Enterprise security has become a patchwork of point tools, each managing a different layer—user access, cloud configuration, network traffic, and now AI agent behavior. The cracks between those layers are widening, and attackers are exploiting them. Versa Networks is responding with three coordinated updates to its VersaONE Universal SASE Platform, designed to collapse separate risk views into a single pane of glass and reduce the operational drag of managing redundant tools.
The first update is a native Cloud Security Posture Management (CSPM) capability that brings cloud infrastructure risk visibility directly into the same management interface used for access security. The second is a significant overhaul of its Concerto orchestration platform, version 13.1.1, which simplifies SD-WAN configuration and unifies security policies across SD-WAN and Secure Service Edge (SSE). The third is an AI agent trust and verification framework, due later this month, that applies policy-based access controls to autonomous software agents.
Research reveals the cost of fragmentation
Versa’s inaugural State of SASE + AI Report, a survey of 525 senior IT and security decision-makers at U.S. enterprises across financial services, retail, energy, manufacturing, healthcare, technology, and government, highlights the scale of the problem. Thirty-five percent of organizations suffered a security breach in the past year directly tied to coordination gaps between networking and security teams. Nearly three-quarters (73%) reported that technical integration complexity has delayed or derailed a critical project. Despite 99% naming convergence a strategic priority, only 30% have actually implemented shared ownership of SASE strategy.
The research also reveals a disconnect between perception and reality when it comes to artificial intelligence. More than 80% of organizations say AI is in use somewhere in their environment, yet fewer than 20% said they knew what it was being used for—a shadow AI problem that introduces unmanaged risk. Strengthening security posture was cited as the top driver for convergence by 58% of respondents, compared to just 19% who pointed to lowering total cost of ownership. Organizations running 50 or more vendors were nearly twice as likely to report delayed application rollouts (61% vs. 34%) and more likely to report inconsistent policy enforcement (57% vs. 40%).
Concerto update simplifies policy management
The complexity findings directly shaped the Concerto 13.1.1 release. The update redesigns the SD-WAN configuration experience and unifies security and authentication profiles across SD-WAN and SSE, collapsing what were previously separate policy islands into a single construct. “When you set a policy for a user, whether it’s a site or a cloud, it doesn’t matter where the user is, you actually do it once, and you do it in a consistent way,” said Kelly Ahuja, CEO of Versa Networks.
The release also introduces hierarchical policy templates, enabling organizations to define a master policy and extend subsets to different user groups and departments without rebuilding from scratch. This targets enterprise-grade SD-WAN without the staffing overhead that has traditionally accompanied complex branch deployments. “Getting that scale, supporting that scale, but also simplifying how they configure it is absolutely crucial,” Ahuja added.
CSPM closes the two-portal problem
Policy configuration is one layer of fragmentation; cloud risk visibility is another. Most enterprises run Zero Trust Network Access (ZTNA) or a secure internet gateway for user and device posture, and a separate CSPM tool for cloud configuration risk. These are managed by different teams with no shared context. Versa is adding CSPM directly to VersaONE, extending access security into continuous cloud risk visibility across Amazon Web Services, Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure. Telemetry from CSPM feeds into Concerto alongside access risk data, providing a unified risk intelligence view.
“While the industry has been talking about unifying risk intelligence for years, everyone still relies on two different portals, one for doing your ZTNA or secure internet, and then a second for cloud,” Ahuja said. “And there’s no way to really share that context and pull it together. This is what we’re actually solving for.” The CSPM market has seen massive consolidation, highlighted by Google’s $32 billion acquisition of Wiz earlier this year, but Versa says its plans predate that deal. “We were listening to customers, looking at what they’re doing, as opposed to seeing what else is out there in the market,” Ahuja noted.
AI agent controls: the next enforcement problem
CSPM extends the platform’s visibility into cloud infrastructure. The next challenge is what happens when AI agents start changing that infrastructure dynamically. “One single user prompt can actually trigger many agents coming up, and then they can start to make changes inside your environment to policies and configuration, and many of them are invisible to the operator,” Ahuja said.
Versa’s response, scheduled for release around May 21, is a trust and verification framework that applies policy-based access controls to agents the same way they apply to users and devices. The framework functions as a verification gateway inside the management and orchestration layer. It draws on the same principles Versa already built for user and device secure access, adapted to the unique challenges of autonomous agents. “Putting a human in the loop will only slow things down, because all of a sudden you’ve got lots of things that you’re trying to do, but somebody has to observe them and do them,” Ahuja said, underscoring the need for automated, policy-driven enforcement.
The AI agent framework addresses a growing pain point for enterprises that are deploying AI assistants, code generation agents, and automated remediation bots that can inadvertently introduce misconfigurations or security gaps. By treating agents as first-class entities subject to the same access policies as human users, the platform aims to close a vulnerability window that point tools cannot address.
Versa’s three-pronged update reflects a broader industry recognition that security must be convergent, not just in the buzzword sense but in practical, day-to-day operations. The CSPM addition unifies cloud risk visibility with access security. The Concerto orchestration update simplifies policy administration across network and security domains. And the AI agent framework looks ahead to a future where software agents—not just humans—need to be governed. Together, these moves position VersaONE as a platform that can cope with the scale and complexity of modern enterprise environments, where traffic patterns shift, agent deployments multiply, and cloud environments keep expanding.
Source: Network World News