10 Hot SASE Companies To Watch In 2021

Secure Access Service Edge (SASE) has taken the industry by storm as users, devices, applications, services and data rapidly shift out of the data center. Here’s a look at 10 SASE companies fighting for dominance.

Securing The Future

Secure Access Service Edge, or SASE, has taken the industry by storm since Gartner debuted the phrase in an August 2019 report, with cybersecurity vendors creating new leadership roles and carrying out major acquisitions to strengthen their position around these emerging technologies.

SASE combines wide area networking, or WAN, with network security functions like secure web gateway (SWG), cloud access security broker (CASB), firewall as a service (FWaaS) and zero-trust network access (ZTNA) to support the dynamic secure access needs of businesses. SASE tools can identify sensitive data or malware, decrypt content at line speed, and continuously monitor sessions for risk and trust levels.

The SASE market crosses previously disparate technologies and demands that vendors be able to deliver these capabilities through the cloud on an as-a-Service basis. It is intended to address the security and networking needs of tomorrow as users, devices, application, services and data rapidly shift outside the enterprise data center.

From networking, virtualization and firewall giants to SD-WAN, cloud and web security upstarts, here’s a look at 10 SASE companies fighting for the dominant position in this burgeoning market.

Cato Networks

Cato Cloud brings together SD-WAN, a global private backbone, a full network security stack, and seamless support for cloud resources and mobile devices. Customers can easily connect physical locations, cloud resources, and mobile users to Cato Cloud, and IT teams immediately benefit from the agility of a unified network and security service managed through a single, self-service console.

The Tel Aviv, Israel-based company said it’s delivering the world’s first SASE platform through a globally distributed cloud service that provides enterprise network and security capabilities to all edges. Cato enables IT teams to deliver optimized networking and powerful security to all sites, applications, and users regardless of location, and has made the provisioning of new resources fast and simple.

Cato’s converged software stack maximizes visibility into network traffic and security events, allowing IT professionals to configure and enforce corporate policies across the business from a single interface. The company ensures the service is up-to-date and ready to optimize and secure all customer network traffic everywhere, relieving IT teams of the grunt work of maintaining the infrastructure.


Cisco‘s approach to SASE combines leading network and security functionality in a single, cloud-native service to help secure access wherever users and applications reside. The company’s global cloud infrastructure delivers best-in-class networking and security capabilities to provide a simple, flexible and scalable offering that streamlines policy creation and management and secures all users and devices.

The San Jose, Calif.-based networking giant said Cisco SD-WAN powered by Viptela connects any user to any application with integrated capabilities for multicloud, security, unified communications, and application optimization. And SD-WAN powered by Meraki delivers a high-quality user experience through advanced analytics with machine learning, smart path selection, and integrated security.

Cisco Umbrella secures internet access and cloud applications across an organization’s network, branch offices, and roaming users, and has added secure web gateway, firewall as-a-service and CASB capabilities over the past 18 months. And Secure Access by Duo safeguards access to all users, devices, and applications so businesses can stay focused on what they do best.


Forcepoint takes SASE even further by combining true enterprise-class data loss prevention with secure access and advanced threat protection so that users can work anywhere safely and efficiently. The firm’s Dynamic Edge Protection tool delivers web, cloud and data security as a single service, remote access to private applications without VPNs, and risk-based protection for personalized, automated security.

Forcepoint Cloud Security Gateway reduces risks and prevents data loss, allowing employees to use web and cloud apps from more places than ever before while automatically protecting roaming users. Forcepoint Private Access, meanwhile, give remote users true Zero Trust Network Access (ZTNA) to apps in their data centers and virtual private clouds without the complexity, bottlenecks and risks of VPNs.

The Austin-based data protection vendor said its data-centric SASE security-as-a-service seamlessly enforces policies wherever it makes sense, whether that’s in the cloud or locally at sites with special data sovereignty needs. The offering makes it possible for organizations to see what’s happening in near real-time or automatically send activity logs to their SIEM for their own analysis.


Fortinet’s SASE offering ensures security can be delivered to remote off-net users, solving the scalability and infrastructure challenges of remote and mobile workforces. The Sunnyvale, Calif.-based platform security vendor said its SASE offering leverages the Fortinet Network Firewall and Secure Web Gateway (SWG) to provide enterprise organizations with unapparelled multi-layer security for remote users.

FortiSASE is a highly scalable cloud-delivered security as a service that enables flexible, anytime and anywhere secure access for remote users. Leveraging FortiOS and the Fortinet Security Fabric, FortiSASE also provides frictionless orchestration between cloud-delivered next-generation firewalls, web security, intrusion prevention systems, Domain Name Systems (DNS) and sandboxing.

Unlike many SASE vendors who rely on public cloud providers instead of investing in their own global network, Fortinet’s offering is delivered on the company’s own highly elastic multi-tenant cloud architecture. This make it possible for Fortinet to deliver the complete promise of SASE with the flexibility and consumption model that the modern enterprise demands.


McAfee MVision Unified Cloud Edge enables consistent data and threat protection controls from device to cloud by converging cloud access security broker (CASB), secure web gateway (SWG) and data loss prevention (DLP) tools into a single offering. These technologies work together to protect data from device to cloud and to prevent cloud-native breach attempts that are invisible to the corporate network.

The San Jose, Calif.-based platform security vendor delivers a ubiquitous, fast, reliable and secure SASE experience thanks to its blazing fast, low latency, always-on Hyperscale Service Edge, as well as certified integration with the direct-to-cloud network functionality of industry-leading SD-WAN tools. The tool protects remote sites with SD-WAN by using industry standard Dynamic IPSec and GRE protocols.

This creates a secure environment for the adoption of cloud services and enablement of access to the cloud from any device for ultimate workforce productivity. MVision Unified Cloud Edge also minimizes inefficient traffic backhauling with intelligent, efficient and secure direct-to-cloud access, allowing users to enjoy low latency and unlimited scalability with a global cloud footprint and cloud-native design.


Embracing a SASE architecture, NewEdge is the world’s largest, highest-performing security private cloud and powers the real-time, inline security services of the Netskope Security Cloud allowing security to be deployed at the edge where and when it’s needed. NewEdge enables next-generation Secure Web Gateway, Cloud Access Security Broker, Data Loss Prevention, Zero Trust Network Access offerings.

NewEdge’s converged approach to networking and security delivers on Netskope’s SASE vision by accelerating digital transformation and embracing the cloud and increasingly mobile workforce. The Santa Clara, Calif.-based company’s Security Cloud Platform’s single console and single architecture provides unified policy definition across SaaS, IaaS and the web with cloud performance and scale.

By taking full control over routing, peering and data center location decisions, NewEdge achieves the lowest possible latency and round-trip times for web, cloud & software-as-a-Service (SaaS) access. NewEdge deploys full compute at every service point for real time, inline processing designed to scale to achieve more than two terabits per second at every data center, ensuring no performance trade-offs.

Palo Alto Networks

Palo Alto Networks’ Prisma Access allows organizations to confidently embrace a cloud-first approach for networking and security by seamlessly connecting and securing mobile users, branch offices and retail locations. The Santa Clara, Calif.-based platform security vendor delivers protection from more than 100 locations in 76 countries around the world through a uniform, cloud-based infrastructure.

The platform’s use cases include: firewall as a service to protect branch offices from threats; a cloud-based secure web gateway designed to provide visibility and control for web-based traffic; zero trust network access with encrypted application access, authentication, policy management and threat detection; and cloud access security broker to determine access levels for sensitive information.

Prisma Access offers comprehensive security services including advanced threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, data loss prevention and next-generation firewall policies. The platform always makes it possible for organizations to enforce the same policies with consistent security and networking for all their applications.

Versa Networks

Versa SASE (Secure Access Service Edge) combines networking and network security and delivers this on-premises, in the cloud, or in combination depending on business and IT requirements. The platform provides cloud-delivered networking and network security via a distributed system of Versa Cloud Gateways while enforcing consistent, unified, and global policies across cloud and on-premises sites.

The San Jose, Calif.-based company’s platform extends Versa Secure SD-WAN from an organization’s premises to the cloud and to the front doorstep of cloud services, SaaS and cloud resources around the world. Versa SASE includes SD-WAN, comprehensive integrated security, advanced scalable routing, zero trust network access, secure web gateway, firewall-as-a-service, CASB, and encryption and decryption.

Versa SASE applies policies, services, and capabilities based on the identity of users and devices while incorporating policies and assessing both the risk and trust profile in real-time during each session. Configuration and management of Versa SASE is performed via a single pane of glass to apply global policies, configurations, and profiles consistently across both on-premises and cloud instances.


The cloud-native VMware SASE architecture combines VMware’s SD-WAN Gateways, the VMware Secure Access zero trust network access tool, the VMware NSX next-gen firewall, secure web gateway and cloud security access broker offerings. These networking and security services can be delivered in an intrinsic or sequenced manner to branch edges, mobile users, campuses, and IoT devices.

VMware’s SASE architecture allows companies to adopt an enterprise-wide cloud strategy, scale new operating models, migrate workloads to cloud easily and access multi-cloud applications and resources with confidence. The Palo Alto, Calif.-based company can protect distributed users and applications against internal and external threats from all levels, including network, application, data and user.

The platform provides assured, reliable application delivery to mobile clients, branches, and campuses, even under unfavorable network conditions, according to VMware. The company’s SASE architecture allows organizations to build and scale a new global WAN to support digital transformation strategy, with greater agility and operational simplicity.


The Zscaler Cloud Security Platform is a SASE service built from the ground up for performance and scalability. As a globally distributed platform, users are always a short hop to their applications, and through peering with hundreds of partners in major internet exchanges around the world, the San Jose, Calif.-based cloud security vendor provides optimal performance and reliability for users.

The Zscaler SASE architecture helps accelerate cloud adoption by removing network and security friction, consolidating and simplifying IT services, and eliminating the need for device management. The Zscaler platform globally peers at the edge with leading application and service providers and optimizes traffic routing to provide the best user experience.

As a fully cloud-delivered service, Zscaler provides native app segmentation by using business policies to connect an authenticated user to an authorized app without bringing the user on the network. Adversaries can’t attack what they can’t see, which is why the Zscaler architecture hides source identities by obfuscating their IP addresses and avoids exposing the corporate network to the internet.