Algosec: From Firewall Rule Janitor to Application Traffic Control Tower
If you have been in this industry long enough to remember when “firewall management” was the hot new category, you probably already know the name Algosec. For years, many security teams have mentally filed the company under “firewall rule analysis and cleanup.” Useful. Necessary. Not exactly glamorous.
That mental model is now badly out of date.
Sitting down with Kyle Wickert, Field CTO at Algosec, it becomes clear that the company has quietly been rewiring its mission around something much more ambitious: treating business applications as the center of gravity for security policy, rather than the firewalls, clouds, and shiny platforms we like to argue about at conferences.
As Kyle puts it, when people hear Algosec, they “undoubtedly know us immediately as firewall management.” That was then. Today, he says, “we really think first and foremost about business applications, the connectivity they need to communicate across the hybrid network. And we really view that as the problem we’re trying to solve today.”
In other words, if your mental picture of Algosec is a glorified firewall report generator, you are missing the plot.
From Rules to Business Outcomes
Most vendors in network security still start from the tech stack. The pitch is some variation on: “Let us manage your firewalls, your SD‑WAN, your SASE, your cloud security groups, your whatever, all in one place.”
Algosec reverses that.
The premise is simple enough, even if the implementation is not: firewall rules exist only because business applications need connectivity. ERP systems, trading platforms, email, ecommerce, payment gateways, homegrown line‑of‑business apps, the lot.
Kyle explains that the company has evolved from a rule‑centric mindset to an application‑centric one across “policies across cloud, SD‑WAN, SASE” and the broader hybrid network. The focus is on understanding:
- What applications exist
- What connectivity they actually need
- Which enforcement points are involved across data centers, clouds, and remote users
That shift matters because most large enterprises now have: multiple firewall vendors, cloud-native controls in AWS and Azure, SD‑WAN from one provider, SASE from another, maybe some NSX or other SDN in the data center for extra spice.
Customers may think they are standardized on one firewall OEM “platform,” but as Kyle points out, “seldom is a customer truly through and through one vendor for their enforcement.” You might have a lot of Palo Alto firewalls, for example, “but it’s certainly not the only enforcement they have. They might have cloud native controls inside of AWS or Azure, like the security groups. They might be using an SD‑WAN technology like Zscaler, and they might also have an SDN technology like VMware NSX in the data center.”
Trying to manage this zoo purely at the rule or object level is like trying to run an airline by staring only at jet engine telemetry. Technically important, sure, but you have no idea where the planes are going or whether passengers actually arrive.
Algosec’s answer is to decouple connectivity from policy.
“We’re decoupling the connectivity from the policy,” Kyle says. “So we’re really thinking in terms of app intent, not firewall rules. Now we bring the two together, but we think in terms of app intent.”
The world your CISO cares about revolves around questions like:
- Which business service does this rule exist for
- What happens if we remove or tighten it
- Which regulations or internal policies does this connectivity touch
- Who owns this application and can they attest that they still need it
Algosec wants to be the translation layer between that business‑level intent and the gnarly reality of thousands or millions of policies scattered across a patchwork of enforcement technologies.
The Old Problem That Never Dies: Rule Cleanup and Recertification
If you have ever held the title of firewall engineer, you have seen the classic ritual. Someone is worried about risk, audit findings, or both. A project is kicked off for “firewall rule cleanup” or “rule recertification.” Reports are generated. Spreadsheets are exported. A small forest is sacrificed in the name of compliance.
Then reality hits.
Kyle has been at Algosec for about 15 years and has watched this play out over and over. Customers come through the channel saying, “I need a solution to help me with firewall rule cleanup. This is the decade old ask.”
You can absolutely give them a report “day in and day out” that lists risky, unused, or non‑compliant rules. The real question, he says, is whether the customer is “comfortable actually actioning that, knowing that you’re not going to damage the business.”
This is where the application lens becomes more than marketing gloss.
When Algosec generates that list of problematic policies, it does not stop at “rule ID 1234 is risky.” It can say: this particular rule is serving SAP, that one is tied to Exchange, this set supports your e‑commerce application. Suddenly, you are not deleting some obscure object in a firewall policy. You are changing the blast radius of a revenue‑generating system.
“It changes your approach,” Kyle says, “in managing that cleanup, managing that remediation, prioritizing it. And we find that with that, customers are getting way better outcomes.”
Nowhere is this more pressing than in Europe, where regulations like DORA are throwing gasoline on the audit and recertification fire. Kyle describes the situation bluntly. Customers are coming in with an “initial ask” of firewall rule recertification, especially in financial services, because “it’s no longer viable to go back to someone in the business and say, here’s a spreadsheet, do you still need these rules.”
Algosec is steering those organizations toward application connectivity recertification instead. Because the platform maps “the business need, the application, with the policies, regardless of the enforcement tech,” the recertification workflow can ask a much more natural question:
Do you still need this application connectivity
The business user can see it in a context they actually understand, attest to that requirement, and then Algosec cascades the decision down to the underlying policies across firewalls, clouds, and other controls. The result is better alignment with regulatory expectations, while also making the experience far less soul‑crushing for business stakeholders.
For once, compliance might not have to be a spreadsheet‑driven hostage situation.
Enter Algo: An AI Assistant With Real Work To Do
Given all of this complexity, it is no surprise that Algosec is leaning into AI. At the time of the conversation, Kyle was not announcing anything specific tied to RSA, but he was clearly excited about a new capability: Algo, the company’s AI assistant.
Many in the Algosec customer base may remember AlgoBot, “the first vendor in our space to launch a chat bot,” as Kyle notes. That was launched several years ago. With Algo, they are taking things further.
Kyle describes Algo as “a brand new AI assistant” that “is launching as a AI based assistant interacting with the Algosec platform.” It is in technical preview with many customers already working with it. Crucially, though, he stresses that “it’s not just a chat bot. It serves as the basis for interfacing with Algosec using AI, including MCP for the future.”
In other words, this is not just another cute support widget. The goal is to let security teams and eventually other stakeholders interrogate and drive policy management through natural dialogue, backed by the deep understanding of applications and connectivity that Algosec has been building for years.
In a world where “agentic AI identities” and machine‑driven workflows are going to be first‑class actors in the environment, Kyle sees Algosec’s mission as only getting more important. Even as everything changes around us, “the idea of serving the business and enabling the business need is going to disappear. In fact, it’s going to become more acute.”
You can easily imagine, he says, a world where to make a core business application work end to end, “the connectivity requirements aren’t just IPs. They might include identity, in particular, agentic AI identities combined with traditional connectivity.” Algosec wants to sit right at that junction of application, identity, and network policy.
Channel First, Services Through Partners
From a go‑to‑market perspective, Algosec remains unapologetically channel centric. “All of our business moves through the channel,” Kyle says. The company puts a lot of energy into “cultivating really close relationship with channels all over the world,” and educating them on this application‑centric story so they can, in turn, guide customers toward better outcomes.
That extends into services. Algosec “doesn’t do too much consulting” directly. Instead, they rely heavily on channel partners as “a key stakeholder in bringing together the technology with the customers own internal processes.”
If you have ever tried to wire a security policy engine into something like ServiceNow, this will ring true. Kyle laughs that “there’s no two ServiceNow integrations that are the same, and no two ServiceNow implementations that are the same.” Yet, “everybody wants ServiceNow to be the IT marketplace that front ends their request for driving connectivity and Algosec.”
That variability is where partners earn their keep, tailoring integrations and workflows so that application owners, network teams, and security operations can all interact with Algosec in a way that actually fits how the organization works in practice.
The Field CTO View: Secure the Business or Enable It
As Field CTO, Kyle works globally with customers “both pre and post sale.” He spends most of his time in pre‑sales, helping organizations considering the solution think about “how to leverage it in different ways,” but he also works with long‑time customers who originally bought Algosec as a “rule management” tool and now want to make the leap into automation, cloud, SD‑WAN, and SASE use cases.
He sees customers naturally fall into two big buckets in terms of how they want to use Algosec:
- Secure the business
These are the organizations that lean into Algosec’s risk management, audit, and compliance capabilities. They care about proving that connectivity aligns with policy, that high‑risk exposure is minimized, and that they can answer auditors without half the team pulling all‑nighters. - Enable the business
Here, the emphasis is on “intelligent automation” to speed up application delivery. Think automated change workflows, path analysis, proactive checks before rollout, and the ability to let application teams move faster without blowing holes in segmentation or compliance.
“The two things can coexist,” Kyle notes, “but usually customers are looking to deploy capabilities in one of those two buckets.” His role is to help them understand how an application‑centric approach can support whichever strategy they prioritize, often evolving over time from securing the business to also enabling it at higher velocity.
Where The Heat Is: Middle East, Europe, And Regulatory Gravity
While Algosec has global distribution, Kyle calls out the Middle East and Europe as particularly hot markets right now.
In the Middle East, there is a strong “drive to databasing” and modernization that is pushing organizations toward better visibility into applications and connectivity. In Europe, that same forward motion is combined with “the constant need to keep pace with the regulation,” with DORA being one prime example.
The upshot is that firewall rule recertification, segmentation, and zero trust initiatives are no longer nice‑to‑have hygiene projects. They are becoming board‑level compliance mandates, paired with very real technical complexity as organizations roll out cloud, SD‑WAN, and SASE in parallel.
Algosec’s bet is that you cannot solve this with yet another single‑vendor “platform” story that assumes a monoculture of enforcement technology. The modern reality is multi‑vendor and multi‑cloud. The only stable anchor point is the application and its connectivity requirements.
“Once you can truly achieve that decoupling,” Kyle says of separating business connectivity from specific policies, “you can unlock so much more capability because you’re not married to the policy anymore. You’re married to what the business needs to function.”
That is exactly the sort of thinking CISOs say they want in strategy decks. Algosec is trying to bake it into the day‑to‑day grind of rule changes, audits, and outage‑free cleanup.
Why CISOs Should Care Now
If you are a CISO or security leader trying to rationalize network policy across legacy data centers, multiple public clouds, and a steadily growing SASE/SD‑WAN footprint, Algosec belongs on your shortlist of serious options.
The company has:
- A long history in firewall management, which means it understands the ugly edge cases and political minefields of rule changes
- A clear shift toward application‑centric connectivity modeling, which aligns with zero trust and business‑risk framing
- A growing AI capability in Algo that aims to make that complexity more accessible to humans and, eventually, to AI agents acting on their behalf
The snarky way to put it is this: if your current recertification process still involves emailing spreadsheets of firewall rules to bewildered business owners, you are doing 2026 with a 2006 playbook.
Algosec is not the only vendor talking about application‑centric policy and automation, but they are one of the few whose heritage is actually rooted in the unglamorous reality of real‑world rulesets, multi‑vendor sprawl, and auditors who are not impressed by slideware.
A Call To Action For CISOs
If the themes from this discussion sound uncomfortably familiar in your own environment, here are concrete next steps to consider:
- Inventory your “recertification” pain
Look at how you are currently handling firewall rule cleanup, segmentation validation, and regulatory recertification. If your teams hesitate to take action because they cannot tie rules to applications, you already have a use case for Algosec. - Pilot an application‑centric approach
Pick one critical business application or regulatory initiative and explore how Algosec could map its connectivity end to end. Use that as a proof point to see how an app‑first lens changes conversations with auditors and application owners. - Plan for an AI‑assisted future
As capabilities like Algo mature, consider how AI‑driven analysis and workflows could help you scale policy management without simply throwing more engineers at the problem.
In a world of escalating regulatory pressure, exploding hybrid complexity, and an oncoming wave of AI‑driven identities and services, the organizations that win will be the ones that can reason about connectivity at the level the business actually understands. Algosec is betting its future on being that reasoning engine.
If you have not looked at them since the “firewall cleanup” days, it might be time for a fresh look.
Author’s Note
The author sat down with Algosec Field CTO Kyle Wickert at the 2026 RSAC Conference in San Francisco, March 23rd to 25th, 2026, to discuss how the company is evolving from its firewall management roots into an application‑centric connectivity and security policy platform, and how AI is shaping its next chapter.
For more information, please visit www.algosec.com.
About the Author
Pete Green is the CISO / CTO of Anvil Works, a ProCloud SaaS company and co-author of “The vCISO Playbook: How Virtual CISOs Deliver Enterprise-Grade Cybersecurity to Small and Medium Businesses (SMBs)”. With over 25 years of experience in information technology and cybersecurity, Pete is a seasoned and accomplished security practitioner.
Throughout his career, he has held a wide range of technical and leadership roles, including LAN/WLAN Engineer, Threat Analyst, Security Project Manager, Security Architect, Cloud Security Architect, Principal Security Consultant, Director of IT, CTO, CEO, Virtual CISO, and CISO.
Pete has supported clients across numerous industries, including federal, state, and local government, as well as financial services, healthcare, food services, manufacturing, technology, transportation, and hospitality.
He holds a Master of Computer Information Systems in Information Security from Boston University, which is recognized as a National Center of Academic Excellence in Information Assurance / Cyber Defense (CAE IA/CD) by the NSA and DHS. He also holds a Master of Business Administration in Informatics.
