San Jose, California, September 17, 2013
Zscaler, the global security cloud for the mobile enterprise, today announced Zscaler for APTs, the industry’s first cloud-based security solution to address the entire advanced persistent threat (APT) and advanced targeted attack (ATA) defense lifecycle, including protection, detection and remediation. Zscaler for APTs provides continuous coverage of any user on any device in any location with proactive protection and real-time advanced security analytics, a significant advance over today’s narrowly-focused point appliance and niche behavioral analysis solutions that fail to provide a complete view of the enterprise threat landscape or address the entire defense lifecycle.
In “Strategies for Dealing With Advanced Targeted Attacks,” Gartner Research Directors Jeremy D’Hoinne and Lawrence Orans note, “Targeted attacks, often called APTs, penetrate existing security controls, causing significant business damage. Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats.” 1
APTs and ATAs probe networks and users for vulnerabilities, utilize zero-day exploits for infection, establish botnets and maintain communication with command and control servers before exfiltrating data or sabotaging systems – all while evading traditional security and detection solutions.
“Many security vendors have overhyped APTs, blurring its definition to distract the market from the fact that their solutions are simple features that should be included in a greater platform,” said Michael Sutton, vice president of security research, Zscaler. “Advanced threats are more than just social engineering, zero-day attacks or data exfiltration; they are the sum of these parts and more, requiring a comprehensive solution to address each individual attack surface as a whole.”
The advanced threat protection lifecycle includes protection, detection and remediation; however, the first generation of APT solutions, such as behavioral analysis, has been limited in addressing the entire lifecycle. Behavioral analysis is an important feature for identifying advanced threats, but it is not a complete solution on its own. The results from behavioral analysis must be combined with other preventative and detective controls to ensure comprehensive protection.
Delivered from the world’s largest and most scalable global direct-to-cloud network, Zscaler for APTs breaks new ground in the fight against the most difficult and pervasive cyber threats, providing multiple layers of advanced security protection and utilizing the broadest range of inspection technologies and techniques. Only Zscaler for APTs consolidates the commoditized features of existing point appliances to provide a comprehensive security platform that addresses all major phases of APT defense:
- Protection Zscaler for APTs delivers proactive and real-time protection from potentially malicious code, enhancing its static anti-virus and vulnerability shielding with its newly-introduced dynamic behavioral analysis engine to block initial infections.
- Detection Zscaler for APTs bolsters its bi-directional, in-line traffic scanning with its newly-introduced DNS analysis to detect suspicious traffic patterns indicative of botnet callbacks to minimize dwell time of APTs, identifying botnets before they can take root.
- Remediation Zscaler for APTs augments its advanced “big data” security analytics with its newly-introduced integration into leading security information event management (SIEM) solutions, providing information security teams with the real-time global visibility into network, payload and endpoint traffic required to isolate botnets and remove infection.
Zscaler for APTs is delivered from the Zscaler Direct-to-Cloud Network, the world’s largest and most scalable global security cloud, which leverages community threat intelligence from its more than 10 million deployed users – an install base ten times greater than any other community defense platform – to provide on-going visibility and protection from emerging threats, regardless of device or location. The Zscaler Direct-to-Cloud Network enables enterprises to eliminate traditional security appliances, streamlining management and vastly reducing network infrastructure costs by securing users as they travel “direct-to-cloud.”
“It seems a single day cannot pass without some interesting new botnet emerging in the news,” said Tony Fergusson, IT architect, MAN Diesel & Turbo. “It is reassuring to know that Zscaler for APTs leverages the depth of its behavioral analysis with the breadth of its Direct-to-Cloud Network visibility to deliver a uniquely comprehensive solution.”
The Zscaler behavioral analysis engine featured in its APT solution is the same technology used to conduct security research by ThreatLabZ, the Zscaler security research team. Powered by Zscaler behavioral analysis, Zscaler ThreatLabZ has recently identified and published seminal industry research focused on CookieBomb, Expack and Kelihos.
1Gartner “Strategies for Dealing With Advanced Targeted Attacks” by Jeremy D'Hoinne and Lawrence Orans, 6 June 2013
Zscaler is revolutionizing Internet security with the industry’s first Security as a Service platform. As the most innovative firm in the $35 billion security market, Zscaler is used by more than 5,000 leading organizations, including 50 of the Fortune 500. Zscaler ensures that more than 15 million users worldwide are protected against cyber attacks and data breaches while staying fully compliant with corporate and regulatory policies.
Zscaler is a Gartner Magic Quadrant leader for Secure Web Gateways and delivers a safe and productive Internet experience for every user, from any device and from any location — 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the internet backbone, operating in more than 100 data centers around the world and enabling organizations to fully leverage the promise of cloud and mobile computing with unparalleled and uncompromising protection and performance. Zscaler delivers unified, carrier-grade internet security, next generation firewall, web security, sandboxing/advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence—all without the need for on-premise hardware, appliances or software. To learn more, visit us at www.zscaler.com.
- Zscaler Security Research
- Zscaler Security as a Service
- Award-winning Web Security
- World’s First Next Generation Cloud Firewall
- Sandboxing and Behavioral Analysis
Director of Communications