Facing AI-powered threats, CISOs consolidate around single-vendor SASE

Buyers, together with enterprise capitalists (VCs), are betting $359 million that safe entry service edge (SASE) will grow to be a major consolidator of enterprise safety tech stacks.

Cato Community’s oversubscribed Collection G spherical final week demonstrates that traders view SASE as able to driving important consolidation throughout its core and adjoining markets. Now valued at $4.8 billion, Cato not too long ago reported 46% year-over-year (YoY) growth in annual recurring income (ARR) for 2024, outpacing the SASE market. Cato will use the funding to advance AI-driven safety, speed up innovation throughout SASE, prolonged detection and response (XDR), zero belief community entry (ZTNA), SD-WAN, and IoT/OT, and strengthen its international attain by scaling associate and customer-facing groups.

Gartner tasks the SASE market will develop at a compound annual progress fee (CAGR) of 26%, reaching $28.5 billion by 2028.

The implied, actual message is that SASE will do to safety stacks what cloud computing did to knowledge facilities: Consolidate dozens of level options into unified platforms. Gartner’s newest forecast for worldwide SASE exhibits organizations favoring a dual-vendor method, shifting from a 4:1 ratio to 2:1 by 2028, one other strong sign that consolidation is on the best way.

Cashing in on consolidation

Consolidating tech stacks as a progress technique will not be a brand new method in cybersecurity, or in broader enterprise software program. Cloud-native software safety platform (CNAPP) and XDR platforms have relied on promoting consolidation for years. Buyers main Cato’s newest spherical are basing their funding thesis on the confirmed dynamic that CISOs are all the time searching for methods to scale back the variety of apps to enhance visibility and decrease upkeep prices. 

VentureBeat usually hears from CISOs that complexity is without doubt one of the best enemies of safety. Software sprawl is killing the power to attain step-wise effectivity features. Whereas CISOs need higher simplicity and are prepared to drive higher consolidation, many have inherited inordinately complicated and high-cost legacy expertise stacks, full with a big base of instruments and functions for managing networks and safety concurrently.

Nikesh Arora, Palo Alto Networks chairman and CEO, acknowledged the affect of consolidations, saying not too long ago: “Clients are literally onto it. They need consolidation as a result of they’re present process three of the most important transformations ever: A community safety transformation and a cloud transformation, and lots of of them are unaware … they’re about to undergo a safety operations middle transformation.”

A recent study by IBM in collaboration with Palo Alto Networks discovered that the typical group has 83 totally different safety options from 29 distributors. The vast majority of executives (52%) say complexity is the most important obstacle to safety operations, and it might value as much as 5% of income. Misconfigurations are frequent, making it troublesome and time-consuming to troubleshoot safety gaps. Consolidating cybersecurity merchandise reduces complexity, streamlines the variety of apps and improves total effectivity.

With regards to capitalizing on consolidation in a given market, timing is essential. Adversaries are well-known for mining legacy CVEs and launching living off the land (LOTL) assaults by utilizing customary instruments to breach and penetrate networks. Multivendor safety architectures usually have gaps that IT and safety groups are unaware of till an intrusion try or breach happens because of the complexity of multicloud, proprietary app, and platform integrations.

Enterprises lose the power to guard the proliferating variety of ephemeral identities, together with Kubernetes containers and machine and human identities, as each endpoint and gadget is assigned. Closing the gaps in infrastructure, app, cloud, identification and community safety fuels consolidation.  

What CISOs are saying

Steward Well being CISO Esmond Kane advises: “Perceive that — at its core — SASE is zero belief. We’re speaking about identification, authentication, entry management and privilege. Begin there after which construct out.”

Legacy community architectures are famend for poor person experiences and vast safety gaps. In accordance with Hughes’  2025 State of Secure Network Access Report, 45% of senior IT and safety leaders undertake SASE to consolidate SD-WAN and safety right into a unified platform. The vast majority of organizations, 75%, are pursuing vendor consolidation, up from 29% simply three years in the past. CISOs consider consolidating their tech stacks will assist them keep away from lacking threats (57%) and scale back the necessity to discover certified safety specialists (56%).

“SASE is an existential risk to all appliance-based community safety firms,” Shlomo Kramer, Cato’s CEO, advised VentureBeat. “The overwhelming majority of the market goes to be refactored from home equipment to cloud service, which implies SASE [is going to be] 80% of the market.”

A basic architectural transformation is driving that shift. SASE converges historically siloed networking and safety features right into a single, cloud-native service edge. It combines SD-WAN with important safety capabilities, together with safe net gateway (SWG), cloud entry safety dealer (CASB) and ZTNA to implement coverage and shield knowledge no matter the place customers or workloads reside.

Gartner’s 2024 Magic Quadrant for single-vendor SASE positions Cato Networks, Palo Alto Networks, and Netskope as Leaders, reflecting their maturity, unified platforms and suitability for enterprise-wide deployments.

Why vendor consolidation is reshaping enterprise safety technique

Single-vendor SASE has grow to be a strategic consideration for safety and infrastructure leaders. In accordance with Gartner, 65% of recent SD-WAN purchases shall be a part of a single-vendor SASE deployment by 2027, up from 20% in 2024. This projected progress displays a broader shift towards unified platforms that scale back coverage fragmentation and enhance visibility throughout customers, units and functions.

In its Magic Quadrant for Single Vendor SASE, Gartner recognized Cato Networks, Palo Alto Networks and Netskope as market leaders primarily based on their differentiated approaches to convergence, person expertise and enterprise-scale deployment fashions.

Cato’s Kramer advised VentureBeat: “There’s a brief window the place firms can keep away from being caught with fragmented architectures. The attackers are shifting sooner than integration groups. That’s the reason convergence wins.”

Numbers again Kramer’s warning. AI-enabled assaults are more and more exploiting the 200-millisecond gaps between software handoffs in multivendor stacks. Each unmanaged connection turns into a threat floor.

SASE leaders in contrast

Cato Networks: The Cato SASE Cloud platform combines SD-WAN, safety service edge (SSE), ZTNA, CASB, and firewall capabilities in a unified structure. Gartner highlights Cato’s “above-average buyer expertise in comparison with different distributors” and notes its “single, easy UI” as a key energy. The report notes that particular capabilities, together with SaaS visibility and on-premises firewalling, are nonetheless maturing. Gartner additionally notes that pricing might fluctuate relying on bandwidth necessities, which might affect the whole value, notably regarding deployment scale. Following its Collection G and 46% ARR progress, Cato has emerged as essentially the most investor-validated pure-play within the area.

Palo Alto Networks: PANW “has robust safety and networking options, delivered by way of a unified platform,” and advantages from “a confirmed observe file on this market, and a large put in base of shoppers,” Gartner notes. Nonetheless, the corporate’s providing is dear in comparison with many of the different distributors. Additionally they flag that the brand new Strata Cloud Supervisor is much less intuitive than its earlier UI.

Netskope: Gartner cites the seller’s “robust characteristic breadth and depth for each networking and safety,” together with a “robust buyer expertise” and “a powerful geographic technique” as a result of localization and knowledge sovereignty assist. On the similar time, the evaluation highlights operational complexity, noting that “directors should use a number of consoles to entry the complete performance of the platform.” Gartner additionally says that Netskope lacks expertise in comparison with different distributors.

Evaluating the main SASE distributors

Vendor	Platform design	Ease of use	AI automation maturity	Pricing readability	Safety scope	Preferrred match
Cato Networks	Totally unified, cloud-native	Glorious	Advancing quickly	Predictable and clear	Finish-to-end native stack	Midmarket and enterprise simplicity seekers
Palo Alto Prisma	Safety-first integration	Average	Mature for safety ops	Larger TCO	Sturdy next-generation firewall (NGFW) and ZTNA	Enterprises already utilizing Palo NGFW
Netskope	Infrastructure management	Average	Enhancing steadily	Clear and structured	Sturdy CASB and knowledge loss prevention (DLP)	Regulated industries and compliance-driven

SASE consolidation indicators enterprise safety’s architectural shift

The SASE consolidation wave reveals how enterprises are basically rethinking safety structure. With AI assaults exploiting integration gaps immediately, single-vendor SASE has grow to be important for each safety and operational effectivity.

The reasoning is simple. Each vendor handoff creates vulnerability. Every integration provides latency. Safety leaders know that unified platforms can assist get rid of these dangers whereas enabling enterprise velocity.

CISOs are more and more demanding a single console, a single agent and unified insurance policies. Multivendor complexity is now a aggressive legal responsibility. SASE consolidation delivers what issues most with fewer distributors, stronger safety and execution at market velocity.