The CF List: 2022's 20 Zero Trust Security Providers You Should Know
VMware, Trend Micro and ThreatLocker are all here. See who else made it and why.
Jörge röse-oberreich/Shutterstock
Omdia’s Rik Turner said Google is one of the pioneers of zero trust access with the BeyondCorp technology it developed, initially for its own internal use, and now offered to all its Google Cloud Platform (GCP) customers. BeyondCorp is Google’s implementation of the zero trust model. It enables secure work from virtually any location without the need for a traditional VPN.
In June, Zscaler introduced new artificial intelligence/machine learning (AI/ML) capabilities to further enhance its Zero Trust Exchange security platform and help customers implement a security services edge (SSE) that protects against the most advanced cyberattacks without sacrificing users’ digital experience.
Turner said Cato Networks is an interesting player to keep an eye on in zero trust security. Last month, Cato announced its annual recurring revenue (ARR) grew from $1 million to $100 million in five years. That makes it the fastest-growing enterprise network security startup.
Last month, AppGate unveiled its cloud-native, cloud-delivered zero trust platform and built-in risk engine designed to help enterprises deploy and maintain a cohesive security ecosystem, maximize existing investments and accelerate their zero trust security maturity. The platform’s featured risk engine service enhances access policies with security context via click-to-configure connections to third-party IT, security and business solutions.
This month, Palo Alto Networks announced Medical IoT Security, a comprehensive zero tust security solution for medical devices. It enables health care organizations to deploy and manage new connected technologies. It can be integrated with existing health care information management systems, like AIMS and Epic Systems, to help automate workflows.
Fernando Montenegro, senior principal analyst at Omdia, cited Tailscale as a new vendor worth keeping an eye on for more specialized zero trust security use cases. Tailscale is a zero configuration VPN for building secure networks. In May, Tailscale announced it raised $100 million in a Series B financing led by CRV and Insight Partners, with participation from its existing major investors Accel, Heavybit and Uncork Capital, along with other investors.
Turner said Perimeter 81 is an interesting player to keep an eye on in zero trust security. In June, the SSE and ZTNA provider announced its valuation had reached $1 billion. That’s after completing a $100 million Series C funding round led by B Capital. The financing will accelerate Perimeter 81’s growth, hiring and development. The company has more than doubled its annual recurring revenue (ARR) year over year.
Montenegro said Border0 is a new vendor worth keeping an eye on for more specialized zero trust security use cases. Border0 provides frictionless secure single sign-on (SSO) access to infrastructure for building, coding, deployment and management without security risk and compliance worries.
Montenegro said Teleport is a new vendor worth keeping an eye on for more specialized zero trust security use cases. Teleport is a identity-native infrastructure access platform for engineers and machines. Teleport delivers phishing-proof zero trust for engineers and services connected to global infrastructure.
Broadcom‘s Symantec Integrated Cyber Defense zero trust security solution delivers endpoint, network, information and identity security across on-premises and cloud infrastructures. Broadcom is nearing completion of its $61 billion acquisition of VMware. However, European Union regulators will be taking a closer look at the terms of the acquisition transaction before signing off on it.
Turner said in launching Verified Access, Amazon Web Services (AWS) is catching up with Google. Verified Access provides secure access to applications without requiring the use of a VPN. It evaluates each application request and helps ensure that users can access each application only when they meet the specified security requirements.
Montenegro said SideChannel is a new vendor worth keeping an eye on for more specialized zero trust security use cases. In September, SideChannel launched Enclave, a microsegmentation software platform designed to offer SMBs a cost-effective solution to simplify and maintain a segmented network with minimal IT administration and maintenance.
Cisco Zero Trust offers a comprehensive solution to secure all access across applications and environments, from any user, device and location.
“Most of an organization’s staff can be introduced to zero trust via a few Teams or Zoom calls, and perhaps an hour or two’s worth of training,” Turner said. “However, assume that the imposition of zero trust will raise a few hackles, particularly among C-level execs who have been used to unlimited privileged access until now.”
Last month, Fortinet announced the availability of FortiGate Cloud-Native Firewall (FortiGate CNF) on Amazon Web Services (AWS), an enterprise-grade, managed next-generation firewall service specifically designed for AWS environments. FortiGate CNF incorporates FortiGuard AI-powered security services for real-time detection of and protection against malicious external and internal threats. And it’s underpinned by FortiOS for a consistent network security experience across AWS and on-premises environments.
Illumio, the zero trust segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. Its ZTS platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks.
Ivanti Neurons for Zero Trust Access uses the web to create a secure connection from the device to an application, eliminating bandwidth and data charges through gateways while constantly verifying the user, their device and applications based on granular constraints.
In September, Microsoft detailed Windows 11’s new security-focused features, with a heavy emphasis on supporting zero trust.
“We see zero trust access (ZTA) as a key use case for many SASE projects – an initial foray into SASE, if you will,” Montenegro said. “From the SASE angle, it’s all about making sure it can find a good combination of policy granularity, efficient and effective enforcement, and good user digital experience, specifically low latency and minimal disruption to user experience flows.”
ThreatLocker grew 530% last year in the MSP industry and it now has thousands of MSP partners. It recently acquired Third Wall, an automated lockdown security plug-in for ConnectWise Automate users. With the addition of Third Wall’s lockdown policies to existing ThreatLocker solutions, MSPs can harden Windows operating systems. That will ensure end-users comply with government regulations. Furthermore, it will strengthen their overall security.
VMware offers a broad set of inline security techniques like watermarking, risk scoring and behavioral analysis. VMware’s ZTNA solution integrates with its own endpoint protection as well as major third-party suites. Broadcom is in the process of acquiring the cloud computing software provider.
Trend Micro Zero Trust Secure Access implements continuous risk assessment by analyzing threat factors of assets. Access to specific resources can be changed based on increases or decreases in risk. Trend Micro Vision One Risk Insights gathers telemetry and data to automate decisions by leveraging the Trend Micro endpoint agent and network tools.
Trend Micro Zero Trust Secure Access implements continuous risk assessment by analyzing threat factors of assets. Access to specific resources can be changed based on increases or decreases in risk. Trend Micro Vision One Risk Insights gathers telemetry and data to automate decisions by leveraging the Trend Micro endpoint agent and network tools.
Cybersecurity providers have been busy this year. More organizations have adopted zero trust security, including zero trust network access (ZTNA), with the continuing onslaught of cyberattacks against companies of all sizes.
Zero-trust security remains a hot topic at just about every cybersecurity conference. Zero trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validates every stage of a digital interaction. ZTNA is an IT security solution that provides secure remote access to an organization’s applications, data and services based on clearly defined access control policies.
Our latest CF List focuses on zero trust security. We last tackled zero-trust in July 2021, and cybersecurity continues to evolve rapidly. Analysts with Omdia, S&P Global Market Intelligence and Forrester weighed in on zero-trust security market trends and what it takes to be a successful provider.
Massive Growth Anticipated in Zero Trust Security Market
According to MarketsandMarkets, the global zero trust security market should exceed $60 billion by 2027, registering a compound annual growth rate (CAGR) of 17.3%. Analysts value the market today at $27.4 billion.
Forrester’s Heath Mullins
Heath Mullins is a senior analyst with Forrester. He said zero-trust security adoption has increased this year.
“The U.S. federal market is rapidly adopting zero trust principles, strategies and architecture,” he said. “This adoption has primarily been driven by executive orders and Office of Management and Budget (OMB) memos. Highly regulated industries (infrastructure, energy, financials and medical) are taking a closer look as they may have to follow suit in the next three-to-five years.”
Organizations ‘Inundated’ with Zero Trust Marketing
Clients have been “inundated” with vendor zero trust marketing, Mullins said.
“It seems that every security vendor has a zero-trust story,” he said. “And they are not shy about sharing it. This is both a blessing and a curse. Zero trust is an all-encompassing architecture. So I don’t consider vendor alignment with zero trust principles to be a bad thing. It does, however, create confusion for the client. The most interesting push in the market has been security capability consolidation into platform offerings, aka the single throat to choke model. These combined, adjacent – and in some cases overlapping – capabilities allow clients to address multiple zero trust focus areas via a single vendor acquisition. Niche/best-of-breed vendors are having a hard time keeping up, though they are still very important when addressing coverage gaps, which may not be addressed by a platform offering.”
Rik Turner is principal analyst at Omdia, which shares a parent company with Channel Futures (Informa). He said vendors are increasingly entering the zero-trust market. Some are launching zero trust architecture (ZTA) offerings in isolation. Others are launching full-scale secure access service edge (SASE) services, of which ZTNA is a key component.
Omdia’s Rik Turner
“Differentiation is indeed challenging in such a busy and competitive market,” he said. “My impression is that ZTA as a standalone technology (whether delivered as a service or as licensed software) is a smaller addressable market than SASE, since the latter offers all an enterprise’s branch and remote worker networking and security requirements, all delivered as a service, so opex instead of capex. I think SASE itself is differentiation vis-à-vis standalone ZTA. And I wonder how big the market for ZTA alone is and will be.”
Who You Are, Not Where You Are, Matters
Garrett Bekker is a senior research analyst with S&P Global Market Intelligence’s 451 Research. He said zero trust is not a product or tool, but a framework or philosophy for implementing security based on the principle of least privilege and relying heavily on identity as an access control mechanism rather than geographic location.
S&P Global Market Intelligence’s Garrett Bekker
“Who you are matters more than where or what network you are on,” he said. “ZTNA … has come to mean a remote access technology that is an alternative to a traditional VPN. We have data on ZTNA that shows enterprise adoption this year increased to 23%, up from 13% in last year’s survey. This is a nice jump, but still fairly low relative to other more mature security tools. It’s still early for ZTNA adoption, but it’s growing fast.”
We’ve compiled a list, in no particular order, of 20 top zero-trust security providers. It’s based on analysts’ feedback and recent news reports. The list is by no means complete. It includes a mix of well-known providers as well as lesser-known ones making strides in zero trust security. See our slideshow above.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like