SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Zscaler debuts four new cybersecurity services to halt attacks

Wed, 21st Jun 2023
FYI, this story is more than a year old

Zscaler has debuted four new cybersecurity services and capabilities which further extend the power of its Zscaler Zero Trust Exchange cloud security platform.

According to the company, the additions not only enhance the monitoring and remediation of sophisticated attacks but also deliver a new approach to securely connecting branch offices, while simplifying and streamlining the management process at scale for IT professionals. 

Large-scale cybersecurity attacks have become increasingly sophisticated and widespread, Zscaler states. These attacks can have a devastating impact on an organisation's reputation, financial stability, and day-to-day operations. To combat these threats, it's essential for businesses to have a comprehensive cloud security platform that can provide real-time threat detection, automated response, and proactive risk mitigation.

Processing more than 300 billion transactions per day, the Zscaler platform is a fully integrated, extensible cloud security platform designed to provide customers with always-on intelligence that allows organisations to take a proactive approach to security, respond to threats efficiently, and optimise their security posture. 

At Zenith Live Las Vegas, Zscaler unveiled the following security services and capabilities:

Zscaler Risk360: A risk quantification and visualisation framework

Zscaler Risk360 aims to help CIOs and CISOs make informed and expedited business decisions that help reduce cyber risk. By leveraging a set of signals from internal and external sources within the Zscaler platform, IT and security leaders gain unparalleled visibility and actionable intelligence from more than 100 data-driven factors to enable the following:

  • Risk quantification: Delivers real-time risk scores for all stages of cyber breaches, as well as risk visualised across four entities, including workforce, third parties, applications, and assets.
  • Intuitive visualisation and reporting: Filters top drivers for cyber risk and anticipates financial exposure estimates, including financial remediation recommendations, with the ability to create concise board-level presentation materials.
  • Actionable remediation: Prioritises actionable recommendations with guided workflows to investigate and remediate the most critical issues to keep an organisation secure and operations running non-stop.

Zero Trust Branch Connectivity: Redefining branch connectivity for security and management

Zero Trust Branch Connectivity delivers simplicity, scale, and security, dramatically reducing recurring overhead costs associated with MPLS connections for branch locations.

This fundamentally new approach to securely connecting branch offices helps eliminate risky site-to-site VPNs over SD-WANs resulting in improved user, application, and data security, lowered costs, and reduced operational complexity, all while being able to significantly accelerate M&A. 

A new plug-and-play appliance features zero touch provisioning, making installs effortless. Zero Trust Branch Connectivity enables enterprises to:

  • Replace site-to-site VPNs and costly MPLS connections with zero trust: Securely connecting users, services, and IoT/OT devices between branches and their application stack.
  • Simplify branch IT operations: Providing direct-to-internet connectivity to reach cloud-based applications eliminates the need to maintain complex legacy routing and reduces infrastructure.
  • Significantly accelerate M&A and B2B: Reducing time to productivity for organisations that are bringing people and business applications together.

Naresh Kumar, VP, Product Management, Zscaler, says, "Enterprises relying on site-to-site VPNs for their branch locations are experiencing increased volumes of security threats.

"Site-to-site VPNs create an entry point for lateral threat movement and lack the security benefits of a zero trust architecture. Zscaler has reimagined branch connectivity by eliminating VPNs and providing secure access via the Zscaler Zero Trust Exchange for users, servers, and devices at branch sites - all you need is a broadband connection."

Zscaler ITDR Solution: Mitigating identity attacks with continuous visibility, risk monitoring, and threat detection

Cyber criminals are increasingly targeting users for their identities and credentials. The Zscaler ThreatLabz annual Phishing Report found that most modern phishing attacks rely on stolen credentials.

Zscaler ITDR aims to strengthen the business's security posture with continuous visibility into identity misconfigurations and risky permissions. With Zscaler ITDR, CISOs can: 

  • Quantify identity risk: Track the posture of the identity attack surface with quantified risks.
  • Find misconfigurations: Discover risky configurations like GPP password exposure, unconstrained delegation, and stale passwords that open up new attack paths.
  • Real-time monitoring: Get alerted to new risks and issues when configurations change.
  • Stop privilege escalation: Detect and stop attacks like DCSync, DCShadow, kerberoasting, and more in the event of a compromise.
  • Remediate issues: Understand the issue, impact, and user affected. Leverage step-by-step remediation guidance along with video tutorials, scripts, and commands.

ZSLogin Feature: Centralised login dashboard with streamlined authentication for IT processes 

Zscaler is also aiming to make IT Administrators' lives easier while elevating their effectiveness by providing the following: 

  • Centralised entitlement management: Simple way to review all entitlements across the platform and ensure administrators receive the appropriate permissions. 
  • Passwordless multi-factor authentication: Support for passwordless, multi-factor authentication, increasing the strength of admin authentication that is easier to use and phishing resistant.
  • Automated administrator identity management: Administrator identities can be managed using SCIM to automate the creation, entitlement assignment, and revocation of privileges based on the identity data from customer identity providers.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X