CXO logo

Solutions > Container Security

Zscaler Workload Segmentation for Container Security

Strong Protection For Workloads Across Container, Multi-Cloud, and On-Premises Data Center Environments

As an agent-based solution, Zscaler Workload Segmentation works as software is deployed into production, without disrupting developers’ work patterns and without a required translation between the language of applications and the language of the network on which applications are deployed.

Zscaler Workload Segmentation helps your business:

Identify and map container-based applications and their communications

Zscaler Workload Segmentation continuously scans the network to discover applications and services the moment they attempt to communicate. Our Zero Trust Identity (ZTID) governs communication between workloads and dependencies and allows us to provide real-time application topology mapping.

Identify and map container-based applications and their communications

Enforce application-aware policies, without changes to the development process

Workload identity is the basis for Zscaler Workload Segmentation’s application-aware policies. This identity-based approach decouples security from the network (which is ever-changing in a container) and results in hardened policies that are portable across instances and environments. Zscaler Workload Segmentation machine learning automatically gathers data to ensure your workloads are always protected.

Enforce application-aware policies, without changes to the development process

Detect potential attacks against container applications in real time

Every workload communication is verified by its ZTID. Only Zscaler Workload Segmentation can ensure symmetric identity verification. Our patented verification process also facilitates anomalous behavior detection. Because security is tied to the identity of your applications, if a fingerprint changes, you are alerted in real time and can take immediate action, without disrupting the development workflow.

Detect potential attacks against container applications in real time

Zero trust security for any container environment

Zscaler Workload Segmentation’s zero trust security platform provides the broadest coverage across all environments, whether it is bare metal on-premises, virtualized private cloud, or the public cloud. Supported container environments include Kubernetes, Docker, and AWS Elastic Container Service (ECS). Zscaler Workload Segmentation’s platform and products are API-driven and can integrate with existing security tools and DevOps processes.

Enforce application-aware policies, without changes to the development process