Analyst(s): Fernando Montenegro
Publication Date: February 24, 2025
Kyndryl has expanded its alliance with Palo Alto Networks to introduce new managed secure access service edge (SASE) offerings. The collaboration integrates Palo Alto’s AI-powered Prisma SASE platform into Kyndryl’s managed services, providing enterprises with a unified, cloud-first security offering. The new services aim to enhance network security, streamline operations, and support the growing adoption of zero-trust frameworks.
What is Covered in this Article:
- Kyndryl expands its partnership with Palo Alto Networks to launch managed SASE services, integrating Prisma SASE into its offerings.
- The new services provide a cloud-first, zero-trust security model, enhancing network security and simplifying operations.
- Kyndryl’s offering includes consulting, implementation, and 24/7 managed security, leveraging AI-driven automation and real-time threat detection.
- Integration with Kyndryl Bridge provides security automation and observability, aiming to strengthen hybrid IT management.
- This move supports Kyndryl’s shift toward high-margin managed security services.
The News: Kyndryl has expanded its partnership with Palo Alto Networks to introduce end-to-end SASE services, integrating Palo Alto’s Prisma SASE platform into its managed security offerings. The new services aim to help enterprises adopt a cloud-first, zero-trust security model, enhancing network protection and simplifying security operations. Kyndryl’s managed SASE services include security assessments, design and implementation, and 24/7 security management, leveraging AI-driven automation and real-time threat detection. The offering is integrated with Kyndryl Bridge, the company’s digital business platform, to provide enhanced visibility and security automation.
Kyndryl Strengthens Security Play with AI-Powered SASE Offering
Analyst Take: Kyndryl’s decision to expand its collaboration with Palo Alto Networks and introduce managed SASE services is a natural progression from its 2023 commitment to integrating Palo Alto’s security offering into its managed security offerings. At that time, both companies hinted at future support for SASE, and this latest move fulfills that expectation. It aligns with Kyndryl’s broader approach to modernize IT infrastructure by adopting cloud-first, zero-trust security models – a transition highlighted by the company’s shift from 54 on-premises data centers to a SASE-based architecture. The expansion comes as enterprise demand grows for AI-driven, cloud-first security frameworks, signaling a clear departure from traditional hardware-based networking offerings.
Prisma SASE: Expanding Kyndryl’s Cybersecurity Capabilities
Kyndryl’s new managed SASE service, developed in partnership with Palo Alto Networks, integrates networking and security into a unified, cloud-delivered platform designed to bolster enterprise resilience against evolving cyber threats. The backbone of this offering is Prisma SASE, Palo Alto Networks’ AI-powered security platform, which provides:
- Zero-trust network access (ZTNA) – Enforcing strict identity-based authentication to secure remote and unmanaged devices.
- AI-driven Autonomous Digital Experience Management (ADEM) – Enhancing visibility into network traffic, identifying latency issues, and proactively troubleshooting performance bottlenecks.
- Cloud-based firewall-as-a-service (FWaaS) – Delivering enterprise-grade network protection through a cloud-native firewall, eliminating the need for physical hardware.
- Secure web gateway (SWG) and cloud-access security broker (CASB) – Enforcing security policies across cloud applications and web traffic to block unauthorized access and ensure compliance.
Beyond the technology itself, Kyndryl’s managed SASE services provide a fully integrated, AI-powered security offering. The company’s consulting and security assessment services help enterprises evaluate their network maturity, identify vulnerabilities, and align their zero-trust strategies with long-term business objectives. Kyndryl also assists with the transition from legacy Software-Defined Wide Area Network (SD-WAN) or Security Service Edge (SSE) offerings to Prisma SASE, ensuring proper configuration, minimal disruption, and user training. Additionally, its 24/7 managed security services offer continuous threat monitoring, real-time security enhancements, and seamless integration with enterprise security operations center (SOC) and network operations center (NOC) platforms – helping organizations strengthen their cyber resilience across hybrid IT environments.
According to Paul Savill, Kyndryl’s Global Practice Leader of Network and Edge Computing, nearly half of the world’s mission-critical IT systems are outdated or approaching end-of-life. As enterprises face increasing pressure to modernize, the complexity of hybrid work environments is accelerating the shift toward AI-driven, cloud-first security offerings. By offering a fully managed SASE framework – spanning assessment, migration, and ongoing monitoring – Kyndryl is positioning itself as a key player in the cybersecurity space.
Integration with Kyndryl Bridge Boosts Automation & Visibility
A key component of Kyndryl’s new SASE services is its integration with Kyndryl Bridge, the company’s AI-powered digital business platform. This integration allows enterprises to observe, orchestrate, and optimize their entire IT ecosystem, enhancing security automation and hybrid IT connectivity. Customers using Prisma SASE can benefit from real-time network intelligence, predictive analytics, and automated security optimizations – critical capabilities for managing large-scale, complex environments.
Additionally, Kyndryl’s expertise in transitioning from on-premises infrastructure to cloud-first SASE frameworks potentially gives it an edge. Having undergone this shift internally, Kyndryl’s certified security professionals bring hands-on experience to enterprise clients, which helps to deliver more seamless SASE deployments.
Expanding Recurring Revenue and High-Margin Services
Kyndryl is actively shifting away from traditional IT outsourcing toward consulting and managed services – both of which offer higher margins and more predictable revenue streams. In Q3 FY 2025, Kyndryl Consult signings grew 45% YoY, reaching a $3 billion revenue stream, while managed services bookings rose 27% over the past 12 months, reflecting strong enterprise demand. Consulting revenue now accounts for 21% of Kyndryl’s total revenue, a significant jump from 10% at the time of its IBM spin-off.
By incorporating Prisma SASE into its managed security services, Kyndryl is strengthening its high-margin offerings, further positioning itself in security, cloud, and AI-driven automation services. This diversification is crucial, given that non-cloud IT outsourcing is shrinking at a 10% annual rate while managed cloud services are expanding at a 14% CAGR. As enterprises prioritize cloud-first, security-integrated networking offerings, Kyndryl’s expanded portfolio enhances its competitive positioning – potentially sustaining revenue growth in high-value service segments.
What to Watch:
- As enterprises increasingly adopt private 5G and edge computing, Kyndryl’s ability to extend Prisma SASE capabilities to edge environments and IoT security could present new revenue streams.
- With a significant chunk of mission-critical IT systems outdated or nearing end-of-life, driving demand for managed security offerings, Kyndryl’s ability to offer full-stack security management may strengthen its market positioning.
- CIOs are prioritizing cost efficiency, making Prisma SASE adoption dependent on proving ROI and cost savings over fragmented security setups.
- Prisma SASE’s AI-driven threat detection and automation capabilities differentiate it from traditional security models. However, competition from similarly AI-powered security offerings from CrowdStrike, Microsoft, Fortinet, Cisco, Zscaler, and others could challenge its positioning.
See the complete press release on Kyndryl’s expanded partnership with Palo Alto Networks for managed SASE services on the Kyndryl website.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other insights from The Futurum Group:
Kyndryl Delivers Strong Q3 FY 2025 Signing Growth and Margin Expansion
Kyndryl Launches Services to Accelerate AI Adoption for Microsoft 365 Copilot
Are Enterprises Ignoring Mainframe Skills in Their Modernization Push?
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
