Security in cloud and hybrid systems is a big challenge. There needs to be a way to secure assets in an environment where you have no control over the contents or behavior of the environment and where you must share hat environment with other organizations, some of which might be your competition. Additionally, there are adversaries who either live in the cloud, know how to compromises cloud-based systems, or both.

This year we address these challenges with two vendors, each of which take a somewhat different approach. This is more difficult than perimeter defense because the perimeter, if it exists at all, is very porous. What is needed is a security approach that has evolved in the cloud and is as comfortable in a virtualized environment as it is in the physical world. In other words, for this group the entire concept of the perimeter has been modified significantly.

Our vendors this year are born and bred in virtual environments. More important, they have unique ways of viewing the cloud. However, just understanding the cloud is not enough. In modern data centers there is a combination of hardware and software defined data centers and they need to interact seamlessly. That means that the security applied must be transparent across the two physically different environments. Added to the challenge is that a data center physically located in the organization might be hybrid – virtual and physical. The virtual part has unique requirements such as protecting the hypervisor.

All of these disparities define an entirely new breed of enterprise security. That is what this group – and our three winners – are focused upon. The one aspect that seems to be universal is that all of the included environments should show up on the same console. We looked at several of these over the course of the past couple of years and, whether or not they were what we considered to be innovators to the extent that they fit here, each product had pulled together the data that are available in any environment at which they were looking and displayed it in a single console. Moreover, the analytics that they apply are applied equally across monitored environments.