The new joint solution enables secure remote access, full asset visibility, and regulatory compliance without the need for agents or VPNs, targeting industrial and energy sectors.
As a strategic move to bolster cybersecurity for critical infrastructure, Forescout Technologies Inc. and Xage Security announced on August 4, 2025, a partnership aimed at advancing universal network access based on Zero Trust in operational and industrial environments.
The collaboration combines Forescout’s real-time device discovery and analysis capabilities with Xage’s distributed policy enforcement of least privilege. The result is a combined solution delivering automated visibility, secure remote access, and granular controls in environments that have traditionally relied on physical isolation and legacy technology.
Security for the most complex and sensitive environments
Protecting critical infrastructures such as power grids, refineries, remote facilities, or industrial plants demands solutions specifically designed for disconnected operational systems, resource-limited, and challenging to update. In these scenarios, conducting updates or incident investigations are costly and can slow threat response.
With this partnership, Forescout and Xage propose a frictionless, agentless cybersecurity approach that meets the operational and regulatory requirements of the industrial sector. The joint solution includes:
- Comprehensive asset visibility: Real-time discovery of IT, OT, IoT, and IoMT devices, including those without agents or from earlier generations.
- Secure remote access without VPN: Session-based access limited in time, targeted to specific assets, and adapted for OT environments.
- Zero Trust access controls: Granular application based on user, context, and asset requested.
- Scalable, agentless protection: Compatible with both modern and legacy devices without additional software installation.
- Resilient offline application: Maintains access controls even when the network is isolated or disconnected.
- Simplified regulatory compliance: Aligns with standards like NERC CIP, TSA, and IEC, easing audits and certifications.
Cybersecurity aligned with operational continuity
According to Christina Hoefer, VP of OT/IoT verticals at Forescout, “This partnership goes beyond simple technical integration; it represents a strategic alignment to protect the systems that keep the world running.” Both companies bring decades of experience protecting sensitive environments, from industrial plants to critical national infrastructure.
Bonnie Simmons, VP of Partnerships at Xage Security, emphasizes that “this collaboration not only identifies risks but eliminates them in a scalable and frictionless manner.” She explains that the integration provides immediate and lasting value to organizations facing increasingly complex threat landscapes.
Immediate deployment and real-world cases
A key advantage of the solution is its rapid deployment: Xage states that it can be implemented in a single day, enabling secure access from anywhere in the world, including disconnected or orbiting locations, as demonstrated through collaborations with the U.S. Space Force, PETRONAS, and Kinder Morgan.
Xage Fabric Platform technology, combined with Forescout’s asset intelligence, allows detection of hidden devices, prevention of lateral attacker movements, and real-time access policy enforcement—even when network infrastructure is unavailable.
FAQs
What does Zero Trust mean for critical infrastructure?
It’s a security approach based on “never trust, always verify,” even within the internal network. Each access is validated according to user, context, and device, significantly reducing the risk of lateral attacks.
How does the proposed agentless remote access work?
It uses temporary, encrypted sessions specific to each asset, removing the need for persistent VPN tunnels and reducing attack surfaces—crucial in OT environments.
Can this solution be implemented on legacy systems?
Yes. Designed to be agentless, it can protect legacy assets without installing software, even on devices with limited capabilities or no constant connectivity.
What regulations does this joint solution comply with?
It facilitates compliance with standards like NERC CIP (energy sector), TSA (U.S. critical infrastructure), and IEC (international automation and industrial control standards).
via: forescout