Analyst(s): Fernando Montenegro
Publication Date: August 26, 2025
This report analyzes the evolution of the Secure Access Service Edge (SASE) market as it becomes a more strategic component of enterprise security. Futurum examines how trends such as AI, the intelligent edge, and intense market competition are reshaping SASE architectures and vendor strategies. The analysis reveals a market that, while mature, is experiencing significant flux in procurement strategies and architectural preferences.
Key Points:
- While the SASE market is now mainstream and consolidating around single-vendor platforms, a majority of buyers are open to sourcing from new vendors, creating a dynamic landscape with varied architectural approaches.
- SASE’s value is expanding beyond securing remote users to become a foundational framework for the entire intelligent edge, addressing the security needs of IoT and OT devices.
- A superior user experience, increasingly managed through AI-driven monitoring and policy automation, has become a critical adoption driver, shifting the conversation from cost savings to performance and operational benefits.
Overview:
Figure 1: Stage of Deployment/Interest in the SASE/SSE Platform
The Secure Access Service Edge (SASE) framework, which converges networking functions such as SD-WAN with a stack of security services into a single, cloud-native offering, has reached mainstream adoption. Its security posture is built on a Zero Trust philosophy, operating on a “never trust, always verify” principle where access is granted to specific applications based on user identity and context, not a trusted internal network. Futurum Group research shows that 55% of respondents across multiple end-user organization types indicated that they have already deployed SASE, with another 41% planning to pilot a platform within two years. While the market trend favors single-vendor platforms to simplify management, a telling finding is that 51% of buyers prefer to source their offering from a new technology vendor rather than an incumbent. This willingness to engage new providers indicates that organizations are actively re-evaluating long-term partners, fostering a dynamic and competitive market where different architectural models can thrive. This diverse landscape includes established network security vendors, cloud-native specialists, and even content delivery network providers leveraging their vast edge infrastructure.
Concurrently, SASE’s scope is expanding dramatically beyond its initial use cases of replacing legacy VPNs and modernizing on-premises web gateways. It is now pivotal for branch modernization, eliminating the need to backhaul traffic to a central data center for security checks. The framework is also being positioned to secure the entire intelligent edge, providing discovery and access control for a massive surface of IoT and OT devices. Furthermore, a critical emerging use case is securing enterprise AI adoption by providing granular control and data loss prevention for interactions with third-party AI services. This evolution means the driver for adoption has also shifted; while reduced complexity and cost are benefits, a superior user and operator experience is paramount. This is delivered through capabilities such as Digital Experience Monitoring (DEM) and, increasingly, AI-driven automation that can proactively remediate issues and assist in creating granular access policies. This strategic importance is validated by intense M&A activity, such as Palo Alto Networks acquiring Talon and Zscaler acquiring Avalor, and major funding rounds for vendors across the ecosystem.
What to Watch:
- How will the need to secure enterprise AI usage, especially regarding data flowing to public models, reshape SASE data security and API inspection capabilities?
- How will the market balance fully converged SASE platforms against more modular, security-first approaches as enterprises evaluate their long-term architectural needs?
- Will major endpoint security vendors enter the SASE market, leveraging their rich device and identity context to challenge network-centric incumbents?
The full report is available via subscription to Futurum Intelligence’s Cybersecurity & Resilience IQ service—click here for inquiry and access.
Futurum clients can read more in the Futurum Intelligence Platform, and non-clients can learn more here: Cybersecurity & Resilience Practice.
About the Futurum Cybersecurity & Resilience Practice
The Futurum Cybersecurity & Resilience Practice provides actionable, objective insights for market leaders and their teams so they can respond to emerging opportunities and innovate. Public access to our coverage can be seen here. Follow news and updates from the Futurum Practice on LinkedIn and X. Visit the Futurum Newsroom for more information and insights.
Declaration of Generative AI and AI-assisted Technologies in the Writing Process: While preparing this work, the author used Google Gemini to summarize the original report. After using this service, the author reviewed and edited the content as needed. The author takes full responsibility for the publication’s content.
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
