Zero Trust Security platforms
Updated: July 02, 2021
2021. Zero trust unicorn Illumio raises $225M
Illumio, a self-styled zero trust unicorn, has closed a $225 million Series F. Illumio focuses on protecting data centers and cloud networks through something it calls microsegmentation, which it claims makes it easier to manage and guard against potential breaches, as well as to contain a breach if one occurs. This zero trust approach to security — a concept centered on the belief that businesses should not automatically trust anything inside or outside its perimeters — has never been more important for organizations, according to Illumio.
2021. Elisity raises $26M to scale its AI cybersecurity platform
Elisity, a self-styled innovator that provides behavior-based enterprise cybersecurity, has raised $26 million in Series A funding. The platform looks to help organizations transition from legacy access approaches to zero trust, a security model based on maintaining strict access controls and not trusting anyone — even employees — by default, across their entire digital footprint. This enables organizations to adopt a “work-from-anywhere” model, according to the company, which notes that most companies today continue to rely on security and policies based on physical location or low-level networking constructs, such as VLAN, IP and MAC addresses, and VPNs.
2021. Jamf snags zero trust security startup Wandera for $400M
Jamf, the enterprise Apple device management company, announced that it was acquiring Wandera, a zero trust security startup, for $400 million. Using a set of management services for Apple devices, Jamf provides IT at large organizations. It is the leader in the market, and snagging Wandera provides a missing modern security layer for the platform. The combination of Wandera and Jamf will provide our customers a single source platform that handles deployment, application lifecycle management, policies, filtering and security capabilities across all Apple devices while delivering zero trust network access for all mobile workers
2021. Xage introduces Zero Trust remote access cloud solution for hard-to-secure environments
Xage, a security startup that has been building a solution to help protect these hard-to-secure operations, announced a Zero Trust remote access cloud solution. This involves controlling access device by device and person by person by determining who can do what based on them authenticating themselves and proving who they are. It doesn’t rely on knowledge of a device password or a VPN zone password. The solution goes further with a secure traversal tunnel, which relies on a tamper-proof certificate to prevent hackers from getting from the operations side of the house — whether that’s a utility grid, water supply or oil and gas pipeline — to the IT side where they could then begin to muck about with the operational technology.
2021. BeyondID grabs $9M to help clients implement cloud identity
BeyondID, a cloud identity consulting firm, has raised a $9M Series A. The company focuses on helping clients manage security and identity in the cloud, taking aim specifically at Okta customers. In fact, the firm is a platinum partner for Okta. As they describe their goals, they help clients in a variety of areas, including identity and access management, secure app modernization, Zero Trust security, cloud migration and integration services.
2021. Google’s BeyondCorp Enterprise security platform is now generally available
Google announced that BeyondCorp Enterprise, the zero trust security platform modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondCorp Enterprise builds out Google’s existing BeyondCorp Remote Access offering with additional enterprise features. Google describes it as “a zero trust solution that enables secure access with integrated threat and data protection.” As part of BeyondCorp Enterprise, businesses get an end-to-end zero trust solution that includes everything from DDoS protection and phishing-resistant authentication, to the new security features in the Chrome browser and the core continuous authorization features that protect every interaction between users and resources protected by BeyondCorp.
2020. Axis Security raises $32M to help companies stay secure while working from home
Axis Security, that provides secure Access as a Service platform announced a $32 million Series B investment. Axis Security launched last year with the idea of helping customers enable contractors and third parties to remotely access a company’s systems in a safe way, but when the pandemic hit, they saw another use case, one which had been on their road map: helping keep systems secure when employees were working from home. The company’s product uses the notion of Zero Trust, which, as the name suggests, assumes you can’t trust anyone on your system, and work from there. Using a rules-based engine, customers can create a secure environment based on your role.
2020. HPE acquires cloud native security startup Scytale
Hewlett Packard Enterprise has acquired Scytale, a cloud native security startup that is built on the open-source Secure Production Identity Framework for Everyone (SPIFFE) protocol. Specifically, Scytale looks at application-to-application identity and access management, something that is increasingly important as more transactions take place between applications without any human intervention. It’s imperative that the application knows it’s OK to share information with the other application. Thus HPE, that progresses into hybrid, multi-cloud environment management, wants to ensure 100% secure, zero trust systems, that can dynamically identify and authenticate data and applications in real-time.
2019. Google adds new device management and access controls to G Suite
G Suite is getting updates that should help users to keep a lid on both device management and access control. First it’s automatically enabling “basic device management” for each desktop device that accesses G Suite within an organization. In a second update, Google is enabling what it calls “context-aware” access controls for G Suite Enterprise customers based on its “zero trust” security model, sometimes called “BeyondCorp.” The third update today pertains to Google’s G Suite Security Center, which provides analytics services for companies that want to assess any security threats and investigate and take action on any issues that might come up. As of today, security admins can now create automated rules that prompt “remediative actions” or send notifications to the alert center, should certain conditions be met.