Bright is now integrated with GitHub Copilot

Check it out! →
Product
Product overview

See how dev-centric DAST for the enterprise secures your business.

Web attacks

Continuous security testing for web applications at high-scale.

API attacks

Safeguard your APIs no matter how often you deploy.

Business logic attacks

Future-proof your security testing with green-flow exploitation testing.

LLM attacks

Next-gen security testing for LLM & Gen AI powered applications and add-ons.

Interfaces & extensions

Security testing throughout the SDLC - in your team’s native stack.

Integrations

Connecting your security stack & resolution processes seamlessly.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Book a demo

We’ll show you how Bright’s DAST can secure your security posture.

Resources
Blog

Check out or insights & deep dives into the world of security testing.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Case studies

Dive into DAST success stories from Bright customers.

Research

Download whitepapers & research on hot topics in the security field.

Company
About us

Who we are, where we came from, and our Bright vision for the future.

News

Bright news hot off the press.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

We're hiring

Want to join the Bright team? See our open possitions.

Bug bounty

Found a security issue or vulnerability we should hear about? Let us know!

Contact us

Need some help getting started? Looking to collaborate? Talk to us.

Resources > Blog >
What is SASE, where is it going, and why does it matter?

What is SASE, where is it going, and why does it matter?

Akira Brand

Intro

With the COVID-19 pandemic, organizations found themselves facing brand new problems  with security and the cloud— namely, the trouble of securely moving away from data centers and into the cloud, all while protecting the ‘edge’ of their networks in a secure manner. (By edge, I mean the boundary of wherever your network ends — wherever the employees are). The old paradigm of networking in company-specific data centers tied to offices is no longer viable in today’s cloud-based, IoT-heavy, distributed workforce, and as such, SASE was born.

What is SASE

SASE is a framework for a network architecture that bundles cloud-native security technologies and Wide Area Network (WAN) capabilities. Put more simply, it’s the intersection of networking and security in a cloud-based environment. It is not a single technology, but a conglomerate of many different technologies, such as Software-defined WAN (SD-WAN), Cloud Access Security Broker (CASB), NGFW and Firewall-as-a-Service (FWaaS), Zero Trust Network Access (ZTNA), and Secure Web Gateways (SWG).

You can learn more about the different components of SASE here.

Where is SASE going

Gartner’s projections of top trends in infrastructure and operations (IO) puts SASE at the top of the list for a significant impact in 2023. With a total worldwide end-user spending of up to $9.2 billion dollars forecasted, we can see a growing trend of SASE adaptation; up 39% from 2022. There is a significant market for single-vendor SASEs, and while the market is still immature, there are a number of options for single-vendor SASEs.

Dell’Oro group, a market research firm, forecasts that the SASE market will triple by 2026, topping $13 billion. Gartner is even more bullish, predicting that the SASE market will grow at a 36% compound annual growth rate (CAGR) between 2020 and 2025, reaching $14.7 billion by 2025.

Also of note from the Gartner report is a prediction that by 2024, 40% of organizations will have strategies in place to adopt SASE, up from a mere 1% in 2018.

Lastly, there is a movement to standardize SASE. A nonprofit called MEF seeks to lead the way in SASE standardization. From the MEF website, we can see the purpose of the standardization is as follows:

‘MEF’s industry-first SASE standard defines a Secure Access Service Edge (SASE) Service framework and specifies service attributes that need to be agreed upon between a service provider and a subscriber for SASE services, including security functions, policies, and connectivity services. The standard aligns stakeholders on common terminology and service attributes when buying, selling, and delivering SASE services, and makes it easier to interface policy with security functions for cloud-based cybersecurity from anywhere.’ —  https://tinyurl.com/226d8pw2

You can find MEF’s standardization document here.

Why does this matter?

The old paradigm of networking for in-house data centers and in-office employees are dying. In the mad rush to adopt cloud-based services, adequate security tooling is ever more important to protect company assets. Tool consolidation is also becoming an ever more appealing option for organizations, as the ‘bits-and-pieces approach to tooling covered by SASE is quickly becoming overwhelming for customers. With reduced complexity and security being available no matter where the user is, SASE streamlines networking and security for a remote-first world.

Conclusion

SASE, while still in a nascent stage as far as standardization of services, is projected by Gartner and many others to be the networking solution of the future. With significant money to be made, and single-store solutions paving the way for adaptation, SASE deserves a second look from anyone as a promising emerging technology.

Additional Resources

What is SASE (Secure Access Service Edge)? | Versa Networks

SASE is an entire package of technologies that embeds security into the global fabric of the network. Major components…versa-networks.com

Secure access service edge: What is SASE?

The Software-as-a-Service (SaaS) industry is forecast to generate $157 billion by 2022, as more and more organizations…www.polymerhq.io

Invest Implications: ‘The Future of Network Security Is in the Cloud’

What is Gartner research? Gartner research, which includes in-depth proprietary studies, peer and industry best…www.gartner.com

Resources

IASTless IAST – The SAST to DAST Bridge

Streamline appsec with IASTless IAST. Simplify deployment, enhance accuracy, and boost your security posture by combining SAST and Bright’s DAST.

Bringing DAST security to AI-generated code

AI-generated code is basically the holy grail of developer tools of this decade. Think back to just over two years ago; every third article discussed how there weren’t enough engineers to answer demand; some companies even offered coding training for candidates wanting to make a career change. The demand for software and hardware innovation was

5 Examples of Zero Day Vulnerabilities and How to Protect Your Organization

A zero day vulnerability refers to a software security flaw that is unknown to those who should be mitigating it, including the vendor of the target software.

Get our newsletter