Cloud Access Security Brokers (CASB)
                                                    ,
                                                            Data Loss Prevention (DLP)
                                                    ,
                                                            Data Security
                                                                                                                                            
                    Gartner: Security Service Edge Market Is Experiencing Evolution, Not Revolution
                

Pure-play security service edge specialists Zscaler and Netskope were once again joined by platform behemoth Palo Alto Networks atop Gartner’s rankings of SSE vendors.
See Also: Securing Data in the AI Era
The SSE market is experiencing evolution rather than revolution, with commoditization prevalent in legacy security technologies like secure web gateways and zero trust network access due to their maturity and widespread functionality, said VP Analyst Charlie Winckless. Differentiation now occurs at the edge, he said, particularly for SaaS application support, DEM and advanced data security use cases (see: Netskope, Zscaler, Palo Alto Lead SSE Gartner Magic Quadrant)
“The commoditization, to some extent, is because these are relatively old markets,” Winckless told Information Security Media Group. “This is a long established, relatively mature market where we’ve seen some changes. There can be customization there, and they are doing a good enough job for many enterprises across those areas. More complicated use cases, more complicated needs, may drive it.”
Most enterprise needs around secure web gateway and zero trust network access can now be met by a range of vendors offering near-identical capabilities. These technologies have been around for decades, Winckless said. Cloud access security broker stands out slightly since its integration with SaaS APIs and support for posture management and advanced data loss prevention introduces use cases that aren’t as easily standardized, Winckless said.
“There is less commoditization, honestly, in CASB, because CASB does drive a little bit more the edge use cases such as API integrations, posture management and advanced data security features which may or may not be useful to that many organizations,” Winckless said.
As core functions become commoditized, differentiation shifts to how vendors handle SaaS applications and digital experience management, with firms that support a handful of APIs struggling to compete against those offering robust integrations with dozens of SaaS platforms. Advanced SSE offerings take on inline data encryption, context-aware data loss prevention and configuration audits of major SaaS tools, Winckless said.
“The ability to not just look at data security and sharing in SaaS over API, but the configuration of large and common SaaS applications to look for common vulnerabilities and the interconnection of SaaS applications to the SSE are some common differentiations there,” Winckless said.
The ability of SSE platforms to serve as enforcement points between users and applications allows them to monitor and filter data going into generative AI tools, according to Winckless. Through technologies like inline CASB and secure web gateways, Winckless said enterprises can restrict access to risky generative AI tools and enforce policies that prevent users from uploading sensitive or regulated data.
“The ability to proxy, control and manage data to those applications and – as we look at the more advanced tools – understand prompt responses is a great way to say, ‘Please don’t put up proprietary code into this general purpose AI app to ask how to make it better,'” Winckless said.
Vendors are converging SSE and software-defined wide area network offerings into unified SASE platforms, while customers -especially SMEs – are showing increased willingness to purchase both from a single provider, Winckless said. Over time, Winckless said even large enterprises are shifting toward fewer vendor relationships, motivated by reduced complexity, cost efficiency and operational cohesion.
“The very large organizations probably have very separate teams, but as those teams come together a little more, the adoption, the simplification and the acceleration become valuable,” Winckless said.
The enduring leadership of Zscaler, Netskope, and Palo Alto Networks is no accident, Winckless said, since these vendors embraced cloud-delivered security early, invested heavily in platform unification and remain responsive to evolving customer needs. These vendors not only built strong feature sets, he said, but also mastered the operational, marketing and sales execution required to scale globally.
“They’ve been responsive to the market and have followed it over an extended period of time, and they’ve continued to consolidate and develop their platform,” Winckless said.
From a completeness of vision perspective, Gartner once again gave Netskope the gold, with Zscaler climbing from third last year to second this year and Palo Alto Networks dropping from second last year to third this year. As far as execution ability is concerned, Zscaler leapfrogged from third last year to first this year, while Netskope fell from first to second and Palo Alto Networks fell from second to third.
Outside of the leaders, here’s how Gartner sees the security service edge market:
- Challenger: Fortinet;
- Niche Players: Cloudflare, Skyhigh Security, Versa Networks, iboss, Broadcom;
- Honorable Mentions: Check Point Software, Cisco Systems, HPE, Lookout, Microsoft.
Zscaler Unifies Siloed SSE Offerings Into Single Platform
Zscaler has focused on unifying its historically siloed offerings around internet security, private access and cloud networking into a single SaaS-based platform due to a change in customer needs, said Dhawal Sharma, executive vice president of product strategy. As networking and security teams increasingly collaborate, Sharma said the demand for unified policy management, console and services has increased.
A major investment area has been data protection, where Sharma said Zscaler is evolving beyond traditional DLP into a comprehensive platform that includes endpoint, email, cloud and AI-based data controls. Sharma emphasized that Zscaler’s policies are extensible, allowing consistent enforcement across various data channels, boosting both management simplicity and protection robustness (see: How Red Canary Acquisition Will Fortify Zscaler’s MDR Muscle).
“Since we are built as a ground up multi-tenant SaaS service, it was very easy for us to bring that together, but we did not, because there was not a strong demand for it,” Sharma told ISMG. “But as this framework – SSE and SASE – came out, the need to have a unified experience became important. So we brought unified experience as part of the market.”
Gartner chided Zscaler for performance issues, being one of the most expensive vendors in the market and detracting from SSE by diversifying into security operations. Sharma said pricing and licensing have been simplified, performance issues often stem from misconfigurations on the client side and the move into security operations is an expansion opportunity rather than a distraction from core functionality.
“We are the only SSE provider, as we speak, which has also rolled out in business continuity and disaster recovery service for our SSE platform, which none of our competitors do,” Sharma said.
Netskope Buys a DSPM Startup, Builds Enterprise Browser Tool
Netskope has over the past year released a unified CASB module that improves application discovery and can effectively identify and manage SaaS applications, said Robert Arandjelovic, senior director and head of global product and solutions marketing. The company bought DSPM startup Dasera to improve its data discovery and protection capabilities across cloud, on-premises and hybrid environments.
The Netskope One Enterprise Browser extends access to SSE infrastructure and is designed for environments where users access corporate assets without a managed device, Arandjelovic said. Netskope has licensed its core DLP technology to be embedded into third-party applications, enhancing the protection of previously inaccessible data sources and enriching its DSPM toolbox (see: Netskope Purchases Dasera to Strengthen Cloud Data Security).
“We’re very well known for our application discovery and SaaS security capabilities, and a big piece of that is always to allow a lot of the AI and ML technologies we use to help accelerate that process for enterprises,” Arandjelovic told ISMG.
Gartner chided Netskope for not targeting the midmarket effectively, offering its console only in English and being slow to introduce new advanced features like digital experience management. Arandjelovic said Netskope is simplifying products and debuting a dedicated mid-market sales force, prioritizes quality and integration over speed and sees console language limitation as common across the industry.
“I can make a Bolognese sauce in 20 minutes,” Arandjelovic said. “The Italian grandma is going to make one in three hours. But you tell me which one is better. That’s kind of our approach.”
Palo Alto Networks Takes on Browser, Data, Threat Prevention
Palo Alto Networks has invested in real-time browser-based security, AI-driven data security and broad threat prevention via enhanced telemetry, said Vice President of Prisma SASE Anupam Upadhyaya. The company defends against browser-based threats and uses the browser as an inspection and telemetry tool to address shifts in user behavior and application access patterns, Upadhyaya said.
The company uses AI to improve data discovery and insider threat mitigation, particularly amid the explosion of data from SaaS and AI applications, and can see sensitive data that lives outside sanctioned or monitored environments, Upadhyaya said. The firm can preempt insider threats and automate breach prevention using pattern recognition and behavioral analytics powered by its threat intelligence (see: Strengthening AI Security With Platform Strategy).
“We have spent a lot of time making sure that we are protecting customers against attacks that are delivered in the browser, which might be harder to detect in the network,” Upadhyaya told ISMG. “We also use the browser to our advantage to provide security for applications that might be hard to decrypt because of business or technology reasons.”
Gartner chided Palo Alto Networks for complex pricing, offering primarily English-speaking tech support, and addressing a narrow set of use cases with enterprise browsers. Upadhyaya said Palo Alto Networks introduced site-based licensing to abstract away bandwidth allocation logistics between branches and cloud services and has seen growing adoption and successful enterprise browser deployments.
“We have definitely moved to a site licensing model, where you buy bandwidth just once and we take care of spreading it across different sites and allocating to the SSE,” Upadhyaya said. “So hopefully with that simplification, we will see customers and analysts responding a bit more positively to our packages.”
