The wait is over: The Forrester Wave™: Zero Trust Platform Providers, Q3 2023, is live!
In 2020, Forrester published The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020. Three years later, many of the capabilities that were once considered “extended” are now core to Zero Trust. Therefore, we dropped the extended and are now focused on the core capabilities needed to enable Zero Trust outcomes.
Even though this research focuses on platforms that deliver Zero Trust capabilities, it’s important to note that no solution or platform makes an organization Zero Trust. Zero Trust is a framework that consists of technology and non-technology pieces.
With that said, the Zero Trust platform (ZTP) segment is well established, with vendors continuing efforts to deliver consolidated capabilities for improved interoperability, integration, and flexibility. Fundamentally, these ZTPs strive to reduce management and implementation complexity for an otherwise disparate security technology architecture.
Forrester defines ZTP as:
A unified offering of core security technologies that serve as the base upon which other security tooling, applications, or processes can be used to enable the Zero Trust model of information security. These platforms deliver a variety of functionalities across the seven Zero Trust domains — data, workload, network, user, device, automation and orchestration, and visibility and analytics. Zero Trust platforms include integrated products from a single vendor’s portfolio and third-party vendor technology integrations to form a Zero Trust technology ecosystem.
This research focused on 28 different criteria to evaluate 14 vendors. The vendors were evaluated for capabilities such as analyst experience, centralized management, and Zero Trust ecosystem. Along the way, each of the vendors briefed me about their solutions and demonstrated their capabilities. I also talked to customer references to get a firsthand account about their experience working with the vendors.
This blog contains some of the observations that stood out to me.
You Can’t Spell Innovation Without AI
Interest in artificial intelligence capabilities has increased over the past couple of years. Vendors are exploring more than just machine learning to help make sense of constantly evolving architectures.
The discussion of AI is not new. In fact, vendors claimed to offer innovative AI long before this report, but most of this was just good machine learning, not true AI. This research, however, revealed that vendors have taken what they’ve learned over the years and are developing AI capabilities to deliver actual task automation, with the eventual goal of accelerating detection and response through actionable telemetry.
As more organizations contend with the impacts of genAI, there will be a growing need for AI-capable solutions that can offset the lack of time and resources needed to combat threats. Leading vendors in this Wave are either developing their own in-house AI capabilities or acquiring them through M&A. For example, one vendor is improving its models to enhance visibility and assist in policy suggestions, while another vendor is acquiring an AI company to add more “engines” that identify malicious behaviors.
There Are Different Flavors For Different Tastes
No two ZTPs are the same. Most came together through varied development paths or via acquisitions. There are areas of overlap, but each offers different functionalities to address different scenarios.
The ability to deploy in different environments is an important capability for ZTPs. Regardless of cloud, virtualized, or on-premises architectures, ZTPs seek to unite core security technologies and serve as the basis for other security tooling, applications, and processes to integrate and enable Zero Trust.
Realistically, most organizations will adopt a more hybrid architecture. This drives the need for more flexibility and freedom to implement and integrate security tooling for both cloud and on-site environments. Of the 26 customer references that participated in this research, none were fully in cloud environments. Those focused on cloud migration still retain some on-prem presence that requires security and protection.
ZTP vendors provide the following deployment modes:
- Virtualized. ZTP vendors provide components of their solutions as software that can be deployed on VMs or containers independently but do not provide bare-metal hardware. This enables admins to control how solutions are deployed, configured, and maintained in public or private clouds and on-premises environments.
- Cloud-native. ZTP vendors, particularly cloud-first ones, provide cloud-native SaaS solutions that can be extended to other public or private cloud and on-premises environments via a proxy or application connector.
- Bare metal. These ZTP vendors recognize the continued need to maintain on-premises architectures, especially in highly restrictive environments. These ZTP vendors give organizations the flexibility to maintain hardware and software components of their solution on-premises to address onsite needs and requirements.
Zero Trust Is Not The Goal — It’s The Means
Security and risk professionals shouldn’t seek to achieve a ZT “end state.” ZT is not a destination but a means for securing systems and data. As my colleague, Jeff Pollard, eloquently states, “Zero Trust is kind of forever — it’s a little bit like diamonds … ” which is the nice way of saying that ZT is continuous.
Rather than creating ZT fatigue, ZTP vendors provide solutions that help S&R pros achieve realistic outcomes around core use cases that will enhance employee experience, technology architecture and delivery, and analyst experience.
Check out the full report here for more detail: The Forrester Wave™: Zero Trust Platform Providers, Q3 2023. Forrester clients seeking their next primary — or secondary — provider to consolidate security tooling and centrally manage it all can schedule an inquiry or guidance session with me for additional insights.
Meet Us At Security & Risk Forum 2023
Want even more information on how to implement Zero Trust or select a Zero Trust platform? Meet me at our upcoming Security & Risk Forum, taking place November 14–15 in Washington, D.C.
We’ll have nine keynotes and 25 track sessions (including sessions on Zero Trust) led by Forrester analysts who will be available for one-on-one meetings during the event, as well. Check out the agenda and register here.