Zscaler Announces Comprehensive Cloud-based APT Solution
Zscaler for APTs Moves Beyond Point Appliances, Sets New Benchmark for Scalability; Renders Appliances Obsolete
San Jose, California, September 17, 2013
Zscaler, the global security cloud for the mobile enterprise, today announced Zscaler for APTs, the industry’s first cloud-based security solution to address the entire advanced persistent threat (APT) and advanced targeted attack (ATA) defense lifecycle, including protection, detection and remediation. Zscaler for APTs provides continuous coverage of any user on any device in any location with proactive protection and real-time advanced security analytics, a significant advance over today’s narrowly-focused point appliance and niche behavioral analysis solutions that fail to provide a complete view of the enterprise threat landscape or address the entire defense lifecycle.
In “Strategies for Dealing With Advanced Targeted Attacks,” Gartner Research Directors Jeremy D’Hoinne and Lawrence Orans note, “Targeted attacks, often called APTs, penetrate existing security controls, causing significant business damage. Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats.” 1
APTs and ATAs probe networks and users for vulnerabilities, utilize zero-day exploits for infection, establish botnets and maintain communication with command and control servers before exfiltrating data or sabotaging systems – all while evading traditional security and detection solutions.
“Many security vendors have overhyped APTs, blurring its definition to distract the market from the fact that their solutions are simple features that should be included in a greater platform,” said Michael Sutton, vice president of security research, Zscaler. “Advanced threats are more than just social engineering, zero-day attacks or data exfiltration; they are the sum of these parts and more, requiring a comprehensive solution to address each individual attack surface as a whole.”
The advanced threat protection lifecycle includes protection, detection and remediation; however, the first generation of APT solutions, such as behavioral analysis, has been limited in addressing the entire lifecycle. Behavioral analysis is an important feature for identifying advanced threats, but it is not a complete solution on its own. The results from behavioral analysis must be combined with other preventative and detective controls to ensure comprehensive protection.
Delivered from the world’s largest and most scalable global direct-to-cloud network, Zscaler for APTs breaks new ground in the fight against the most difficult and pervasive cyber threats, providing multiple layers of advanced security protection and utilizing the broadest range of inspection technologies and techniques. Only Zscaler for APTs consolidates the commoditized features of existing point appliances to provide a comprehensive security platform that addresses all major phases of APT defense:
- Protection Zscaler for APTs delivers proactive and real-time protection from potentially malicious code, enhancing its static anti-virus and vulnerability shielding with its newly-introduced dynamic behavioral analysis engine to block initial infections.
- Detection Zscaler for APTs bolsters its bi-directional, in-line traffic scanning with its newly-introduced DNS analysis to detect suspicious traffic patterns indicative of botnet callbacks to minimize dwell time of APTs, identifying botnets before they can take root.
- Remediation Zscaler for APTs augments its advanced “big data” security analytics with its newly-introduced integration into leading security information event management (SIEM) solutions, providing information security teams with the real-time global visibility into network, payload and endpoint traffic required to isolate botnets and remove infection.
Zscaler for APTs is delivered from the Zscaler Direct-to-Cloud Network, the world’s largest and most scalable global security cloud, which leverages community threat intelligence from its more than 10 million deployed users – an install base ten times greater than any other community defense platform – to provide on-going visibility and protection from emerging threats, regardless of device or location. The Zscaler Direct-to-Cloud Network enables enterprises to eliminate traditional security appliances, streamlining management and vastly reducing network infrastructure costs by securing users as they travel “direct-to-cloud.”
“It seems a single day cannot pass without some interesting new botnet emerging in the news,” said Tony Fergusson, IT architect, MAN Diesel & Turbo. “It is reassuring to know that Zscaler for APTs leverages the depth of its behavioral analysis with the breadth of its Direct-to-Cloud Network visibility to deliver a uniquely comprehensive solution.”
The Zscaler behavioral analysis engine featured in its APT solution is the same technology used to conduct security research by ThreatLabZ, the Zscaler security research team. Powered by Zscaler behavioral analysis, Zscaler ThreatLabZ has recently identified and published seminal industry research focused on CookieBomb, Expack and Kelihos.
1Gartner “Strategies for Dealing With Advanced Targeted Attacks” by Jeremy D'Hoinne and Lawrence Orans, 6 June 2013