At its Zenith Live event, cloud security vendor Zscaler touted AI as a route to increased business relevancy and simplified operations.
The cloud security provider Zscaler recently hosted its annual ZenithLive event under the bright Las Vegas lights. The company pioneered the security services edge, where security moves away from on-premises firewalls and VPNs to zero trust delivered via a cloud proxy.
Prior to the pandemic, the company had seen strong growth but saw an acceleration of the business as the proxy architecture proved simpler and more effective than traditional VPNs for a remote workforce. Now that people are returning to the office, I’ve been watching to see if businesses would move back on firewalls and VPNs, but it appears most are staying with the evolved cloud model.
At the recent event, Zscaler launched several security products and services, demonstrating its proactive approach of leveraging advanced technologies and artificial intelligence (AI) to protect organizations against evolving cyber threats.
Zscaler Generative AI Uses Massive Curated Data
The new products utilize generative AI to improve threat detection, prevention, and response, focusing on protecting intellectual property and customer data. Zscaler’s Zero Trust Exchange (ZTE), gives it a massive amount of curated data. This, when combined with its large language models (LLM), should enable the company to deliver artificial intelligence that is accurate and reliable.
Zscaler developed a suite of products that allow organizations to use generative AI for predicting and preventing breaches:
- Zscaler Data Loss Prevention (DLP) securely records and retains generative AI queries and outputs. DLP ensures security and simplifies auditing within the organization’s environment.
- AITotal is a comprehensive risk-scoring system that evaluates the risk profiles and privacy policies of various AI applications. It helps organizations make informed decisions and manage the security implications of using AI apps.
- AI Visibility and Access Control is a new offering to monitor AI app usage. Using the tool, organizations can establish policies for different user groups, granting precise control over access to AI apps. The tool also enables cloud-based remote browser isolation, adding an extra layer of security by restricting potentially harmful actions.
Zscaler recently introduced several other generative AI-driven products, which are currently in preview. Security Autopilot, for example, is a tool that helps AI engines continuously learn from changing cloud-based policies and logs. It recommends policies, performs impact analysis, and simplifies security operations, ultimately improving security and preventing future breaches.
Another tool, Zscaler Navigator, is a simplified natural language interface that provides customers with a user-friendly way to manage and navigate Zscaler’s products. Lastly, Multi-Modal DLP integrates generative AI and multi-modal capabilities by extending data protection to different media formats like video and audio. Traditional DLP tools are typically limited to text and image-based data.
New Products for Cloud Platform
Also at its recent show, Zscaler introduced four new additions to its ZTE platform. The services were developed to tackle complex cyberattacks, offer a new way of safely linking branch offices, and simplify the management process for IT professionals.
The announcements:
- Zscaler Risk360 uses signals from inside and outside the enterprise to give IT and security leaders an actionable picture of potential threats, based on over 100 data-focused elements. The service provides a picture of financial risks and offers recommendations in a format suitable for high-level presentations. Furthermore, Risk360 highlights the most critical security issues for a business to deal with and provides detailed plans to investigate and correct them. Risk360 moves Zscaler out of the security operations center (SOC) and into the board room. However, there are already several risk-scoring tools available to companies today, but most gather the data from an external scan only. Zscaler is adding internal data, which theoretically adds another risk vendor. The risk industry is very well established, and Zscaler’s ability to penetrate it depends on its ability to “see” things the traditional vendors cannot.
- Zero Trust Branch Connectivity is another new offering, which uses a branch appliance to simplify branch connectivity. The device is designed to be plug-and-play as it just needs to be plugged in and will auto-configure from the cloud. While this isn’t a full SD-WAN appliance that would compete with Zscaler partners, it can be thought of as SD-WAN light or even zero trust WAN as it provides basic connectivity and on-boards the location to the Zscaler cloud.
- Zscaler Identity Threat Detection, and Response (ITDR) Solution continually monitors identity misconfigurations and permissions. This is crucial as cybercriminals increasingly steal user credentials to gain unauthorized access. The Zscaler ITDR Solution tracks the posture of the identity attack surface and gets alerted to new risks when configurations change. Additionally, it can detect and stop certain types of attacks in case of a breach.
- ZSLogin streamlines authentication for IT administrators. It offers a simple way to review all permissions and supports passwordless, multi-factor authentication. The service also provides automated management of administrator identities, making the process more efficient, less error-prone, and less vulnerable to phishing attacks.
Bottom Line: Shift from On-Prem to Cloud-Based
At the event, I had a chance to talk to several Zscaler customers about the shift from on-prem, VPN, and firewall-based security to a cloud-based proxy architecture. Most echoed that same sentiment where the shift to hybrid work, mobility, and cloud does drive the need for security evolution.
Most also said that the hardest part of the transition to Zscaler was the operational change it created. Many of the new AI features are designed to simplify operations and give an enhanced level of visibility so security and IT teams can understand the performance implications of shifting security to the cloud.
