The CF List: 20 Top Zero Trust Security Providers You Should Know
Zero trust is increasingly in demand as ransomware and other attacks escalate.
![Twenty, 20, SD-WAN providers Twenty, 20, SD-WAN providers](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt1623fbe456f4d7d3/6523f96f6868b42e553c7c45/shutterstock_790434142.jpg?width=700&auto=webp&quality=80&disable=upscale)
Jörge röse-oberreich/Shutterstock
Omdia’s Rik Turner cited Akamai as part of the zero trust access brigade. Frost & Sullivan’s Tony Massimini said zero trust is going to be more and more of a feature that everyone is going to expect.
“It comes down to using it for doing segmentation or microsegmentation of a network to contain any kind of a breach,” Massimini said. “Any time we see any kind of intense [cyber crime], it captures media attention. It’s going to spur companies to develop innovation, and zero trust is the latest innovation companies are working on. It’s been around a long time. But I think the spate of cybercrime we’ve seen recently has spurred greater interest.”
Forrester’s Steve Turner and S&P Global Market Intelligence’s Garrett Bekker cited Appgate. It recently launched the latest release of its software defined perimeter (SDP) solution that enables clientless, browser-based access to protected resources. The new solution extends protection to contractors, vendors and other third parties with no clients or plug-ins required. It also provides new capabilities to secure access to IoT and unmanaged devices, and delivers additional enhancements for containerized workloads to provide zero trust support options to its customers.
Steve Turner cited Axis Security as a zero trust security contender.
“There are a number of providers out there that claim the mantle of zero trust, but it’s not just solely based in technology,” he said. “Sure, technology helps enable implementing zero-trust principles such as utilizing least privilege and comprehensive security monitoring, but what fronts all of that? The people and the processes. The technology enables those things to happen. You can’t buy zero trust, so any company that comes out and says that they can sell you zero trust, I’d take a hard stance and ask them how they’re going to help you achieve your organization’s goals? How are they empowering your IT and security teams to do their jobs effectively? What capabilities of a zero-trust architecture are they helping you achieve?
Steve Turner cited Broadcom as a major portfolio player. According to MarketInsightsReports, Broadcom is among top key players in the global zero trust security market. The market is expected to register a compound annual growth rate (CAGR) of 18% from 2020 to 2025.
Steve Turner cited Cisco among major portfolio players.
“Because there are so many vendors/providers bandying the term around, there is a very real risk of a fog descending on the buying public,” Rik Turner said. “So one way to stand out is to articulate very clearly what your company means by zero trust, in your marketing material, and supporting webinars ad speaking opportunities. Make any zero trust message you emit very clear and quite specific, as well as explaining to potential customers what they will need to do internally to adopt a zero-trust approach. It’s not just buy a box, turn it on and you’ve got zero trust.”
Bekker cited Citrix among noteworthy zero-trust security providers.
“The zero trust network access (ZTNA) market is highly competitive and very crowded, with at least 20 separate vendors,” he said.
Rik Turner cited Cloudflare as part of the zero trust access brigade. Cloudflare’s new data loss prevention (DLP) offering adds zero-trust controls to an organization’s data, regardless of where that information is stored. It looks at all the traffic passing through the network and applies security controls to protect sensitive information.
Bekker cited Forcepoint as a noteworthy zero trust security provider.
“In as much as it’s a preemptive approach to security, closing everything down and then opening up only what’s absolutely necessary at any given time, it certainly reduces the attack surface,” Rik Turner said. “Of course, nothing is foolproof, and if anyone does manage to get in and their irregular behavior does not raise an alarm, the best you can hope for is that at least the blast radius will be minimized. I’d say zero trust at least raises more and higher hurdles, but you’ll still need some detection and response capabilities for when zero trust fails to stop a threat.”
Bekker cited Fortinet among noteworthy providers.
“In the modern world, users (thanks to work-from-home), apps (increasingly SaaS or IaaS-based, cloud-native), devices (BYOD) and infrastructure are no longer solely behind the corporate network confines, and so the old perimeter-based has become less and less relevant,” he said. “I see zero trust as a new way of thinking about security that takes into account the highly distributed nature of modern computing. In theory, it offers the potential to greatly reduce the attack surface of modern enterprises, reduce the ability for attackers to move laterally and escalate privileges, and lead to overall better security posture by moving from a default allow to a default deny security stance. That said, nobody offers zero trust in a box and for most firms it will be a long journey to reach true zero trust status and will require a lot of work and education, and will certainly lead to increased complexity.”
Steve Turner and Rik Turner cited Guardicore as a top provider of zero-trust microsegmentation. Guardicore recently announced new capabilities that extends microsegmentation and zero-trust security to the industry’s broadest catalog of legacy servers, applications and operating systems (OS). Customers using Guardicore Centra to protect their hybrid data centers that include legacy servers can now extend zero trust policies and granular microsegmentation to IBM iSeries AS/400 servers.
Steve Turner and Rik Turner cited Illumio as a top provider of zero trust microsegmentation. Last month, Illumio announced a new $225 million Series F funding round at a $2.75 billion company valuation. Thoma Bravo led the funding round. Many Fortune 100 companies and hundreds of global enterprises are using Illumio.
Steve Turner cited Ivanti as a major portfolio player. And Bekker said it’s a noteworthy contender through its acquisitions of Pulse Secure and Mobileiron. The Ivanti Neurons automation platform connects the company’s unified endpoint management, zero trust security and enterprise service management solutions.
Steve Turner said Microsoft is a major zero trust security portfolio player.
“I would include providers in the market that lean into the zero-trust principles of all entities should be considered untrusted by default, least privilege access should be enforced, and organizations should implement comprehensive security monitoring,” he said.
Bekker cited Netskope as a noteworthy zero-trust security provider. Last week, Netskope announced it has raised $300 million in new funding, boosting the secure access service edge (SASE) provider’s valuation to $7.5 billion. The round is more than double the company’s valuation from 18 months ago.
Steve Turner said Palo Alto Networks is a major portfolio player. And Rik Turner said the company is “quite imbued with the zero trust ethos.”
Palo Alto Networks recently introduced five key innovations that make it easier for customers to adopt zero-trust across their network security stack. The introductions of SaaS Security, Advanced URL Filtering, DNS Security, Cloud Identity Engine, and new machine learning (ML)-Powered Firewalls allow organizations to implement zero trust network security.
Bekker cited Perimeter 81 as a noteworthy zero-trust security player. Perimeter 81’s Zero Trust Application Access employs multiple layers of user trust and device trust policy validation to authorize employees before granting them access to applications in a session that is fully audited, and can be recorded and monitored. The solution secures the network, employees and applications using zero-trust guidelines, and isolates the applications from the network at all times.
Steve Turner cited Splunk for visibility, analytics, automation, and security orchestration, automation and response (SOAR). Last month, the company unveiled the new Splunk Security Cloud, a security operations platform that delivers enterprise-grade advanced security analytics, automated security operations, and integrated threat intelligence.
Bekker cited Trend Micro as a noteworthy provider. Trend Micro’s zero-trust strategy leverages Trend Micro Vision One’s capabilities, delivering insight with an extended detection and response (XDR) solution to cover telemetry across email, cloud, networks and SaaS applications. The strategy provides continuous security assessment and insights so teams can make informed decisions.
Steve Turner cited VMware as a major portfolio player. He said with all the public policy and the threat landscape of ransomware attacks, supply chain attacks and more, the market has been flooded with two types of providers. Those are ones who supposedly can “sell you zero trust” and the ones that “prescriptively help you get to a zero trust architecture.”
“I’d avoid the vendors that say that they’re selling you zero trust; you’ll be disappointed to find out that they’re missing some critical capability that you’ll need later,” he said. “I’d focus on the vendors that are selling a pathway to zero trust and that are upfront about what capabilities they’re offering to help you reach your goals. Typically, these vendors will spend a significant amount of time learning about your organizational goals being laser-focused on what use cases they can help you solve. They’ll be upfront with what capabilities they address and don’t address, and they’re looking to be your partner and not a quick sell.”
With hackers launching increasingly stealthy attacks, zero-trust security is a red-hot topic in the channel.
Cybersecurity experts are illustrating the benefits of zero trust at just about every security conference. In addition, they’re saying it’s a competitive advantage. If you don’t have it, you’re giving hackers an open invitation to attack.
Our latest CF List focuses on zero-trust security. Analysts with Omdia, S&P Global Market Intelligence, Forrester and Frost & Sullivan weighed in on zero-trust security market trends and what it takes to be a successful provider.
Philosophy or Strategy
Garrett Bekker is a senior research analyst with S&P Global Market Intelligence’s 451 Research. For him, zero trust is more of a philosophy or strategy than an actual product or technology.
S&P Global Market Intelligence’s Garrett Bekker
“For me, zero trust at its core is a way of approaching security where access to resources is predicated on your identity, or the identity of a thing or system, or app, than on what network or network segment you are on,” he said. “In other words, access is based more on who than where. It also means a larger role for the principle of least privilege — [it] only grants users access to what they explicitly need to do their jobs, and nothing more.”
Zero trust is increasingly conflated/confused with zero trust network access (ZTNA), Bekker said. That’s a specific technology designed to provide remote access to apps/resources as an alternative to a VPN.
“ZTNA is very similar to software-defined perimeter (SDP),” he said. “But SDP seems to be fading from use in favor of ZTNA.”
The Dinner Scenario
Rik Turner, principal analyst at Omdia, gave the following description of zero trust security. (Omdia and Channel Futures share a parent company, Informa.)
Omdia’s Rik Turner
“In the traditional system, if you invite someone to your house for dinner, you let them in when they knock at the door, usher them into the lounge and offer them a cocktail, then maybe you pop to the kitchen to see how the food’s doing, leaving them alone in the lounge,” he said. “At that point, they have the run of the house, and can root around in your cupboards, move to other rooms and investigate the wall safe you have behind that Picasso in your bedroom. You just trust they won’t. With zero trust, you let them into the lounge and serve their margarita, but when you go the kitchen they are locked in the lounge, the cupboards and drawers are all padlocked, and you can watch what they do in the lounge on CCTV.”
Steve Turner, risk and security analyst at Forrester, said the “way we’ve been doing security hasn’t been working.”
Forrester’s Steve Turner
“Instead of using a sledgehammer to eradicate a threat while destroying the parts you needed or disrupting business, zero trust allows us to use a variety of different control planes to surgically limit or eradicate a threat,” he said. “The enemy of most organizations have been attackers breaking into an asset whether that be an employee’s computer, server, or even IoT devices such as security cameras, printers, etc., and being able to laterally move within an organization. Following the principles of zero trust, attackers that try to move laterally can’t because zero-trust architecture includes the concept of segmentation where assets can’t talk to each other by default.”
Zero Trust Security Not Standalone Technology
Tony Massimini is senior industry analyst for information and network security at Frost & Sullivan. He doesn’t see zero trust as a standalone technology. It’s more of a security concept than a standalone technology in and of itself. It’s incorporated in a lot of solutions that have to work together in an integrated fashion.
“It’s becoming more of a standard feature for a lot of companies,” he said. “But you’re not going to just say give me your zero-trust solution; it’s incorporated into a security stack.”
We’ve compiled a list, in alphabetical order, of 20 top zero-trust security providers. It’s based on analysts’ feedback and recent news reports. The list includes a mix of well-known providers as well as lesser-known ones making strides in zero trust. This is by no means a complete list, and many market themselves as both zero trust, ZTNA or secure access service edge (SASE).
Scroll through our slideshow above to see who made the list.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like