Cloud-based Platform Brings Behavioural Analysis to Mainstream; Delivers Continuous Coverage of Any User on Any Device in Any Location for Pervasive Protection and Real-time Visibility
Zscaler for APTs Moves Beyond Point Appliances, Sets New Benchmark for Scalability; Renders Appliances Obsolete
LONDON (UK) September 17, 2013 – Zscaler, the global security cloud for the mobile enterprise, today announced Zscaler for APTs, the industry’s first cloud-based security solution to address the entire advanced persistent threat (APT) and advanced targeted attack (ATA) defense lifecycle, including protection, detection and remediation. Zscaler for APTs provides continuous coverage of any user on any device in any location with proactive protection and real-time advanced security analytics, a significant advance over today’s narrowly-focused point appliance and niche behavioral analysis solutions that fail to provide a complete view of the enterprise threat landscape or address the entire defense lifecycle.
In “Strategies for Dealing with Advanced Targeted Attacks,” Gartner Research Directors Jeremy D’Hoinne and Lawrence Orans note, “Targeted attacks, often called APTs, penetrate existing security controls, causing significant business damage. Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats.”1
APTs and ATAs probe networks and users for vulnerabilities, utilise zero-day exploits for infection, establish botnets and maintain communication with command and control servers before exfiltrating data or sabotaging systems – all while evading traditional security and detection solutions.
“Many security vendors have overhyped APTs, blurring its definition to distract the market from the fact that their solutions are simple features that should be included in a greater platform,” said Michael Sutton, vice president of security research, Zscaler. “Advanced threats are more than just social engineering, zero-day attacks or data exfiltration; they are the sum of these parts and more, requiring a comprehensive solution to address each individual attack surface as a whole.”
The advanced threat protection lifecycle includes protection, detection and remediation; however, the first generation of APT solutions, such as behavioral analysis, has been limited in addressing the entire lifecycle. Behavioral analysis is an important feature for identifying advanced threats, but it is not a complete solution on its own. The results from behavioral analysis must be combined with other preventative and detective controls to ensure comprehensive protection.
Delivered from the world’s largest and most scalable global direct-to-cloud network, Zscaler for APTs breaks new ground in the fight against the most difficult and pervasive cyber threats, providing multiple layers of advanced security protection and utilising the broadest range of inspection technologies and techniques. Only Zscaler for APTs consolidates the commoditized features of existing point appliances to provide a comprehensive security platform that addresses all major phases of APT defense:
– Protection – Zscaler for APTs delivers proactive and real-time protection from potentially malicious code, enhancing its static anti-virus and vulnerability shielding with its newly-introduced dynamic behavioral analysis engine to block initial infections.-
– Detection – Zscaler for APTs bolsters its bi-directional, in-line traffic scanning with its newly-introduced DNS analysis to detect suspicious traffic patterns indicative of botnet callbacks to minimise dwell time of APTs, identifying botnets before they can take root.
– Remediation – Zscaler for APTs augments its advanced “big data” security analytics with its newly-introduced integration into leading security information event management (SIEM) solutions, providing information security teams with the real-time global visibility into network, payload and endpoint traffic required to isolate botnets and remove infection.
Zscaler for APTs is delivered from the Zscaler Direct-to-Cloud Network, the world’s largest and most scalable global security cloud, which leverages community threat intelligence from its more than 10 million deployed users – an install base ten times greater than any other community defense platform – to provide on-going visibility and protection from emerging threats, regardless of device or location. The Zscaler Direct-to-Cloud Network enables enterprises to eliminate traditional security appliances, streamlining management and vastly reducing network infrastructure costs by securing users as they travel “direct-to-cloud.”
“It seems a single day cannot pass without some interesting new botnet emerging in the news,” said Tony Fergusson, IT architect, MAN Diesel & Turbo. “It is reassuring to know that Zscaler for APTs leverages the depth of its behavioral analysis with the breadth of its Direct-to-Cloud Network visibility to deliver a uniquely comprehensive solution.”
The Zscaler behavioral analysis engine featured in its APT solution is the same technology used to conduct security research by ThreatLabZ, the Zscaler security research team. Powered by Zscaler behavioral analysis, Zscaler ThreatLabZ has recently identified and published seminal industry research focused on CookieBomb, Expack and Kelihos.
Zscaler for APTs is available now. For more information, please visit www.zscaler.com.
[1] Gartner “Strategies for Dealing With Advanced Targeted Attacks” by Jeremy D’Hoinne and Lawrence Orans, 6 June 2013
About Zscaler
Zscaler is transforming enterprise networking and security with the world’s largest Direct-to-Cloud Network, which securely enables the productivity benefits of cloud, mobile and social technologies without the cost and complexity of traditional on-premise appliances and software.
The Zscaler Direct-to-Cloud Network processes daily more than 10 billion transactions from more than 10 million users in 180 countries across 100 global data centers with near-zero latency. Learn why more than 4,000 global enterprises choose Zscaler to enable end-user productivity, enforce security policy and streamline WAN performance. Visit us at www.zscaler.com
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.