The latest edition of our Zero Trust platform vendor evaluation, The Forrester Wave™: Zero Trust Platforms, Q3 2025, published today. It highlights how this market continues to improve upon delivering unified solutions that help simplify and operationalize Zero Trust for organizations. Beginning with The Zero Trust Platforms Landscape, Q1 2025, we researched major players in this market to identify the platform solutions that best serve the alignment of Zero Trust architecture to support security outcomes.

We evaluated 10 vendors in this Wave: Akamai Technologies, Broadcom, Check Point Software Technologies, Cisco, Cloudflare, Fortinet, Microsoft, Palo Alto Networks, Trend Micro, and Zscaler. We evaluated each vendor against three core inputs: a questionnaire for the vendors to complete, executive strategy briefings and demos, and interviews of up to three reference customers. The Wave included scores for 14 current-offering criteria and eight strategy criteria. Read the full report.

Forrester defines Zero Trust platforms as:

A unified set of core security technologies that serve as the foundation to enable the Zero Trust model of information security. These platforms deliver a variety of functionalities across data, workloads, networks, users, and devices, improving automation, orchestration, and visibility for analytics. Zero Trust platforms optimize native, integrated products and third-party integrations to support a cohesive Zero Trust technology ecosystem.

Zero Trust is a foundational security model, now widely embraced across industries. While its value is well understood, the real challenge lies in effectively implementing it. This is especially true for organizations navigating misalignment across various disciplines or business functions in addition to the complex technology landscape.

Many of the vendors in this evaluation have positioned their platform solution as being aligned to Zero Trust. It is important to note, however, that none of these vendors should be viewed as your one-stop shop. Products or platforms don’t deliver Zero Trust by themselves. After all, Zero Trust is a strategy, not a product.

Nevertheless, organizations evaluating Zero Trust platforms to enable their Zero Trust implementation should focus on:

  • Balancing best-of-breed and platform solutions: A hybrid approach, using platforms for core controls and best-of-breed tools for specialized needs, helps avoid excessive complexity or vendor lock-in.
  • Prioritizing integration and data correlation: Strong native and third-party integrations are essential for unified visibility, streamlined policy management, and effective incident response.
  • Understanding AI capabilities: Distinguish between AI-enhanced tools that support human analysts and AI-driven platforms that automate decisions. The right fit depends on an organization’s maturity, risk tolerance, and skill sets.

While the Zero Trust platforms market is established, it’s still maturing. The expansiveness of solutions and the added complexity of new risks or threats, such as the presence of AI agents, makes achieving an advanced Zero Trust architecture more complicated.

Making it difficult to achieve the ideal state, however, is sort of the point. Zero Trust was never meant to be an end state — it’s a continuous journey and a mindset that prioritizes verification over assumption. For this market to mature, it must continue to innovate in areas that will help reduce complexity, ease deployments, and streamline security tasks to ensure that enterprises are future-proofed to defend against tomorrow’s new threats.

For a deeper look into the market, Forrester clients can read the full report, The Forrester Wave™: Zero Trust Platforms, Q3 2025. Check out the results for all 10 vendors, including the specific criteria that differentiated them and why. If you have questions about the changes happening in the Zero Trust platform market, schedule an inquiry or guidance session with me.