Key suppliers of zero trust security products for applications, including application inventory, application data flow/dependency mapping, application monitoring, least privilege access to data, secrets management, and API gateways.
Applications garner a great deal of attention within zero trust (ZT) and cybersecurity strategy as a whole. Applications – especially proprietary applications that help an organization to build competitive advantage – represent critical IP and need to be protected via the ZT framework.
Applications also represent the point at which security is visible to the business as a whole, because all internal users (and in many organizations, external users such as suppliers, customers, and other stakeholders) rely on applications to access and work with needed data. This visibility significantly raises the stakes for the security organization.
Users who find security measures overly restrictive will look for shadow IT workarounds, which increase overall organizational IT costs while decreasing visibility into potential vulnerabilities and threats. Measures that imperil critical business processes – for example, a security control that prevents a single quarter-end deal from being processed – will destroy months’ worth of goodwill generated by frictionless ZT security approaches.
A second complicating factor with applications is that they tend to enter the organization from two distinctly different sources. Every major business uses a mix of commercial off-the-shelf software (COTS) and internally developed software, which in today’s industry, is the product of a DevOps “software supply chain.” Security professionals need to deploy technologies and management practices capable of addressing both sources.
In analyzing applications technologies and capabilities required for zero trust success, Stratascale SMEs highlighted six key categories:
The Stratascale team assessed 153 vendors to identify those who provide a starting point for firms looking to enhance infrastructure security as part of a broader ZT strategy. Across the six categories, we identified 45 vendors who were either:
Stratascale’s cross-functional group of security and networking experts contributing to these reports included:
To access one of the Zero Trust Vendors to Watch, Know, Understand: ZT Applications reports, please click on the linked titles:
Please note that no recommendation or warranty is implied by the inclusion of any vendor within these reports.