Gartner – techtrendfeed.com https://techtrendfeed.com Sat, 14 Jun 2025 12:35:30 +0000 en-US hourly 1 https://wordpress.org/?v=6.7.2 Information transient: Gartner Safety and Danger Administration Summit recap https://techtrendfeed.com/?p=3527 https://techtrendfeed.com/?p=3527#respond Sat, 14 Jun 2025 12:35:30 +0000 https://techtrendfeed.com/?p=3527

The Gartner Safety & Danger Administration Summit happened this week in Nationwide Harbor, Md. Over three days, presenters lined perennial considerations and the business’s hottest matters, together with safety operations heart optimization, AI, CISO technique, AI, third-party threat administration, AI, zero belief and slightly extra AI.

Monday’s keynote kicked off the present with a dialogue round “hyped applied sciences” — ahem, AI — and the way CISOs face the distinctive problem of defending enterprise AI investments whereas concurrently defending organizations from AI dangers.

“Cyberincidents related to explorative expertise at the moment are hitting the underside line, so executives are being attentive to cybersecurity,” mentioned Leigh McMullen, analyst at Gartner. “Changing into college students of hype can actually assist CISOs additional their very own agendas below this scrutiny.”

McMullen and fellow keynote speaker and Gartner analyst Katell Thielemann provided recommendation on how CISOs can do that: be mission-aligned, innovation-ready and change-agile.

Learn extra on the keynote and different Summit shows.

CISOs tasked with making certain AI success and battling AI threat

Of their keynote, McMullen and Thielemann famous that 74% of CEOs consider generative AI (GenAI) will considerably have an effect on their industries, with 84% planning to extend AI investments. On the identical time, 85% of CEOs mentioned cybersecurity is important to development, and 87% of tech leaders are growing cybersecurity funding.

The analysts beneficial CISOs use “mission-aligned transparency” by means of protection-level agreements and outcome-driven metrics to facilitate fact-based conversations round safety investments moderately than fear-driven choices.

McMullen and Thielemann mentioned safety groups ought to develop AI literacy, experiment with AI safety functions and adapt incident response procedures for AI-specific dangers.

Learn the complete story by Alexander Culafi on Darkish Studying.

Agentic AI is on the rise, and so are its dangers

Curiosity in agentic AI is surging regardless of safety considerations. A current Gartner ballot revealed 24% of CIOs and IT leaders have deployed AI brokers, and greater than 50% are researching or experimenting with the expertise.

Agentic AI, which options brokers with “reminiscence” that make choices based mostly on earlier conduct, is being built-in into safety operations facilities (SOCs) to deal with repetitive duties in vulnerability remediation, compliance and menace detection.

Nevertheless, safety specialists warned of serious dangers, together with immediate injections and permission misuse. Wealthy Campagna, senior vice chairman of merchandise at Palo Alto Networks, highlighted considerations about “reminiscence manipulation” assaults, whereas Marla Hay, vice chairman of product administration for safety, privateness and knowledge safety at Salesforce, mentioned the corporate is specializing in implementing zero belief and least privileged entry for AI brokers.

In response, “guardian brokers” are rising to watch different AI brokers, with Gartner predicting they’ll signify 10%-15% of the AI agent market by 2030.

Learn the complete story by Alexander Culafi on Darkish Studying.

One main AI safety worry thwarted — for now

Gartner analyst Peter Firstbrook mentioned throughout his presentation that whereas GenAI is enhancing adversaries’ capabilities, it hasn’t but launched novel assault strategies nor resulted within the anticipated explosion of deepfake threats — but, anyway.

Firstbrook famous that AI considerably aids in malware improvement — for instance, enhancing social engineering schemes and automating assaults — and is now getting used to create new malware, comparable to distant entry Trojans. However up to now, it hasn’t resulted in completely new assault strategies.

Because it stands, AI’s fundamental menace lies in automating and scaling assaults, doubtlessly making them extra worthwhile by means of elevated quantity, although completely new assault strategies stay uncommon.

Learn the complete story by Eric Geller on Cybersecurity Dive.

Code provenance key to stopping provide chain assaults

GitHub director of product administration Jennifer Schelkopf highlighted how code provenance consciousness can stop provide chain assaults, which 45% of organizations will expertise by year-end.

Referencing the SolarWinds and Log4Shell incidents, she emphasised the risks of “implicit belief” in improvement workflows. She beneficial utilizing the Provide-chain Ranges for Software program Artifacts (SLSA) framework, which establishes requirements for software program integrity by means of artifact attestation — documenting what was constructed, its origin, manufacturing technique, creation time and authorization.

Schelkopf additionally mentioned how open supply instruments assist, comparable to Sigstore, which automates signing and verification processes, and OPA Gatekeeper, which enforces insurance policies at deployment. The SLSA framework and open supply instruments create digital paper trails that may have prevented earlier provide chain breaches.

Learn the complete story by Alexander Culafi on Darkish Studying.

AI brokers complement, however do not exchange, people within the SOC

Consultants mentioned how AI is remodeling SOCs whereas emphasizing that human oversight stays important. AI brokers can automate repetitive SOC duties and assist with info searches, code writing and report summarization, however can’t but exchange human experience in understanding distinctive community configurations.

Hammad Rajjoub, director of technical product advertising at Microsoft, predicted fast development, suggesting AI brokers will cause independently inside six months and modify their directions inside two years.

Anton Chuvakin, senior workers safety marketing consultant within the Workplace of the CISO at Google Cloud, and Gartner analyst Pete Shoard cautioned, nevertheless, that AI-generated content material requires human evaluation. Gartner analysis vice chairman Dennis Xu additionally proposed utilizing “brokers to watch brokers” as human oversight turns into more and more difficult.

Learn the complete story by Eric Geller on Cybersecurity Dive.

Columns from Gartner analysts

Editor’s be aware: Our workers used AI instruments to help within the creation of this information transient.

Sharon Shea is govt editor of Informa TechTarget’s SearchSecurity website.

]]> https://techtrendfeed.com/?feed=rss2&p=3527 0 Sophos Named a 2025 Gartner® Peer Insights™ Prospects’ Selection for each Endpoint Safety Platforms and Prolonged Detection and Response https://techtrendfeed.com/?p=3179 https://techtrendfeed.com/?p=3179#respond Wed, 04 Jun 2025 10:05:58 +0000 https://techtrendfeed.com/?p=3179

Delivering world-class safety options is our prime precedence at Sophos. The true measure of our success is the satisfaction and suggestions of the purchasers who depend on our merchandise every single day to guard their organizations. We’re delighted that our consumer suggestions led Sophos to be acknowledged as a Prospects’ Selection vendor within the 2025 Gartner® Peer Insights™ Voice of the Buyer Stories for Endpoint Safety Platforms and Prolonged Detection and Response. This makes Sophos the solely vendor to be named a Prospects’ Selection in each studies, highlighting the excellent, sturdy safety of the Sophos platform.

Within the 2025 Voice of the Buyer for Endpoint Safety Platforms, Sophos obtained a 4.8/5.0 ranking based mostly on 361 evaluations, as of 31 Jan 2025. This marks the 4th consecutive time clients have acknowledged Sophos as a Prospects’ Selection vendor on this market.

The 2025 Voice of the Buyer for Prolonged Detection and Response is that this class’s inaugural report. Sophos is the highest-rated vendor with a 4.8/5.0 ranking and has the most evaluations within the report (257 evaluations, as of 31 Jan 2025). Moreover, Sophos has the very best ranking in all 4 classes overlaying particular elements of the expertise with the seller – clients rated Sophos a 4.9/5.0 in Product Capabilities, Gross sales Expertise, and Deployment Expertise, and a 4.8/5.0 in Help Expertise (based mostly on 257 evaluations as of 31 Jan 2025).

Buyer evaluations

Listed here are some examples of what clients needed to say about Sophos Endpoint and XDR:

  • Sophos Endpoint provides sturdy safety with superior menace detection leveraging AI and deep studying to establish and block malware, ransomware and different assaults.
  • [Sophos Endpoint] may be very mature and provides nice safety towards gentle and heavy safety assaults on our infrastructure.
  • [Sophos Endpoint] merges applied sciences corresponding to deep studying, AI, and endpoint detection & response to offer a holistic endpoint safety software program.
  • Sophos XDR is a next-generation endpoint safety software program that makes use of a mix of superior methods to defend towards all kinds of cyber threats.
  • Sophos XDR makes detecting and responding to threats straightforward. It’s AI-equipped and is quick and correct and we now not have to fret about endpoint threats.
  • The [Sophos XDR] platform employs cutting-edge machine studying fashions to establish and block even zero-day threats and superior persistent threats that conventional signature-based programs would possibly miss.
  • From quick detection to investigating threats and providing superb menace response, Sophos XDR has all of it. Its reliability has saved cyber threats at bay.
  • Sophos XDR is a superb product. This isn’t simply an analytical device that’s serving to us with enhancing our detection and response capabilities as a crew but in addition serving to us with day-to-day IT operations.
    • Buyer Service & Help Affiliate within the IT Providers business, $250M-500M
    • Overview hyperlink

Gartner Peer Insights content material consists of the opinions of particular person finish customers based mostly on their very own experiences, and shouldn’t be construed as statements of reality, nor do they symbolize the views of Gartner or its associates. Gartner doesn’t endorse any vendor, services or products depicted on this content material nor makes any warranties, expressed or implied, with respect to this content material, about its accuracy or completeness, together with any warranties of merchantability or health for a selected goal.

GARTNER is a registered trademark and repair mark of Gartner, Inc. and/or its associates within the U.S. and internationally, PEER INSIGHTS is a registered trademark of Gartner, Inc. and/or its associates and is used herein with permission. All rights reserved.

Gartner, Gartner Peer Insights ‘Voice of the Buyer’: Endpoint Safety Platforms, Peer Contributors, 23 Could 2025
Gartner, Gartner Peer Insights ‘Voice of the Buyer’: Prolonged Detection and Response, Peer Contributors, 23 Could 2025

 

]]> https://techtrendfeed.com/?feed=rss2&p=3179 0 Zscaler, Netskope, Palo Alto High SSE Gartner Magic Quadrant https://techtrendfeed.com/?p=3084 https://techtrendfeed.com/?p=3084#respond Sun, 01 Jun 2025 17:10:35 +0000 https://techtrendfeed.com/?p=3084

Cloud Entry Safety Brokers (CASB)
,
Knowledge Loss Prevention (DLP)
,
Knowledge Safety

Gartner: Safety Service Edge Market Is Experiencing Evolution, Not Revolution

Michael Novinson (MichaelNovinson) •
Could 30, 2025    

Zscaler, Netskope, Palo Alto Top SSE Gartner Magic Quadrant

Pure-play safety service edge specialists Zscaler and Netskope have been as soon as once more joined by platform behemoth Palo Alto Networks atop Gartner’s rankings of SSE distributors.

See Additionally: Securing Knowledge within the AI Period

The SSE market is experiencing evolution relatively than revolution, with commoditization prevalent in legacy safety applied sciences like safe net gateways and 0 belief community entry attributable to their maturity and widespread performance, mentioned VP Analyst Charlie Winckless. Differentiation now happens on the edge, he mentioned, significantly for SaaS utility assist, DEM and superior information safety use instances (see: Netskope, Zscaler, Palo Alto Lead SSE Gartner Magic Quadrant)

“The commoditization, to some extent, is as a result of these are comparatively previous markets,” Winckless advised Data Safety Media Group. “It is a lengthy established, comparatively mature market the place we have seen some modifications. There could be customization there, and they’re doing a adequate job for a lot of enterprises throughout these areas. Extra difficult use instances, extra difficult wants, might drive it.”

Most enterprise wants round safe net gateway and 0 belief community entry can now be met by a variety of distributors providing near-identical capabilities. These applied sciences have been round for many years, Winckless mentioned. Cloud entry safety dealer stands out barely since its integration with SaaS APIs and assist for posture administration and superior information loss prevention introduces use instances that are not as simply standardized, Winckless mentioned.

“There may be much less commoditization, actually, in CASB, as a result of CASB does drive a little bit bit extra the sting use instances equivalent to API integrations, posture administration and superior information safety features which can or might not be helpful to that many organizations,” Winckless mentioned.

As core capabilities turn into commoditized, differentiation shifts to how distributors deal with SaaS purposes and digital expertise administration, with companies that assist a handful of APIs struggling to compete towards these providing sturdy integrations with dozens of SaaS platforms. Superior SSE choices tackle inline information encryption, context-aware information loss prevention and configuration audits of main SaaS instruments, Winckless mentioned.

“The power to not simply have a look at information safety and sharing in SaaS over API, however the configuration of huge and customary SaaS purposes to search for widespread vulnerabilities and the interconnection of SaaS purposes to the SSE are some widespread differentiations there,” Winckless mentioned.

The power of SSE platforms to function enforcement factors between customers and purposes permits them to watch and filter information going into generative AI instruments, in response to Winckless. Via applied sciences like inline CASB and safe net gateways, Winckless mentioned enterprises can limit entry to dangerous generative AI instruments and implement insurance policies that forestall customers from importing delicate or regulated information.

“The power to proxy, management and handle information to these purposes and – as we have a look at the extra superior instruments – perceive immediate responses is an effective way to say, ‘Please do not put up proprietary code into this basic goal AI app to ask the right way to make it higher,'” Winckless mentioned.

Distributors are converging SSE and software-defined vast space community choices into unified SASE platforms, whereas clients -especially SMEs – are displaying elevated willingness to buy each from a single supplier, Winckless mentioned. Over time, Winckless mentioned even giant enterprises are shifting towards fewer vendor relationships, motivated by diminished complexity, value effectivity and operational cohesion.

“The very giant organizations most likely have very separate groups, however as these groups come collectively a little bit extra, the adoption, the simplification and the acceleration turn into beneficial,” Winckless mentioned.

The enduring management of Zscaler, Netskope, and Palo Alto Networks is not any accident, Winckless mentioned, since these distributors embraced cloud-delivered safety early, invested closely in platform unification and stay attentive to evolving buyer wants. These distributors not solely constructed robust characteristic units, he mentioned, but additionally mastered the operational, advertising and gross sales execution required to scale globally.

“They have been attentive to the market and have adopted it over an prolonged time frame, and so they’ve continued to consolidate and develop their platform,” Winckless mentioned.

From a completeness of imaginative and prescient perspective, Gartner as soon as once more gave Netskope the gold, with Zscaler climbing from third final yr to second this yr and Palo Alto Networks dropping from second final yr to 3rd this yr. So far as execution capability is anxious, Zscaler leapfrogged from third final yr to first this yr, whereas Netskope fell from first to second and Palo Alto Networks fell from second to 3rd.

Outdoors of the leaders, here is how Gartner sees the safety service edge market:

  • Challenger: Fortinet;

  • Area of interest Gamers: Cloudflare, Skyhigh Safety, Versa Networks, iboss, Broadcom;

  • Honorable Mentions: Test Level Software program, Cisco Programs, HPE, Lookout, Microsoft.

Zscaler Unifies Siloed SSE Choices Into Single Platform

Zscaler has targeted on unifying its traditionally siloed choices round web safety, personal entry and cloud networking right into a single SaaS-based platform attributable to a change in buyer wants, mentioned Dhawal Sharma, govt vp of product technique. As networking and safety groups more and more collaborate, Sharma mentioned the demand for unified coverage administration, console and providers has elevated.

A serious funding space has been information safety, the place Sharma mentioned Zscaler is evolving past conventional DLP right into a complete platform that features endpoint, electronic mail, cloud and AI-based information controls. Sharma emphasised that Zscaler’s insurance policies are extensible, permitting constant enforcement throughout numerous information channels, boosting each administration simplicity and safety robustness (see: How Purple Canary Acquisition Will Fortify Zscaler’s MDR Muscle).

“Since we’re constructed as a floor up multi-tenant SaaS service, it was very straightforward for us to deliver that collectively, however we didn’t, as a result of there was not a powerful demand for it,” Sharma advised ISMG. “However as this framework – SSE and SASE – got here out, the necessity to have a unified expertise grew to become essential. So we introduced unified expertise as a part of the market.”

Gartner chided Zscaler for efficiency points, being one of the crucial costly distributors out there and detracting from SSE by diversifying into safety operations. Sharma mentioned pricing and licensing have been simplified, efficiency points typically stem from misconfigurations on the consumer aspect and the transfer into safety operations is an growth alternative relatively than a distraction from core performance.

“We’re the one SSE supplier, as we converse, which has additionally rolled out in enterprise continuity and catastrophe restoration service for our SSE platform, which none of our opponents do,” Sharma mentioned.

Netskope Buys a DSPM Startup, Builds Enterprise Browser Instrument

Netskope has over the previous yr launched a unified CASB module that improves utility discovery and may successfully establish and handle SaaS purposes, mentioned Robert Arandjelovic, senior director and head of world product and options advertising. The corporate purchased DSPM startup Dasera to enhance its information discovery and safety capabilities throughout cloud, on-premises and hybrid environments.

The Netskope One Enterprise Browser extends entry to SSE infrastructure and is designed for environments the place customers entry company belongings with out a managed system, Arandjelovic mentioned. Netskope has licensed its core DLP expertise to be embedded into third-party purposes, enhancing the safety of beforehand inaccessible information sources and enriching its DSPM toolbox (see: Netskope Purchases Dasera to Strengthen Cloud Knowledge Safety).

“We’re very well-known for our utility discovery and SaaS safety capabilities, and an enormous piece of that’s all the time to permit plenty of the AI and ML applied sciences we use to assist speed up that course of for enterprises,” Arandjelovic advised ISMG.

Gartner chided Netskope for not focusing on the midmarket successfully, providing its console solely in English and being gradual to introduce new superior options like digital expertise administration. Arandjelovic mentioned Netskope is simplifying merchandise and debuting a devoted mid-market gross sales drive, prioritizes high quality and integration over velocity and sees console language limitation as widespread throughout the trade.

“I could make a Bolognese sauce in 20 minutes,” Arandjelovic mentioned. “The Italian grandma goes to make one in three hours. However you inform me which one is healthier. That is type of our strategy.”

Palo Alto Networks Takes on Browser, Knowledge, Risk Prevention

Palo Alto Networks has invested in real-time browser-based safety, AI-driven information safety and broad menace prevention through enhanced telemetry, mentioned Vice President of Prisma SASE Anupam Upadhyaya. The corporate defends towards browser-based threats and makes use of the browser as an inspection and telemetry device to handle shifts in person conduct and utility entry patterns, Upadhyaya mentioned.

The corporate makes use of AI to enhance information discovery and insider menace mitigation, significantly amid the explosion of knowledge from SaaS and AI purposes, and may see delicate information that lives outdoors sanctioned or monitored environments, Upadhyaya mentioned. The agency can preempt insider threats and automate breach prevention utilizing sample recognition and behavioral analytics powered by its menace intelligence (see: Strengthening AI Safety With Platform Technique).

“We have now spent plenty of time ensuring that we’re defending clients towards assaults which might be delivered within the browser, which could be tougher to detect within the community,” Upadhyaya advised ISMG. “We additionally use the browser to our benefit to supply safety for purposes that could be laborious to decrypt due to enterprise or expertise causes.”

Gartner chided Palo Alto Networks for advanced pricing, providing primarily English-speaking tech assist, and addressing a slim set of use instances with enterprise browsers. Upadhyaya mentioned Palo Alto Networks launched site-based licensing to summary away bandwidth allocation logistics between branches and cloud providers and has seen rising adoption and profitable enterprise browser deployments.

“We have now undoubtedly moved to a web site licensing mannequin, the place you purchase bandwidth simply as soon as and we maintain spreading it throughout completely different websites and allocating to the SSE,” Upadhyaya mentioned. “So hopefully with that simplification, we’ll see clients and analysts responding a bit extra positively to our packages.”



]]> https://techtrendfeed.com/?feed=rss2&p=3084 0