AI and Machine Learning at Zscaler

Artificial intelligence powered by the world’s largest security cloud and delivered in a zero trust architecture to optimize your security, productivity, and user experience

See the AI-powered innovations supercharging the Zscaler Zero Trust Exchange and bringing intelligence to the Security Services Edge.

Experience the power of the world’s largest security cloud

Machine learning models are trained on a stream of data that grows over time. The more good data you have, the more accurate your models will be. Zscaler has run the world’s largest inline security cloud for over a decade, processing trillions of signals daily to continuously feed and refine our ML models. The result is unmatched, always-growing intelligence that allows us to accurately detect threats, optimize policies, and more.

150+

Data centers on six continents

240B+

Requests processed per day

7M

Security incidents and policy violations prevented/day

200K+

Unique security updates/day

Zscaler-ML-AI-world’s-largest-security-cloud

6,000+ Enterprises of all sizes

40% of the Fortune 500

30% of the Global 2000

Machine learning applied at machine speed

ML models are only as effective as the data that drives them—and their ability to enforce the outcomes. We embed AI throughout our cloud native zero trust architecture to broker and inspect all connections inline, enabling AI to enhance prevention, detection, policy, and performance in real time.

Zscaler AI is uniquely effective because it’s:

Delivered inline and offline

Unlike passthrough firewalls, the Zscaler cloud proxy architecture can apply AI/ML on a stream of traffic in real time and hold or terminate a connection when deeper analysis is required.

Cloud native

AI requires compute, memory, and storage resources at a scale only found in the cloud. Zscaler uses the cloud to facilitate complex computations at lightning speed as well as store and process data that continually refines our ML algorithms.

Applied to all traffic

Over 80% of attacks use encrypted channels that many legacy security tools don’t inspect. Zscaler inspects TLS/SSL traffic at scale, enabling AI to analyze all traffic, not just some.

How we’re using AI and ML

Zscaler-ML-AI-Cybersecurity

Cybersecurity

AI helps predict and block never-before-seen attacks and detect suspicious behavior, improving protection and making life easier for your security team

Zscaler-ML-AI-User-experienc

User experience

AI intelligently optimizes connection speeds and outage protection, allowing users to connect to resources more quickly and reliably

Zscaler-ML-AI-Policy-automation

Policy automation

AI analyzes usage patterns and auto-generates access policies for better visibility, faster access, and zero trust enforcement

Zscaler-ML-AI-Cloud-performance

Cloud performance

AI maximizes platform performance and resiliency with intelligent capacity planning, proactive alerting, root cause analysis, and real-time platform updates

What the Zscaler adaptive security engine can do for you

Zscaler-ML-AI-Policy-automation

Take a proactive security approach

by predicting adversaries’ actions and preempting their attacks

Zscaler-ML-AI-Respond-to-threats

Respond to threats with confidence

with fewer false positives and data protection that actually works

Zscaler-ML-AI-your-security-posture

Optimize your security posture

with intelligent, adaptive, automated policies that simplify deployment and improve the efficacy of your security controls

Intelligent

prevention

No more playing catch-up with adversaries by trying to create signatures faster than they can create malware. Our intelligent prevention uses AI-powered heuristic models to identify characteristics and contextual behavior of adversarial actions and block those actions, stopping even never-before-seen attacks. When a new threat is detected, prevention models in the Zscaler cloud are updated in real time, automatically improving protections for customers around the world without needing to wait for the next security update.

Intelligent

protection

If adversaries are able to compromise a system, our intelligent protection can detect it. Our AI and ML models compare behaviors to a continually refined baseline to identify anomalies and take automatic response actions such as isolating a host, which keeps the attacker from spreading across the network and reduces the impact of their attack.

Intelligent

policy

Stopping insider threats who have legitimate access is one of the toughest security challenges. Our intelligent policy uses AI to identify risky user behaviors and set dynamic policies in real time. This allows you to reduce risk and enforce least-privileged access while optimizing the end user experience—all without requiring manual administrative actions.

Intelligent prevention

No more playing catch up with adversaries by trying to create signatures faster than they can create malware. Our intelligent prevention uses AI-powered heuristic models to identify characteristics and contextual behavior of adversarial actions and block those actions, stopping even never-before-seen attacks. When a new threat is detected, prevention models in the Zscaler cloud are updated in real time, automatically improving protections for customers around the world without needing to wait for the next security update.

Intelligent protection

If adversaries are able to compromise a system, our intelligent protection can detect it. Our AI and ML models compare behaviors to a continually refined baseline to identify anomalies and take automatic response actions such as isolating a host, which keeps the attacker from spreading across the network and reduces the impact of their attack.

Intelligent policy

Stopping insider threats who have legitimate access is one of the toughest security challenges. Our intelligent policy uses AI to identify risky user behaviors and set dynamic policies in real time. This allows you to reduce risk and enforce least-privileged access while optimizing the end user experience—all without requiring manual administrative actions.

Zscaler-ML-AI-Adaptive-security-engin

Integrated artificial intelligence features

Zscaler has 45+ patents and multiple teams of data scientists dedicated to AI to continuously improve capabilities and outcomes for our customers, including:

Security

  • Catching never-before-seen malware with a high-performance, gradient boosting ML model
  • Detecting phishing and credential theft with interpretable AI that explains phishing verdicts
  • Detecting unknown and evasive command-and-control traffic
  • Intelligently quarantining files based on AI/ML analysis of file content

Data protection and classification

  • Identifying risky user behavior such as insider threats and data exfiltration using neural networks
  • Conducting supervised and unsupervised device classification

Content categorization

  • Categorizing destinations based on content and URL/URI patterns
  • Identifying and blocking machine-generated domains (DGA), which are created by the millions
  • Dynamically updating domain reputations and enforcing access control

User experience and policy automation

  • Optimizing policies for business performance and risk reduction based on unsupervised learning, clustering, and a two-tower neural network
  • Proactively detecting and automatically remediating cloud issues based on abductive reasoning, time series anomaly detection, and a prophet forecasting AI model

Security

  • Catching never-before-seen malware with a high-performance, gradient boosting ML model
  • Detecting phishing and credential theft with interpretable AI that explains phishing verdicts
  • Detecting unknown and evasive command-and-control traffic
  • Intelligently quarantining files based on AI/ML analysis of file content

Content categorization

  • Categorizing destinations based on content and URL/URI patterns
  • Identifying and blocking machine-generated domains (DGA), which are created by the millions
  • Dynamically updating domain reputations and enforcing access control

Data protection and classification

  • Identifying risky user behavior such as insider threats and data exfiltration using neural networks
  • Supervised and unsupervised device classification

User experience and policy automation

  • Optimizing policies for business performance and risk reduction based on unsupervised learning, clustering, and a two-tower neural network
  • Proactively detecting and automatically remediating cloud issues based on abductive reasoning, time series anomaly detection, and a prophet forecasting AI model

Suggested Resources

Blog

2020s: AI and Machine Learning Offer Hope for the Future

Blog

How and When to Embed Machine Learning in Your Product

Podcast

The state of artificial intelligence, trust, and cybersecurity

Blog

Intelligent Patient-Zero Prevention Powered by AI

Blog

Zscaler AIOps: Drawing the signal out of the noise in the largest security cloud

Blog

Blocking the Unknown Threat with Machine Learning

Zscaler AI-powered threat prevention

AI-powered security services informed by the world’s largest security cloud help keep you safe from never-before-seen threats.

Artificial intelligence that stops cyberattacks

Human defense alone isn’t enough. Advanced attackers are already using AI and the cloud to spin up the next wave of never-before-seen attacks at speed and scale. To take back the upper hand, security teams need AI-powered defenses that can accurately predict and proactively protect against the evolving threat landscape.

Zscaler AI acts as a force multiplier for your security team, using proprietary multidimensional host analysis to predict and detect new and evasive malware other tools can’t see, AI-powered phishing detection to block malicious pages and stop credential theft, and an AI-powered policy engine that mitigates risk by continually optimizing policies.

Zscaler AI-powered user experience

AI intelligently optimizes connection speeds and outage protection, allowing users to access resources quickly and reliably.

No more choosing between security and productivity

Legacy security approaches show business down, leaving IT and security teams to balance protection with business enablement. With the Zscaler Zero Trust Exchange, you no longer need to make that tradeoff. Our platform is custom-built to maximize speed using scalable cloud resources for lightning-quick connectivity. AI monitors cloud operations and ensures every user has a fast, seamless, reliable experience.

Zscaler AI-powered policy automation

AI analyzes and auto-generates access policies for better visibility, faster access, and zero trust enforcement.

Less administration, less risk

Organizations spend countless hours manually creating and maintaining complex access policies that are often static and overly permissive. Zscaler intelligent policy uses AI to predict who may need access to resources in the future and identify risky behaviors or policies that should be restricted. By optimizing policies dynamically in real time, Zscaler enables zero trust-based risk reduction while optimizing end user experience, all without requiring manual administration.

Zscaler AI-powered platform optimization

AI maximizes platform performance and resiliency with intelligent capacity planning, proactive alerting, root cause analysis, and real-time platform updates.

Our platform is continuously improving

AI is woven throughout our backend and frontend, enabling our teams to ensure our platform is consistently fast, secure, and resilient for all customers. Our AIOps capabilities identify and alert on ISP outages, detect and remediate customer issues, and help autoscale cloud resources in anticipation of demand surges. Artificial intelligence also helps drive more than 250,000 unique security updates daily, keeping protections up to date for all Zscaler customers.