Analyst(s): Fernando Montenegro
Publication Date: March 6, 2025
A series of announcements from key cybersecurity vendors hit the headlines in February. Wiz picked up strategic partnerships with Check Point Technologies and Cisco, while Palo Alto Networks announced its plans for the next evolution of its cloud security capabilities. Futurum sees these announcements through the lens of the changing nature of cybersecurity operations, with ramifications for these vendors and their competitors.
Key Points:
- Cloud security remains an important area of concern for organizations, which prompts significant interest from vendors, particularly those integrating cloud into their security platforms.
- Wiz announced strategic partnerships with both Check Point Technologies and Cisco to position its cloud security offering as the preferred option from those vendors.
- Palo Alto Networks announced that the new version of its cloud security offering will be part of its broader security operations capabilities under the Cortex brand.
Overview:
February saw key announcements from cybersecurity vendors related to cloud security, which, to us, highlight two approaches to how organizations should approach the topic. This represents an opportunity for organizations to solidify their approach to modern security operations.
The first approach looks at cloud security as having some separation from broader security operations. In this case, the benefits of a specialized cloud security vendor may outweigh the potential benefits of a more integrated security approach. This is the essence of the moves made by Wiz. The company recently formed key partnerships with Check Point and Cisco, with both companies choosing to favor Wiz’s cloud security offering over their own. Check Point will work with Wiz to transition its customers from CloudGuard to Wiz, while Cisco will sunset its Panoptica offering. This “cloud-centric approach” may appeal to organizations where teams managing cloud security treat it more independently than other security operations initiatives. Security operations teams can still play a crucial role in this model, but they may favor integrating with a specialized cloud security tool. This approach may be particularly attractive to organizations using existing SIEMs or XDR platforms such as Splunk, Elastic, Exabeam, Securonix, or others.
Palo Alto Networks offers a contrasting view. The company is continuing its broader “platformization” effort that started in early 2024 with an approach that champions further, deeper integration between cloud security and security operations. Their recent announcement highlights plans to integrate new cloud security functionality into their core Cortex security operations platform, with the upcoming release of newer cloud security functionality under “Cortex Cloud.” This approach essentially treats cloud security as a “security topic” best managed within broader security operations, positioning the security operations center as the central hub for all cybersecurity activities within organizations. This approach deepens Palo Alto Networks’ bet in its security operations platform while maintaining support for third-party telemetry and integrations.
These two announcements show how organizations may now face a choice that can impact their organizational design, responsibility divisions, metrics, and more: what is the broader role of security operations in an organization?
For vendors, these developments intensify the ongoing debate between security platforms and point product offerings. As cloud security deals grow more strategic, go-to-market execution becomes increasingly critical. Competitors must continue to clearly articulate how they offer alternatives.
Industry observers should watch several key developments:
- How effectively will Wiz integrate with Cisco and Check Point Technologies and sales channels?
- How will Palo Alto Networks’ approach appeal to organizations using alternative SIEM platforms?
- How will competitors such as Fortinet, CrowdStrike, Trend Micro, and SentinelOne, among others, position themselves, and how will pure-play cloud security vendors navigate this shifting landscape
The full report is available via subscription to Futurum Intelligence’s Cybersecurity IQ service—click here for inquiry and access.
Futurum clients can read more in the Cybersecurity Intelligence Portal. Nonclients can learn more here: Cybersecurity Practice.
About the Futurum Cybersecurity Practice
The Futurum Cybersecurity Practice provides actionable, objective insights for market leaders and their teams so they can respond to emerging opportunities and innovate. Public access to our coverage can be seen here. Follow news and updates from the Futurum Practice on LinkedIn and X. Visit the Futurum Newsroom for more information and insights.
Disclosure: While preparing this work, the author used Anthropic Claude Sonnet to summarize the original report. After using this service, the author reviewed and edited the content as needed. The author takes full responsibility for the publication’s content.
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
