Cloud Security , Security Operations
Zscaler Posture Control Correlates, Prioritizes Cloud Risks
The Tool Allows Clients to Address Unpatched Vulnerabilities and Excess PermissionsZscaler is unveiling a posture control offering that allows cloud-based application developers to address everything from unpatched vulnerabilities in containers and VMs to excessive entitlements and permissions.
See Also: Alleviating Compliance Pain Points in the Cloud Era
The San Jose, California-based company's new tool combines cloud security posture management and cloud infrastructure entitlement management assets bought from Cloudneeti and Trustdome with organically developed infrastructure as code and vulnerability and patch management capabilities to secure the build and runtime process, says Amit Chaudhry, Zscaler's general manager of portfolio marketing (see: How to Distinguish True Zero Trust From Imposters).
"You cannot really manage security vulnerabilities in the post-development process," Chaudhry tells Information Security Media Group. "It has to be done while they're developing, it has to be done in the environment they're developing, and it needs to be deep enough and real-time enough to make sure that all the security capabilities are integrated when the development is done."
Moving Beyond CSPM and CIEM
Chaudhry says Zscaler wanted to push beyond stand-alone cloud security posture management and cloud infrastructure entitlement management tools and provide customers with a cloud-native application protection platform that allows customers to see all threats and alerts in a single dashboard. This 360-degree view makes it easier for clients to correlate vulnerabilities or risks that might be innocuous on their own but dangerous in the context of other behavior that's occurring.
"One of the challenges that we have with solutions that exist in the market today is that there's a huge amount of alerts and alert fatigue that happens," Chaudhry says.
He says customers' cloud security requirements have changed considerably since the company acquired Cloudneeti in April 2020, and companies are looking to address security both at the development stage as well as at runtime. Zscaler in recent months has invested considerably in strengthening its ability to use graphic and visual representation to identify and explain customers' cloud vulnerabilities.
Zscaler Posture Control wants to make it easier for developers to take a hands-on approach to keeping their companies safe and incorporate best security practices during the development stage, according to Chaudhry. He says Zscaler hopes that 10% of its more than 5,600 customers will be using the company's entire cloud workflow protection offering within the next year.
"Doing patch management after the application is built is extremely hard," Chaudhry says. "It was important for us to make sure that the developers are taking a more active role in their part of the security implementation."
Zscaler wants to learn from the 210 billion transactions it processes daily to better remediate risk on an ongoing basis, addressing everything from unpatched vulnerabilities and overprivileged entitlements to Amazon S3 buckets that have erroneously been left open, Chaudhry says. Zscaler will put data points from these transactions into its artificial intelligence model to better protect customers going forward.
Securing From Build to Runtime
The company's cloud-native application protection platform makes it possible to secure the entire cloud stack from build to runtime, locking down everything from virtual machines and containers to serverless environments, Chaudhry says. Development has increasingly moved from VMs to a cloud-native approach, and 92% of customers are expected to be in the cloud and using a multi-cloud approach to develop software, Chaudhry says.
As a result, he says security needs to be pre-emptively infused into the development process rather than examined once development is already finished. Organizations are increasingly moving away from having their security teams send developers a whole list of vulnerabilities post hoc that need to be patched and are instead embracing approaches that provide a greater level of agility.
"We are enabling developers to build and integrate these security principles while they're developing in real time," Chaudhry says.
All told, he says, Zscaler customers will be able to access both build and runtime security through the company's Zero Trust Exchange rather than having to use entirely separate platforms for build and runtime security, as is the case with many competitors.
"Our goal with zero trust is to make all the cloud developments secure and connect users to users and entities to entities and workloads to workloads without accessing the network," Chaudhry says. "I think ours is the right approach for customers to think about cloud-native application development or migrations they're planning to do from on-premises to the cloud."