A View From The Startup Within The Startup

The Zscaler cloud security platform took years to build by a world-class engineering team, which created a technology stack that has literally been built from scratch to be a truly multi-tenant distributed cloud service with more than 100 patents filed and counting. As revolutionary as Zscaler Internet Access is, we didn’t stop to rest on our laurels. We leveraged this industry-changing technical foundation and continued to innovate in new and radical ways.

It’s fairly unusual for a company to establish an emerging technologies engineering team when it’s barely five years old itself; that kind of investment is basically a startup within a startup. But that’s exactly what Zscaler did. Nearly five years ago, we established our emerging technologies team and started building on top of our existing cloud platform to address adjacent customer needs that, when coupled with Zscaler Internet Access, would truly deliver on the vision of the company to provide a full security check post in the cloud. It not only could sit between users and internet destinations, but could also sit between users and private applications, whether they existed in the corporate data center or moved out to public cloud infrastructure-as-a-service providers like Amazon AWS and Microsoft Azure.

As customers began to rethink their network security architectures, they also wanted to rethink VPN architectures. They were not only concerned with remote access solutions, but the more fundamental question of how user should access private, internal applications. Our team was exploring some of these same questions.

In late 2016, after years of dedicated engineering effort from the emerging technologies team, we launched Zscaler Private Access. Just as Zscaler Internet Access disregarded decades of traditional network security approaches, Zscaler Private Access disregarded decades of traditional VPN technologies. It took years of continued innovation and even more patents to figure out three key technology milestones:

1. How to remove the “network” from the equation of user-to-application access. Why should the network matter anymore? Keeping users off the network not only enables new architectures, but also keeps that network where the applications are running better secured.
2. How to radically increase security by leveraging modern “inside out” networking techniques that keep resources truly invisible from unauthorized users. In its purest form, this level of invisibility can only be achieved when there isn’t a single inbound firewall policy or access control list…not to us, not to the internet, not to anyone.
3. Most importantly, how to dramatically change the user experience, because no one likes how their traditional VPNs work today. It’s a flawed notion that users would have to do something fundamentally different to access private applications when they are on the corporate network vs. when they are off. The proof is in the overwhelming success of software-as-a-service applications.
    

It’s an amazing honor to be part of a team in a company that has had not one but two radical innovations, and I can guarantee it won’t stop here.