Overview
Know when attackers exploit, misuse, or steal enterprise identities and identity infrastructure. Reduce the risk of identity-based attacks with real-time identity threat detection and response (ITDR).
Get full visibility into misconfigurations, risky permissions, and exposed credentials
Detect and respond to attacks that abuse credentials and bypass MFA to move laterally
Remediate and investigate faster with SOC workflow and access policy integration
The Problem
Identity is the new attack surface
As zero trust adoption shrinks traditional attack surfaces around the world, attackers are looking beyond malware. They're using sophisticated techniques to steal credentials, bypass multifactor authentication, and escalate privileges.
Legacy threat detection and identity systems weren't built to handle identity-based threats, leaving you with critical blind spots around risky changes, compromised credentials, and malicious activity.
Solution Overview
Unlock identity-first security
Zscaler Identity Protection (ITDR) protects users with continuous visibility into identity configurations and risky permissions. Built into Zscaler Client Connector, our lightweight endpoint agent, it's a simple, low-touch approach to stopping identity-based attacks.
Set up Identity Protection in just minutes, and start improving your security posture immediately. Rapid assessments and alerts give your security team valuable insights into identity-related vulnerabilities and changes that increase your risk of a data breach.
Benefits
Reduce the risk of user compromise and privilege exploitation
Quantify and track identity risk
Understand how, why, and where you’re vulnerable with identity security assessments, which include an intuitive risk score.
Find and fix risky configurations
Uncover issues that open new attack paths, such as shared password exposure, stale passwords, and unconstrained delegation.
Remediate with step-by-step guidance
Understand the issue, its impact, and affected users. Improve identity hygiene with remediation guidance in the form of video tutorials, scripts, and commands.
Monitor changes in real time
Get timely alerts when configuration and permissions changes in identity systems introduce new risks.
Detect identity attacks
Defend against vulnerabilities you can't remediate. Detect and stop attacks like DCSync, DCShadow, kerberoasting, and more when a compromise occurs.
Contain identity threats
Use native integrations with Zscaler Private Access™, SIEMs, and leading EDRs to contain identity attacks in real time or use alerts as part of your SOC workflow.
Use Cases
Comprehensive protection for an increasingly exploitable attack vector
Quantify and track identity posture with unified risk scoring. See top identity issues and the riskiest users/hosts in real time, with MITRE ATT&CK mapping for visibility into your security blind spots.
Identify new vulnerabilities and misconfigurations as they emerge. Get real-time alerts on new risks in your identity store, with ready-made guidance, commands, and scripts to help you remediate issues.
Detect attacks targeting your identity store. Prevent kerberoasting, DCSync, and LDAP enumeration attacks, with built-in containment based on zero trust access policy.
Experience the power of the Zscaler Zero Trust Exchange
A comprehensive platform to secure, simplify, and transform your business
01 Security Operations
Reduce risk, and detect and contain breaches, with actionable insights from a unified platform
02 Cyberthreat Protection
Protect users, devices, and workloads against compromise and lateral threat movement
03 Data Protection
Leverage full TLS/SSL inspection at scale for complete data protection across the SSE platform
04 Zero Trust for Branch and Cloud
Connect users, devices, and workloads between and within the branch, cloud, and data center