Edgewise is now part of the Zscaler family. Learn More

Automated Microsegmentation Built on Software Identity. Driven by Machine Learning

Edgewise's secret sauce combines the right data, analysis, and control to deliver zero trust auto-segmentation with one click.
Edgewise has been awarded 3 patents from the U.S. Patent and Trademark Office for automating zero trust microsegmentation. These patents, with others pending, reinforce how our approach to software identity-based segmentation provides an order of magnitude improvement in both security and operational simplicity.

The right data: Mapping Application Topology

Using proprietary machine learning and statistical data, the technology behind this patent allows Edgewise to accurately map application communication pathways and see across load balancers and NAT environments. Most impressively, Edgewise’s invention allows our technology to discover the presence of load balancers even when an agent isn’t installed. 

Collecting high-quality, high-fidelity data that’s not contaminated with noise is the critical first step to enable microsegmentation automation. Only Edgewise has the patent for end-to-end workload protection that’s independent of network infrastructure.
Automated Load Balancer Discovery

The right analysis: Software-Identity based Policy Generation

Ease and simplicity are at the heart of this patent. Traditional microsegmentation requires thousands of security policies to be created, monitored, then manually adjusted as exceptions are needed to compensate for infrastructure changes. In contrast, Edgewise uses patented machine learning to arrive at the minimum number of policies that achieve better security for access pathways between applications. 

Edgewise policies are based on application software identities built using immutable attributes intrinsic to the communicating software and processes. Edgewise’s policies can detect exploited or manipulated application software and prevent them from communicating, even if they use the same name and communication content as a permitted application. No manual updates and no changes to your network are necessary.
Network Application Security Policy Enforcement

The right control plane: Application Software Identity Policy Enforcement

This patent was granted for a groundbreaking technology which bi-directionally validates the authenticity of a connection between two applications based on the applications' cryptographic identities. The patent also covers Edgewise’s unique process for creating security policies for application-to-application communication, and means of identifying policy violations that are not detected by address-based security tooling. 

Symmetrical validation—a key component in this patent—is critical because traditional network security technology rely on a one-time, address-based verification. But this leaves opportunities for attackers to exploit communications during transit. Only Edgewise ensures attackers will be stopped in their tracks.
Network Application Security Policy Enforcement
Edgewise secret sauce
Edgewise secret sauce explained