Did you miss the session at the Data Summit? See on-demand here.
Zscaler today announced the introduction of some new Zero Trust Network Access (ZTNA) capabilities, including enhanced detection of lateral movement and new functionality to block vulnerable users from exploiting vulnerabilities.
Updates are being released for Zscaler Private Access, which protects access to the company’s private applications. The product takes advantage of Zscaler’s Zero Trust Exchange Platform, which integrates cloud-based secure web gateways with cloud-distributed ZTNA.
With the updates, “security teams can get more high loyalty signals to root out and include malicious actors before they permanently damage the system,” Tony Patera, senior vice president of emerging products at Zscaler, said in an email to VentureBeat.
The new capabilities include integrated fraud, which Zscaler says is “industry-first” for detecting side-by-side movements within a zero-trust architecture when it comes to providing fraud-based security.
Zscaler is the first Security Service Edge (SSE) offer that is “capable of intercepting the most advanced competitors and is able to prevent side-by-side movement with built-in decoy and automated control over Zero Trust Exchange and third-party security operations platforms,” Patera said.
Fraud as a capability in SSE is “an indispensable solution to the user’s compromising problem, where a sophisticated attacker has stolen a valid credential or taken over a legitimate system,” he said.
In ransomware attacks, for example, there is a common technique of spreading side-by-side throughout the organization to encrypt file shares before demanding payment. With fraud, “we can create an ‘early warning system’ by inserting decoys that can be used to cut off access to a private application for a compromised user, thus preventing an attack and preventing further damage to the compromised user,” Patera said. Said.
Zscaler says the integrated fraud capability also helps reduce alert fatigue with “high confidence” alerts generated by the system’s decoys.
Private application security
Private app security is another new capability being unveiled, focusing on preventing attackers from exploiting sensitive private applications. According to Zscaler, the main feature included in the solution is the in-line monitoring of private application traffic.
Zscaler private access has already “shrunk the attack surface” by invisible sensitive services to the Internet, Patera noted. But the addition of private application security means that “we are now able to take it one step further and block the compromised user from exploiting that vulnerability,” he said.
In addition, Zscaler announced that it was introducing privileged remote access for industrial IoT and OT systems, moving beyond users and workloads.
“In light of the growing geopolitical tensions, we want to ensure that governments and private businesses can secure such IIoT / OT systems and respond to customer demand for remote access management options built on zero trust architecture,” Patera said.
True zero faith
While Zero Trust has become a “buzzword” and has been misused by some vendors, true Zero Trust involves connecting users directly to applications without having to go to the network, Zscaler founder and CEO Jay Chowdhury said in a recent interview with VentureBeat. Was.
An example of Zscaler’s approach can be seen in how it protects customers from the exploitation of remote code execution vulnerabilities in Apache Log4j, Choudhury said.
This flaw is the “most dangerous vulnerability” to be imagined – but Zscaler customers have benefited from having their applications hidden by the Zero Trust Exchange, Choudhury said.
“I had a number of customers who approached me and said, ‘Thank God I’m hiding behind Zscaler. I need to patch my systems, but I don’t sweat. I have time to patch them, because they can’t be found on the internet, “he said. “So the faster the market accepts zero confidence, the more secure we will get.”
In February, research firm Gartner ranked Zuskler in the “Leaders” quarterly inaugural Magic Quadrant for Security Service Age. Only two other vendors, McAfee Enterprise’s SSE business (now known as Skyhigh Security) and Netskope, landed in the SSE Leaders quarter.
Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more