Enterprises today face a security landscape that is increasingly fragmented. Traffic patterns are shifting as more users and devices connect from anywhere. Agent deployments are multiplying across cloud environments, and the point tools used to manage each layer are struggling to keep pace. Versa Networks is addressing these challenges with three coordinated updates to its VersaONE Universal SASE Platform, designed to bring together networking and security in a more cohesive way.

Coordinated Updates to VersaONE

The first update is the addition of Cloud Security Posture Management (CSPM) capabilities. This brings cloud risk visibility into the same view as access security, enabling organizations to monitor misconfigurations, compliance gaps, and other risks across AWS, Azure, GCP, and OCI environments. The second update is a significant refresh of the Concerto orchestration platform, version 13.1.1, which simplifies policy management and collapses security profiles across SD-WAN and SSE into single constructs. The third is an AI agent trust and verification framework, due later this month, that applies policy-based access controls to agents in the same way they are applied to users and devices.

Research Highlights Coordination Gaps

New research from Versa underscores the urgency of these updates. The inaugural State of SASE + AI Report, based on a survey of 525 senior IT and security decision-makers at U.S. enterprises, reveals that 35% of organizations suffered a breach in the past year tied to coordination gaps between networking and security teams. Nearly three quarters (73%) say technical integration complexity has delayed or derailed a critical project. Some 99% have named convergence a strategic priority, yet only 30% have actually implemented shared ownership of SASE strategy.

The research also shows that 53% of organizations report higher operational costs from managing redundant tools. Organizations running 50 or more vendors are nearly twice as likely to report delayed application rollouts as those with leaner stacks—61% versus 34%. Inconsistent policy enforcement is also more common in high-vendor environments (57% vs. 40%). The report also surfaces a shadow AI problem: more than 80% of organizations say AI is in use somewhere in their environment, yet fewer than 20% know what it is being used for.

Orchestration Simplification with Concerto 13.1.1

The complexity findings in the research point directly at an orchestration problem. Versa has been investing significant engineering resources to solve it. The Concerto 13.1.1 release redesigns the SD-WAN configuration experience and unifies security and authentication profiles across SD-WAN and SSE. This collapses the islands of policy that have traditionally plagued multi-vendor environments. Instead of configuring policies separately for different sites and clouds, administrators can now set a single policy for a user regardless of location, ensuring consistency.

Hierarchical policy templates are another key addition. They let organizations define a master policy and extend subsets to different user groups and departments without rebuilding from scratch. The goal is to deliver enterprise-grade SD-WAN without the staffing overhead that has traditionally accompanied such deployments. As Versa's CEO Kelly Ahuja explained, getting scale while simplifying configuration is absolutely crucial. The new orchestration layer brings networking and security teams onto the same page, reducing the risk of misconfigurations that often lead to breaches.

Closing the Two-Portal Problem with CSPM

Policy configuration is one layer of fragmentation; cloud risk visibility is another. Most enterprises run separate tools for user and device posture (ZTNA or a secure internet gateway) and for cloud configuration risk (CSPM). These tools are managed by separate teams with no shared context. Versa is adding CSPM directly into the VersaONE platform, extending access security into continuous cloud risk visibility. Telemetry from AWS, Azure, GCP, and OCI feeds into Concerto alongside access risk data, providing a unified view.

This move is significant because it addresses what Ahuja calls the two-portal problem. While the industry has talked about unifying risk intelligence for years, most organizations still rely on different portals for access security and cloud security, with no way to share context. By integrating CSPM into the same platform that handles secure access, Versa enables security teams to correlate risks across all layers of the environment. This holistic view can help identify threats that might otherwise go unnoticed, such as a misconfigured cloud storage bucket that is accessible through a compromised user credential.

AI Agents as the Next Enforcement Frontier

CSPM extends visibility into cloud infrastructure, but the next challenge is what happens when AI agents start to change that infrastructure. Ahuja noted that a single user prompt can trigger many agents, which can then make changes to policies and configurations—often invisible to operators. Versa's response, due around May 21, is a trust and verification framework that applies policy-based access controls to agents. This framework functions as a verification gateway inside the management and orchestration layer, ensuring that agents only perform actions that comply with organizational policies.

Putting a human in the review path is not a viable answer at the scale of agentic activity. Ahuja emphasized that slowing down agent actions with manual review would defeat the purpose of automation. Instead, Versa is drawing on its existing work for user and device access to build controls that can be applied to agentic activities. This includes verifying agent identity, limiting their permissions, and logging their actions for audit purposes. As AI adoption accelerates, having such controls in place will be essential for maintaining security without hindering innovation.

The broader context is that enterprises are under pressure to adopt AI while also managing the risks it introduces. The Versa report found that 95% of organizations say AI is forcing networking and security teams to collaborate more closely. Yet the shadow AI problem—where AI tools are used without official approval or monitoring—remains widespread. The new verification framework aims to bring AI agent activity under the same policy umbrella as human users and devices, enabling organizations to enforce consistent rules across all entities accessing their networks and data.

Additionally, the CSPM update addresses a market that has seen significant consolidation. Google's acquisition of Wiz for $32 billion earlier this year underscored the importance of cloud security. Versa says its CSPM plans predate that deal and were driven by customer feedback rather than market moves. By integrating CSPM directly into its SASE platform, Versa offers an alternative to best-of-breed point solutions, potentially reducing the vendor count and operational overhead that many enterprises struggle with.

The updates to Concerto, meanwhile, reflect a broader industry trend toward unified management. The hierarchical policy templates and unified profiles are designed to reduce the time and effort required to configure and maintain security policies. This is particularly important for organizations with limited staff, as the complexity of managing multiple tools often leads to errors and delays. By simplifying the configuration process, Versa aims to help enterprises achieve the convergence that 99% say is a priority, but only 30% have actually implemented.

In summary, Versa Networks is addressing the fragmentation that plagues enterprise security through three interconnected updates. The CSPM integration closes the gap between access and cloud risk visibility. The Concerto orchestration update simplifies policy management across SD-WAN and SSE. And the AI agent trust framework extends policy controls to the new wave of automated agents. These updates come at a time when research shows that coordination gaps between networking and security teams are leading to breaches and project delays. By bringing these capabilities together on a single platform, Versa aims to help enterprises reduce risk, cut operational costs, and accelerate digital transformation without compromising security.

Source: Network World News