Zscaler Unveils Five Big Security Updates: Here’s What To Know
The cybersecurity vendor announced new capabilities in identity threat detection, zero trust security, generative AI and more in connection with its 2023 Zenith Live conference.
The Latest From Zscaler
With the newest set of additions to its security service edge (SSE) product portfolio, Zscaler is looking to help partners and customers lock down their systems using zero trust security principles without the heavy lift of having to ensure that all capabilities are well-integrated. In connection with its 2023 Zenith Live conference, which takes place today and tomorrow in Las Vegas, Zscaler announced four major product updates Wednesday including new services and features to help better protect against hackers and insider threats.
Among the new capabilities is the debut of Zscaler’s first offering in the area of identity threat detection and response (ITDR), which is focused on helping to stop attacks that utilize compromised identities and credentials. Importantly, the new ITDR capability can be easily added for users of the Zscaler Private Access platform, since it leverages the same software agent, said Dhawal Sharma, a senior vice president focused on product management at Zscaler. “Our customers look for tool consolidation. They don’t want individual products that are not part of an ecosystem,” Sharma told CRN. “So from our perspective, adopting this is very easy for our customers.”
In connection with Zenith Live, Zscaler also announced a new framework for risk quantification and visualization, Risk360; Zero Trust Branch Connectivity; several capabilities that leverage generative AI, including the company’s new Security Autopilot tool; and a new feature for “streamlined” administration, ZSLogin.
What follows are the key details on Zscaler’s five latest security product updates.
Zscaler is “uniquely positioned” to offer identity threat detection and response (ITDR) because the company already had most of the pieces necessary to help customers with detecting identity compromise and remediating the issues, Zscaler’s Sharma told CRN. For instance, because Zscaler is already tracking user traffic, the company can spot anomalous and risky behaviors that might be a sign of an insider threat or an external attack by a threat actor, he said. “Those kinds of risk signals, and the context that we can bring to the identity, gives us a much wider view of identity that we will be leveraging more and more,” Sharma said.
To start, Zscaler’s ITDR capability is focused on assessing activity related to Microsoft Active Directory. By detecting attacks at an early stage — when an attacker is often still performing reconnaissance — many types of attacks can be thwarted before they turn into full-blown ransomware deployment or data exfiltration, Sharma noted. “When someone gets access to a highly privileged system, like your Active Directory, it could be an insider job, it could be a compromised user machine,” he said. “When we see those behaviors, we can detect changes before they can compromise [a system further].”
Ultimately, “bringing this all together gives a holistic identity lens to Zscaler — which is not something which network security or firewall or even SSE vendors have focused on today,” Sharma said.
At Zenith Live 2023, Zscaler unveiled Risk360, a new framework for risk quantification and visualization that aims to help organizations make better — and faster — decisions about reducing their security risk. The new capability leverages a range of data sources within the Zscaler platform to provide what the company says is “unparalleled” visibility. Users can use the tool to obtain risk scores, in real time, for different stages of a cyber incident and visualize risks across four key entities: the workforce, assets, applications and third parties. The framework also aims to offer “intuitive” visualization and reporting capabilities, according to Zscaler, highlighting the biggest drivers of cyber risk and providing an estimate for financial exposure. Additionally, Risk360 provides “actionable” remediation recommendations and guided workflows to enable the most critical issues to be addressed promptly, Zscaler said.
Zero Trust Branch Connectivity
With its new Zero Trust Branch Connectivity offering, Zscaler aims to “re-define” connectivity to branch locations based around improved security and easier management, the company said. The service can also reduce the recurring costs associated with MPLS connections in branch locations, according to the company. The approach removes the use of site-to-site VPN over SD-WAN connections — boosting security across users, data and applications — while also lowering operational complexities, according to the company. Additionally, Zscaler’s Zero Trust Branch Connectivity enables faster and smoother mergers and acquisitions by providing a “plug-and-play” branch appliance with “zero-touch” provisioning, the company said.
Generative AI Capabilities
Zscaler is also using its Zenith Live conference to unveil an array of new product capabilities that utilize generative AI technology. The company’s Security Autopilot tool aims to help partners and customers to be more proactive approach on data security by leveraging AI engines that “continuously learn from changing cloud-based policies and logs,” Zscaler said in a news release. The tool recommends policies, conducts impact analysis and enhances security posture control — ultimately preventing breaches in the future, according to the vendor.
Another new Zscaler feature based on generative AI is Zscaler Navigator, which the company says is a “simplified and unified” natural language interface that will allow customers to interact with the vendor’s security products and “access relevant documentation details using a seamless, secure and user-friendly approach.”
Additionally, Zscaler unveiled Multi-Modal DLP (data loss prevention), which taps into generative AI for protection of customer data. The tool can thwart data leakage “across various media formats beyond text and images, such as video and audio formats,” Zscaler said in its release.
Zscaler said that its new ZSLogin feature offers IT administrators a centralized login dashboard, providing them with “streamlined” authentication and enhanced efficiency. The feature enables admins to authenticate just once to access various Zscaler consoles; centralizes management of entitlements to enable simplified reviews for all entitlements on the Zscaler platform; support for passwordless multi-factor authentication; and automated administrator identity management through SCIM integration, which automates the creation of privileges as well as assignment of entitlements and privilege revocation.