After watching Zscaler’s Zenith Live last year at home in NZ next to the fire at 3 am in the morning, this year I’ve been able to attend the event in person once again in Las Vegas. It’s a great opportunity to connect with the Zscaler team and get across all the latest developments.
Jeremy Nees with Jay Chaudhry CEO Chairman Founder Zscaler Inc. at Zenith Live 23 in Las Vegas
From this morning's keynotes, here is a brief summary of the announcement highlights:
Zscaler Business Insights - this focuses on solving business problems by leveraging the data set that Zscaler has through its inline and out-of-band products. Examples include where to save money on SaaS licenses based upon the entitlement information in the SaaS provider (ie how many licenses you have) combined with ZIA logs showing who is using the app. Another example is Locations Insights which can help you understand where you are on your return to office journey, or a breakdown by city on their remote/hybrid/office work split and breakdown by department. This also allows you to plan your office footprint based on peak times in the office. This product is still under development so this was a relatively early preview.
Zscaler Digital Experience - a few new features were demoed that look really great. The first one is a self-service feature so it will pop up and notify the end user if it has noticed a performance issue and then provide them with some instructions to resolve it. An example could be poor wifi performance and a recommendation to try moving closer to the access point. I’ve already asked Product Management for an enhancement to allow you to customise the recommendations which could then ultimately enable you to integrate this with your existing knowledge base. The second feature that got my attention was a new view that allows you to visualise types of events over time. It is almost like a live problem management view where you could see a point in time when a number of users experienced a network issue, allowing you to drill into the events to correlate and identify the root cause. Finally, Automated Root Cause analysis helps identify not just users having performance issues, but sifts through all the data it has to provide you with a summary of the root cause(s) of poor performance, reducing your mean time to resolution (MTTR).
AppTotal - not exactly new but still a very recent addition. AppTotal looks at the SaaS apps that have been plugged into Office 365 or Google Workspace and the data loss risk they present. Often DLP and CASB focus on direct user interaction with data but in the world of SaaS marketplaces, we often miss the app-to-app integrations which can grant broad data access to third parties.
Zscaler Plug-n-Play Appliance - what was known as the branch connector and available as a VM now has a physical manifestation in the form of a little black appliance with names like ZT600. This will help further simplify zero-trust branch deployments by eliminating the need for third-party hardware (like SD-WAN appliances).
Zscaler Navigator - this is a conversational UI for Zscaler products allowing you to use natural language to help you administer your Zscaler suite of products.
Risk360 - this is a new product that provides a dashboard with an underlying risk quantification framework to visualise risk across 4 key areas of the business. This works by ingesting data from your Zscaler environment, external data sources and ThreatLabz to generate a detailed profile of your risk posture. It also includes workflow capability to help with the actionable remediation of risks. Risk360 also generates board slides and allows financial exposure to be captured and presented.
Breach Prediction - breach prediction continuously learns from your policies and activities to predict where breaches might occur and help you prevent them.
Identity Threat Detection and Response - or ITDR, is to Identity what EDR is to endpoints. Built into the Zscaler client connector, ITDR will scan Active Directory for misconfigurations and vulnerabilities and then track changes over time to highlight changes that have a positive or negative impact. ITDR also has threat detection capability to detect potentially malicious identity activity (such as LDAP enumeration) and alert SOC teams.
Other notable mentions that I don’t have information to expand upon right now include:
- Email DLP
- Endpoint DLP