Tufin, a global leader in network security policy management, has announced the release of Tufin Orchestration Suite (TOS) R25-2, the latest update to its unified control platform. The new version enhances visibility, automation, and security governance, helping organizations strengthen their cyber resilience while simplifying operations across increasingly complex hybrid infrastructures.

Modern security and networking teams are often overwhelmed by the need to manage multiple vendors and tools through separate interfaces—a fragmented approach that leads to operational inefficiency and inconsistent security enforcement. This siloed management model increases the likelihood of policy drift, delays in application deployment, and higher compliance risks.

Tufin addresses these challenges with a unified control plane that consolidates visibility, automates policy workflows, and maintains continuous compliance across hybrid networks. The latest R25-2 release advances this vision with four key improvements: greater topology accuracy, enhanced cloud automation and compliance, simplified SASE policy management, and AI-powered insights through TufinAI. Together, these upgrades offer enterprises full-spectrum visibility and automation across on-premises, cloud, and edge environments—all managed from a single pane of glass.

“Enterprise networks today are more fragmented and dynamic than ever,” said Jeffrey Spear, Chief Information Security Officer at Tufin. “With R25-2, we’ve further evolved our unified control plane to meet that reality—helping security teams see more, automate more, and minimize risk across their entire ecosystem.”

Cyber Technology Insights : Prowler Launches Lighthouse AI and MCP Server, Bringing Autonomous Security to DevSecOps Teams

Enhanced Topology Accuracy

R25-2 improves multi-vendor visibility and troubleshooting capabilities, particularly for Palo Alto Networks and Cisco environments. The release introduces deeper insights into Palo Alto External Dynamic Lists (EDLs), Cisco FMC AppID and URL categories, Cisco ACI Endpoint Security Groups (ESGs), and Policy-Based Routing (PBR).

These enhancements allow teams to pinpoint connectivity issues and policy misconfigurations with greater precision. By refining topology accuracy, Tufin provides clearer end-to-end mapping of how rules and policies are applied across vendors, enabling faster troubleshooting, fewer misconfigurations, and more informed security decisions.

Advanced Cloud Compliance and Automation

As enterprises scale their operations across AWS, Microsoft Azure, and Google Cloud Platform (GCP), maintaining consistent security policies has become a significant challenge. The R25-2 update introduces robust new features to simplify compliance management and enhance Zero Trust alignment across multi-cloud environments.

Key updates include:

  • Automated policy provisioning for Microsoft Azure Network Security Groups (NSGs) and Open Policy Model (OPM) devices, significantly reducing manual workloads.
  • Proactive violation detection for AWS and GCP environments, ensuring continuous compliance through automated alerts.
  • Organization-level cloud management, enabling automatic onboarding of AWS and Azure accounts for complete visibility.
  • Optimization of permissive rules in AWS Security Groups and Azure NSGs, helping reduce exposure and strengthen compliance posture.

These features empower organizations to maintain unified security governance across cloud environments while safely automating policy changes.

Cyber Technology Insights : SonicWall Achieves Perfect Threat Efficacy Again, Reinforcing Its Product Excellence

Simplified SASE Policy Management

With the rapid adoption of Secure Access Service Edge (SASE) architectures, enterprises face new complexities in maintaining consistent security policies across distributed systems. Tufin’s R25-2 update addresses this with automated change design and proactive risk analysis for Zscaler Internet Access (ZIA) environments.

Additionally, the Rule Optimizer feature now extends to Zscaler ZIA, allowing users to detect and correct overly permissive rules automatically. This integration delivers tighter access control and consistent policy enforcement across traditional firewalls, cloud workloads, and SASE deployments—all under one framework.

AI-Powered Insights with TufinAI

Building on its innovation momentum, Tufin has enhanced TufinAI Assistant, its natural language-driven search and analysis tool. This AI-powered capability enables both technical and non-technical users to interact with the platform intuitively, boosting collaboration and decision-making across teams.

Key improvements include:

  • Natural language search, allowing users to instantly locate relevant rules and configurations using plain English queries.
  • AI-enhanced accuracy, delivering faster, context-aware insights that reduce time spent on manual searches.
  • Accessibility for all users, empowering teams to independently analyze policies, detect anomalies, and make data-driven decisions.

TufinAI extends the value of the unified control plane by turning complex security data into actionable intelligence, improving efficiency and confidence for security and network operations teams alike.

Empowering Unified Security Management

The R25-2 release reinforces Tufin’s commitment to helping organizations automate, standardize, and optimize their network and cloud security operations. With a unified view across firewalls, cloud environments, and SASE solutions, Tufin enables enterprises to simplify policy management, accelerate application delivery, and reduce exposure to cyber threats—all within a single, centralized platform.

Cyber Technology Insights : Keeper Security’s Industry-First Forcefield Protects Against Memory-Based Attacks

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com