McAfee Enterprise cloud security biz relaunches as Skyhigh

Missed a session at the Data Summit? View on demand here.

Skyhigh Security, the newly announced name for the McAfee Enterprise security service edge business, has significant growth opportunity ahead of its unique “data-aware” approach to meeting customers’ cloud security needs, CEO Gee Rittenhouse told VentureBeat.

“Data is now in the cloud, in SaaS [software-as-a-service], in your data center. It’s just everywhere. And because of the pandemic, users are everywhere,” Rittenhouse said in an interview. “We really focused on how the data is used. And that has allowed us to look at the problem very differently from others – and radically simplify the problem.”

Normally, to protect data, a company sets policies for endpoints, in the cloud and in SaaS applications, but “trying to keep up with all these things is complicated,” he said.

Instead, what Skyhigh Security does with its “data policy engine” is that all policies are “attached to the data itself,” Rittenhouse said. “That way you can protect it, see it, understand where it’s going, who’s sharing – and that in a much easier way.”

Ultimately, that produces a “very rich experience that can track the data as you add new controls and new capabilities,” he said.

For example, for data loss prevention (DLP) purposes, “it’s all in the cloud and it’s cloud native and can protect all those assets. But what really separates us is the fact that it’s extensible right down to the end point.” “And so having that capability, whether the data is on your endpoint, all the way through the cloud, is the key differentiator.”

Cloud Security Suite

In addition to cloud DLP, Skyhigh Security’s offerings include secure web gateway (SWG), cloud access security broker (CASB), zero trust network access (ZTNA), remote browser isolation technology, cloud firewall, and cloud-native application protection platform (CNAPP).

Within CNAPP, Skyhigh provides capabilities including cloud workload protection, container security, and cloud security posture management (CSPM) for detecting cloud infrastructure misconfigurations.

Notably, much of the core functionality that comes with Skyhigh Security dates back to the original Skyhigh Networks, a startup acquired by McAfee in 2018. And many members of that team still work at the company now known as Skyhigh Security, Rittenhouse noted.

In January, private equity firm Symphony Technology Group announced that McAfee Enterprise’s security service edge business would operate as a separate business from the rest of the company. The rest of the McAfee Enterprise business has been merged with FireEye and rebranded as Trellix, with a focus on comprehensive detection and response (XDR) solutions.

Symphony then announced that Rittenhouse, who previously served as general manager of Cisco’s security business group, would serve as CEO of the company now known as Skyhigh Security.

However, Skyhigh Security does not currently operate as a separate legal entity from Trellix, with some back office staff still shared between the two companies, Rittenhouse said.

Trellix and Skyhigh are more “sister organizations,” he said. “But we have a separate go-to-market, a separate product, a separate marketing.”

The company now known as Skyhigh generated revenue growth in 2021 and expects to grow again in 2022, though Rittenhouse said he couldn’t provide more details. The company has 3,000 customers, with a focus on financial services, healthcare and government.

San Jose, California-based Skyhigh Security has 700 employees, Rittenhouse said. There are no imminent plans to list the company, he said.

‘Leader’ in SSE

In February, research firm Gartner placed the company now known as Skyhigh Security in the inaugural Magic Quadrant for Security Service Edge (SSE) of the “Leaders” quadrant. Only two other vendors, Zscaler and Netskope, ended up in the SSE leader’s quadrant.

SSE includes the security-specific components – CASB, ZTNA, and SWG – of the solution category known as Secure Access Service Edge (SASE).

“Customers build their SASE solutions into two components: the network component and the security component. And those are usually different buying moves,” said Rittenhouse. “They can also be at different times. They can do their network transformation first and then add security — or vice versa. Magic Quadrant as from the industry perspective, that these two are really separate.”

As for future product development, Skyhigh plans to focus on improving its capabilities for protecting cloud workloads and increasing automation, he said.

For example, if a user tries to visit a malicious website, they’ll normally be blocked, but capabilities now under development at Skyhigh could automatically switch the user to third-party browser isolation, Rittenhouse said.

Or if an employee misuses data, they may have to automatically log in again, he said.

“So there’s a dynamic element in the policy that extends trust from zero beyond the login event, to how data is used,” Rittenhouse said.

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more

This post McAfee Enterprise cloud security biz relaunches as Skyhigh

was original published at “”