The 25 Hottest Edge Security Companies: 2023 Edge Computing 100
As part of CRN’s Edge Computing 100, here are 25 security players working at the cutting-edge of the edge.
Security At The Edge
With a growing proportion of computing taking place in edge environments, the need for security that caters to the edge has been surging. And that’s only been amplified as a need by the series of high-profile attacks at the edge in 2023.
Two attacks in particular — which targeted Barracuda Email Security Gateway customers Cisco IOS XE — will likely end up as the most impactful attacks against IT hardware of the year, according to Caitlin Condon, head of vulnerability research at cybersecurity vendor Rapid7. And notably, both attacks targeted network hardware devices located on the edge of an organization’s IT setup.
In mid-2023, a China-linked cyberattack campaign exploited a vulnerability in Barracuda’s Email Security Gateway to disproportionately target government agencies, according to Mandiant researchers.
Then in October, researchers found that tens of thousands of Cisco devices running the IOS XE operating system were compromised through exploits of a zero-day vulnerability. “Of edge attacks, this is one of if not the most significant,” said John Gallagher, vice president of Viakoo Labs at IoT security firm Viakoo.
Edge attacks have been on the rise as threat actors continue to seek the path of least resistance, Gallagher told CRN. At this point, “data center security is quite good. And so therefore, it leads [attackers] to say, ‘OK, what are the soft underbellies that maybe are not well-protected?’” he said. “And that, I think, has directly led people over the last number of years to the edge.”
Meanwhile, the demand for secure access service edge (SASE) and security service edge (SSE) technologies also continues to climb as organizations continue working to protect their remote and hybrid workforces. With the arrival of multi-cloud computing and an increasing reliance on cloud-based SaaS applications, SASE “naturally lends itself to being that intermediary layer, the same way that the next-gen firewalls from before were at that perimeter,” said Lee Waskevich, vice president of security at ePlus Technology.
As part of CRN’s Edge Computing 100 for 2023, here are 25 security vendors working to protect the new perimeter for today’s businesses.
While Akamai offers what it calls the “world’s largest intelligent edge platform,” the company’s security portfolio is now its largest business. And within security, key capabilities include edge DNS as well as zero-trust segmentation for IoT and OT systems.
Appgate provides a direct-routed zero-trust network access offering that delivers better control over network traffic as well as unified access control over users and environments, according to the company. The approach also provides low latency and high availability, Appgate said.
Armis recently launched its new Centrix platform that offers improved visibility for devices and assets across IT, medical, IoT and OT, as well as enhanced management and security for the assets. Newly added generative AI capabilities enable natural language queries on the platform.
Barracuda recently unveiled its secure access service edge platform, SecureEdge, which is targeted at the vendor’s small and medium-size enterprise customers as well as at MSPs. The “enterprise-grade” SASE platform brings together a number of Barracuda capabilities to provide improved security and management for organizations with hybrid and remote teams.
Even apart from its $61 billion acquisition deal for VMware, Broadcom is a major player in edge security including with its Edge Secure Web Gateway offering. Recent moves in security service edge, meanwhile, included debuting its own Firewall as a Service and developing an agent to cover all SSE services.
Check Point Software Technologies
Check Point Software Technologies added a key piece to its secure access service edge platform with the debut of its in-house SD-WAN offering in February. The SD-WAN “software blade” in the Check Point Quantum Gateways platform enables strong security as well as optimal performance for internet and network connections, according to the company.
Claroty recently unveiled new capabilities in the area of vulnerability and risk management for cyber-physical systems. The update improves risk quantification for the systems while providing greater control over risk assessments, leading to better prioritization of threats, according to the company.
In January, Cloudflare added another key piece to its secure access service edge platform, Cloudflare One, with the introduction of its Magic WAN Connector. The software-defined offering can be utilized for securely connecting businesses to the web, the company said. With the addition of Magic WAN Connector, Cloudflare One is providing a “true integrated SASE” platform, the company said.
With its Edge Cloud Platform, Fastly has brought an increasing focus on security including through its acquisition of Signal Sciences. Fastly enables the deployment of edge security services leveraging the Signal Sciences next-generation web application firewall technology.
Forcepoint’s security service edge offering focuses on taking a “data-first” approach, with the aim of enabling improved control access and use of sensitive data. The company recently sold its government and critical infrastructure business to investment firm TPG to enable a tighter focus on security service edge.
Forescout offers an automation-driven security platform focused on protecting the full range of connected devices, including IoT and OT devices. The company recently introduced its Risk and Exposure Management product that can collate any data sources from an organization’s connected assets, according to the company.
Founder, Chairman, CEO
In March, Fortinet unveiled a number of updates to its FortiSASE platform meant to better enable distributed work, including upgrades to the integration with FortiGate Secure Edge. Other updates to FortiSASE included expanded connectivity for the Secure SD-WAN hub.
Co-Founder, CEO, CTO
Security service edge player iboss aims to stand out with strong availability and zero-trust network access and Firewall as a Service as standard features even at affordable pricing. Recent enhancements to the iboss SSE platform include new data loss prevention functionality and integrations with CrowdStrike and SentinelOne.
A longtime player in application security categories such as web application firewall and DDoS protection, Imperva has expanded into emerging segments of the market, such as API security, while also bringing a growing focus on other related categories such as data security.
Lookout’s security service edge platform brings a major focus on data security capabilities. That includes offering a unified vantage point for protecting data across environments via its zero-trust framework.
Menlo Security unveiled new capabilities for preventing threats that are especially evasive to security controls with the debut of its HEAT Shield and HEAT Visibility products. The new products aim to thwart highly evasive, browser-based threats with the help of AI and machine learning advancements.
Netskope recently unveiled a set of new AI and machine learning capabilities—available across the products that make up its secure access service edge platform—focused around offering improved data protection and threat detection. The company also recently introduced Endpoint SD-WAN, which can provide organizations with a software option for secure SD-WAN connectivity from laptops and other endpoint devices.
Connected device security firm Ordr recently launched a new version of its platform with updates including improved visibility into vulnerabilities and devices, as well as enhanced automation to enable a faster process for securing devices.
Palo Alto Networks
In March, Palo Alto Networks unveiled a set of new features for its Prisma SASE platform, focused around AI and automation. The capabilities include AIOps that is natively integrated in order to bring greater automation to IT operations. Other updates have included enhancements to SD-WAN, including improved visibility through the Prisma SD-WAN Command Center, as well as integrated IoT security.
Skyhigh Security, formerly the security service edge business of McAfee Enterprise, recently unveiled a number of new and improved capabilities for data security. Among the updates was a speed upgrade for the platform’s exact data match capabilities, the addition of remote browser isolation and the introduction of unified data protection for Microsoft 365 users.
Within the realm of secure access service edge, SonicWall’s Cloud Edge Secure Access offering provides secure Network as a service, including through zero-trust network access. The offering provides policy-based security through defining user access to each specific network, the company said.
Sophos SASE utilizes the Sophos Central unified console to set policies that will apply to all environments. The company’s Secure Access portfolio includes zero-trust network access as well as the Sophos SD-RED remote edge device for enabling secure connectivity across locations, including to remote locations or IoT devices.
WatchGuard has transformed itself from a vendor focused on network security to a provider of a unified security platform. The WatchGuard platform now spans identity and endpoint protection as well as secure wireless access points, in addition to its core network security capabilities.
Xage Security recently debuted a new multilayer identity and access management offering that it called an “industry first,” with its ability to secure “every layer” of OT and industrial control system environments. The offering prevents compromise of critical infrastructure even when attackers have obtained privileged credentials, the company said.
Recent updates from security service edge heavyweight Zscaler included the introduction of Zero Trust Branch Connectivity, which offers improved security and easier management for connectivity to branch locations. Meanwhile, in February, the company launched Zscaler Resilience, which includes disaster recovery capabilities that allow customer operations to directly connect to Zscaler’s Private Service Edge in the event of a serious incident.