Dissecting Gartner’s new Security Service Edge Magic Quadrant

This syndicated post originally appeared at Zeus Kerravala – SiliconANGLE.

Market researcher Gartner Inc. released its 2023 Magic Quadrant for Security Service Edge earlier this month, shining a light on the leaders, and laggards, in the growing cybersecurity segment.

For those not familiar with SSE, Gartner provides the following definition: “SSE secures access to the web, cloud services and private applications regardless of the location of the user or the device they are using or where that application is hosted. It also provides enhanced security, and visibility for the software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) environments accessed by the end users.”

A simplified definition is that SSE provides cloud-resident security, which decouples the capabilities from a physical location. This makes it much easier to secure remote workers, which is important in the hybrid work area.

One notable point in the Gartner definition is the inclusion of visibility or digital experience management, which hasn’t historically been part of security. IT leaders have been laser-focused on employee and customer experience and the ability to monitor the performance of apps is critical today. A security platform is ideally suited to provide visibility as it sees every packet that traverses the network and can infer application and user experience.

One of the reasons I was looking forward to this MQ is that SSE is a relatively new market and has no “de facto standard” leader. Gartner published its first SSE MQ last year and then recently updated it, so I was curious to see the movement of the vendors. Below are my takeaways from the most recent MQ.

  • Skyhigh Security (formerly McAfee Enterprise) drops out of the leaders quadrant. Being in the leaders quadrant and dropping out is always a surprise, but this one was easy to predict. In 2022, McAfee was taken private and private equity firms typically focus on streamlining operations and cost-cutting versus innovation. Also, the company has been split in two, with the cloud business becoming Skyhigh and the endpoint group renamed Trellix. This type of activity can disrupt an organization, which was reflected in the quadrant. Although Skyhigh/McAfee moved down slightly in vision, it was its ability to execute that caused it no longer to be a leader. One critical point to note is that the term “ability to execute” is a bit of a misnomer since from my observation, Gartner is measuring execution momentum more than ability to execute, so if the business does slow down, that causes a drop in that axis. Skyhigh has brought in new leadership, including Chief Executive Gee Rittenhouse, who came from Cisco Systems Inc. to right the ship, but this is a fast-moving industry, so Rittenhouse will need to move fast.
  • Versa Networks exits the MQ. In 2022, Versa ranked low in the niche category and this year was dropped. The only explanation Gartner provided was that “it did not meet the MMI requirement,” with MMI defined as Gartner’s market momentum index. I have no idea how this is calculated but believe Versa should have remained in the document about where it was last year.
  • Palo Alto Networks jumps into the leaders quadrant. Palo Alto has been the industry’s dominant firewall vendor but has rapidly been building a strong SSE portfolio through acquisitions. The MQ highlights a number of new features including integration with Prisma SD-WAN and updates to the explicit proxy and its ZTNA component. Palo Alto also purchased Crusoe Security for remote browser isolation, which has yet to be integrated into Prisma Access. Gartner also notes complex licensing, which is a byproduct of growth through acquisition. However, Palo Alto is financially strong and I expect to see it continue to be a leader.
  • Cloudflare gets added to the MQ. Given Cloudflare is nearing a billion in revenue, it was a bit of a surprise they were not in the first MQ but the company was late to SSE. In the past year, Cloudflare has added API visibility via the acquisition of Vectrix Security, an email security company, and Area 1 Security and released clientless web isolation and SSH command logging. Its relative immaturity in the space and the fact that the majority of sales are SMBs kept the company in the niche category.
  • Cisco remains an SSE enigma. The largest networking company in the world and one of the biggest security vendors by revenue remained in the challengers quadrant – which is where it should be right now. The company has great capabilities but they are delivered through different products such as Umbrella, Secure Connect, Duo, Meraki and ThousandEyes. From my conversations with Cisco, integration across its products and simplification are top priorities. Some evidence of this can be seen with the Meraki-Catalyst integration as well as ThousandEyes and AppDynamics. Rumor has it that Cisco is planning something big in the area of SSE for the upcoming RSA show. In my conversations with the new security leadership, they seem well aware of the disjointed nature of the products so I’m anticipating something big. If Cisco can simplify its approach and integrate products better, I would expect it to make a move into the leaders quadrant.
  • Zscaler moves up in the leaders quadrant. This shouldn’t be a surprise as Zscaler has been an MQ leader for 12 years (10 for SWG and both years the SSE MQ has existed). Looking back at the rise of SSE, Zscaler pioneered SSE and legitimized cloud-delivered security and was the first SSE vendor to introduce digital experience monitoring. Gartner highlights strong revenue growth, noting that Zscaler continues to grow faster than the market, solid marketing execution, an extensive network with a large number of points of presence as well as an impressive ecosystem of partners. I felt Gartner’s comments of “sales arrogance” and “hard to do business with” aren’t reflective of my interactions with Zscaler customers. It’s also counter to Gartner’s own Peer Insights report, since Zscaler was the only vendor to rank as a “Customers Choice” in all eight SSE categories, which to me means customers generally like Zscaler.
  • Netskope also made a move in the leaders quadrant. Privately held Netskope has certainly shined in the SSE MQ and deservedly so. It and Zscaler have certainly broken away from the pack, although I believe Zscaler’s revenue is still much larger than Netskope’s. Gartner pointed to its lightweight agent and simplified pricing model as strengths of the company, which is consistent with customer feedback I have received. However, I was surprised Netskope moved as much as it did, given some of the cautions Gartner outlined, the biggest of which is that the company does not offer some advanced DEM capabilities, which as I pointed out earlier is now a core component of SSE. It also cited Netskope is one of the most expensive vendors, which could lead to a slowdown in momentum as more vendors round out their capabilities and price becomes a bigger component of decision-making.

One final point to understand about the MQ is that although much of the industry views the MQ as a “stack ranking,” this document explaining the MQ says that’s not the case. Customers should view leaders as leaders versus interpreting more up and more right as “better.” With that being said, congratulations to Netskope, Palo Alto Networks and Zscaler for being in the leaders quadrant.

Given how broad SSE is, though, customers should do their due diligence and weigh the strengths and cautions of each vendor and how it fits into that specific environment.

Author: Zeus Kerravala

Zeus Kerravala is the founder and principal analyst with ZK Research. Kerravala provides a mix of tactical advice to help his clients in the current business climate and long term strategic advice.