't have to be yours. The platform you're on, the SDK you ship, the WebView you embed — each is a potential link in someone else's chain against your user.
This means the bar for your app's security is not "we don't have exploitable bugs." It is "we don't add to the attack surface other people are already using." Push notification handlers that fetch arbitrary URLs. WebViews that allow file:// URLs. Image processing libraries pinned to versions with known CVEs. Each of these makes your app a cheaper stage in the chain than it needed to be.
Second: if your company employs anyone who might plausibly be a target — and "plausibly a target" includes more people than most companies think — the threat model includes commercial spyware against those employees' personal devices. Journalists on your staff. Lawyers handling sensitive cases. Executives doing M&A. Board members with political connections. Anyone in your government-relations or policy work. Anyone with access to financial systems.
These employees carry phones. The phones do work email. The work email reaches your customer data. If their personal device is compromised by commercial spyware — which has been confirmed against journalists, lawyers, activists, and senior officials in every region of the world — the attacker has access to whatever those phones touch. Your enterprise MDM cannot detect this. Your endpoint security cannot detect this. The first signal will, if you're lucky, be a notification from Apple months later.
The defenses, in priority order, are: enable Lockdown Mode on the iPhones of high-risk employees (free, immediate, and broadly effective against current commercial chains), require fast patching across the device fleet, audit your own app's contribution to attack chains, and accept that detection will lag. None of these are products. All of them are decisions that someone in your organization needs to make.
What I'd watch over the next year
Three things, in my analyst's opinion, are worth tracking through the next twelve months.
One: the trajectory of US-affiliated capital into sanctioned vendors. If the AE Industrial / Paragon and Integrity Partners / Candiru patterns continue, the implicit policy boundary that sanctions were meant to draw will continue to erode. Whether the US government acts on this — and what acting would look like — is the open question.
Two: the AI angle. Several research groups, including OpenAI and Google's threat intelligence teams, have begun to document the use of LLMs in vulnerability research and exploit development. Commercial spyware vendors will be among the first sophisticated commercial adopters. The implications for chain cost, chain refresh rate, and target volume are not yet clear, but they are not small.
Three: the platform-vendor response. Apple's Lockdown Mode and BlastDoor are concrete shifts in defensive architecture. Google has been slower but is starting to ship comparable changes on Android. If platform vendors continue to invest in attack-surface reduction at the rates they did in 2024–2025, the cost basis for vendors will rise. Whether it rises faster than vendor revenue is the strategic question for the industry.
The closing note
This is an industry that exists because the asymmetry between offense and defense in mobile platforms is large enough to sustain a billion-dollar market. As long as that asymmetry exists, the industry will exist. The vendor names will change. The capital structure will rotate. The customers will refresh. The capability will persist.
Your company can't change that. What you can change is whether your own software adds to the asymmetry, and whether the people in your organization who actually have something worth surveilling have the basic defenses available to them. Most don't. Most companies have never had the conversation. The cost of having it is zero. The cost of not having it is one notification from Apple, three months too late.