WebSockets Unveiled: Powering Immersive and Interactive Web Experiences
WebSockets have transformed real-time communication on the web, breaking down the barriers of traditional one-way HTTP connections. WebSockets transform websites into dynamic, interactive experiences...
View Article3 Lessons Learned about the Indispensable Chemistry Between Zero Trust and...
Securing innovation with indispensable chemistryIn a world where organizations are fueled by innovation, security is often seen as the gatekeeper that hampers creativity and productivity in order to...
View ArticleEnhancing Law Enforcement Connectivity and Security with Zscaler Private Access
For law enforcement, seamless and secure connectivity is non-negotiable. For more than two decades, NetMotion Wireless has been a cornerstone technology, providing always-on VPN connectivity to patrol...
View ArticleMitigating Unauthorized Access in the Workplace
If you owned a high-performance sports car—something sleek, powerful, and built to perform—you wouldn’t hand the keys to just anyone. Allowing unauthorized access in the workplace is much the same:...
View ArticleTaming the CVE Chaos: Making Unified Vulnerability Management a Reality for...
As a former customer in the trenches of vulnerability management, I’ve had my share of hair-pulling moments. I’ve stared down CVE (Common Vulnerabilities and Exposures) lists so long they could double...
View ArticleSmokeBuster: Keeping Systems SmokeLoader Free
IntroductionIn May 2024, international law enforcement agencies, in collaboration with private industry partners (including Zscaler ThreatLabz), conducted Operation Endgame, disrupting many prominent...
View ArticleProductivity and Security On Any Device - now in Turbo Mode
Productivity and security must be complementary, but as we know, all too often, one contradicts the other. Security can slow productivity, while productivity without security opens up enterprises to...
View ArticleCloud Browser Isolation Attains FedRAMP For More Secure Web Browsing and...
In an age where cyber threats evolve at an alarming pace, government agencies are under constant pressure to safeguard their data and infrastructure. The importance of robust cybersecurity measures...
View ArticleFrom Pyongyang to Your Payroll: The Rise of North Korean Remote Workers in...
IntroductionIn November 2023, a security vendor discovered that North Korean threat actors were using the Contagious Interview and WageMole campaigns to procure remote employment opportunities in...
View ArticleRevolutionizing Monitoring: Beyond Users, Into Applications and Services
Digital services are at the heart of every enterprise, whether it’s employee productivity or driving higher customer engagement. The key to success is reducing the mean time to resolution and...
View ArticleSASE vs. SSE: What’s the Difference?
Cybersecurity has no shortage of acronyms. With DLP, SSL, IPS ATP, DSPM, DNS, ML, and many others, “alphabet soup” comes to mind. Most of these correspond to technologies or frameworks that address...
View ArticleWhy DSPM Matters: Strengthen Data Security Posture Management to Prevent...
Data breaches more than tripled in volume between 2013 and 2022, highlighting the urgent need for comprehensive data security posture management (DSPM) to safeguard sensitive data from modern security...
View ArticleDoD’s CUI Compliance Tree Is Set to Bear Fruit in 2025... Just In Time to be...
(Not So) Fun Fact: American Apple trees take between 2-5 years to bear fruit. Similarly, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) has taken the same timeline...
View ArticleThe Ultimate Guide to IT Help Desk Troubleshooting: Device, Network, and SaaS...
In the rapidly evolving landscape of corporate IT, where time is of the essence and optimal performance is of utmost importance, the position of an IT help desk agent is both demanding and vital. Let's...
View ArticleZero Trust Meets Multicloud: A Guide to Secure Workload Segmentation
As businesses migrate applications from traditional data centers to the cloud, they face new challenges in securing them effectively. The attack surface and potential blast radius have expanded,...
View ArticleZero Trust Branch: Say Goodbye to Lateral Threat Movement
The growing network & security sprawlLegacy network architectures were designed for a world where your employees were all in offices, and your applications were in data centers. We built and...
View ArticleZero Trust Inside: Device Segmentation for Branch, Factory, and Campus
Legacy Network and Security ArchitecturesIn today’s complex digital landscape, lateral threat movement inside the branch, factory, and campus —where malware or attackers pivot across a network—remains...
View ArticleIntroducing Zero Trust Segmentation: Zero Lateral Threat Movement With Zero...
We're thrilled to unveil Zscaler's Zero Trust Segmentation solution, offering a simpler, more secure, and cost-effective way for users, devices, and workloads to communicate—across and within branch,...
View ArticleZscaler Platform Automation: Introducing OneAPI
Zscaler was founded in 2007 as a true cloud-native zero trust platform, and every Zscaler service is built and delivered with an API first approach. For the longest time, Zscaler deployment,...
View ArticleIntroducing the Zscaler Executive Insights App: Powerful Insights for Leaders...
In today’s fast-moving digital world, executives face the constant challenge of staying informed and making quick, impactful decisions to keep their organizations secure. At Zscaler, we know security...
View ArticleAgentless Security Helps Water and Electric Systems Meet Zero Trust Goals
The security of our nation’s infrastructure has been a strong focus, with mandates coming from the White House in the form of executive orders and funding being allocated from the Infrastructure...
View ArticleApp Visibility and Control with Instance Discovery Reports
Shadow IT in your networkIn order to adopt data protection, organizations must first identify which applications are being accessed by the users in their enterprise network. With Zscaler’s Shadow IT...
View ArticleUnraveling Raspberry Robin's Layers: Analyzing Obfuscation Techniques...
IntroductionDiscovered in 2021, Raspberry Robin (also known as Roshtyak) is a malicious downloader that has circulated in the wild for several years, primarily spreading through infected USB devices....
View ArticleEnsure Business Continuity by Excluding a Data Center from Traffic Forwarding
Early last year, Zscaler announced cloud resilience capabilities that ensure business continuity for customers during blackouts, brownouts, and catastrophic events. These capabilities encompass...
View ArticleHow Zscaler Provides an Unrivaled Zero Trust Architecture
In today’s highly digital world, where remote work and cloud applications are the norm, organizations need zero trust—not network-centric architectures built for the on-premises-only world of...
View ArticleUnderstanding Ping for Network Troubleshooting and Beyond
Network troubleshooting is a critical skill for IT professionals, and ping is one of the most fundamental tools for diagnosing network issues. From checking if a host is reachable to measuring latency,...
View ArticleZero Trust Branch and Cloud Now Available in GovCloud for Government Customers
In today’s digital-first world, government agencies are under increasing pressure to modernize their IT infrastructure while ensuring top-notch security and compliance. At Zscaler, we are committed to...
View ArticleIntroducing Step-Up Authentication: Enhancing Security with Contextual Access...
In today’s rapidly evolving threat landscape, organizations need to ensure their users have secure and seamless access to sensitive resources. With the recent launch of ZIdentity, Zscaler has made it...
View ArticleMeet with Zscaler at AWS re:Invent 2024
Organizations face new security challenges as applications move to the cloud and employees work from anywhere using any device. Top priorities include securing applications, workloads, and data on AWS...
View ArticleReduce Your IT Anxiety: Secure Your Network with Zscaler Zero Trust Firewall
After more than a decade in the networking and security industry, I’m still amazed (and frankly, frustrated) by the constant news of hackers breaching organizations. Every other week, there’s a CVE...
View ArticleZscaler’s Zenith Live Encore will showcase the power of AI & Zero Trust
The new customer roadshow kicks off in London on December 3rd, 2024 At our annual Zenith Live event in June, Zscaler discussed the inflection point between zero trust and AI. The combination of both...
View ArticleSecure Shadow Data in the Cloud with New Innovations on Zscaler DSPM
A dark journey for data in the cloud As we approach the end of 2024, the cloud and security landscape continues to evolve dramatically. Taking a walk down memory lane, I keenly remember the start of...
View ArticleUnveiling RevC2 and Venom Loader
IntroductionVenom Spider, also known as GOLDEN CHICKENS, is a threat actor known for offering Malware-as-a-Service (MaaS) tools like VenomLNK, TerraLoader, TerraStealer, and TerraCryptor. These tools...
View ArticleMicrosoft Outlook, Teams Outage Detected by Zscaler Digital Experience (ZDX)
On November 25, 2024, at 12:25 p.m. PDT, Zscaler Digital Experience (ZDX) detected a significant and sudden decline in the ZDX Score for Microsoft Outlook and Teams services. Our analysis revealed...
View ArticleZscaler Achieves AWS Security Competency Status for AI Security
Zscaler, a leader in cloud security, announced today that it has achieved Amazon Web Services (AWS) Security Competency status in the AI Security category. This designation recognizes that Zscaler has...
View ArticleZscaler Private Access Drove 289% ROI and Continues to Innovate in Zero Trust...
Zscaler Private Access (ZPA) is a proven Zero Trust Network Access (ZTNA) solution that thousands of customers have moved to from VPN. A 2024 Forrester Total Economic Impact(™) (TEI) Study of ZPA1 has...
View ArticleThreatLabz Report: 87.2% of Threats Delivered Over Encrypted Channels
Encryption is the default for online communication, with nearly all web traffic protected by secure protocols like TLS/SSL. Yet, as encryption becomes more ubiquitous by the day, so do the...
View ArticleGoodbye Spreadsheets – Hello Unified Risk Management
The key to effective exposure management is knowing which security gaps you should fix first, a job that just got easier with new capabilities announced today in Risk360 and Unified Vulnerability...
View ArticleInside Zloader’s Latest Trick: DNS Tunneling
IntroductionZloader (a.k.a. Terdot, DELoader, or Silent Night) is a modular Trojan based on the leaked Zeus source code that emerged in 2015. The malware was originally designed to facilitate banking...
View ArticleProtect Your Healthcare Facility By Understanding the Anatomy of a Ransomware...
There used to be some honor among thieves. Threat actors, once upon a time, left healthcare providers alone to avoid the potential of killing a patient. Unfortunately, those times are behind us. Today,...
View ArticleHow Multifactor Authentication Strengthens Remote Access Security
Understanding Multifactor AuthenticationMultifactor authentication (MFA) is a critical layer of defense in remote access security, requiring users to verify their identity through multiple methods in...
View ArticleTop 10 Data Protection Best Practices for Your Data Program
Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyberthreats evolving rapidly and data privacy regulations tightening, organizations must stay...
View ArticleNodeLoader Exposed: The Node.js Malware Evading Detection
IntroductionZscaler ThreatLabz discovered a malware campaign leveraging Node.js applications for Windows to distribute cryptocurrency miners and information stealers. We have named this malware family...
View ArticleTechnical Analysis of RiseLoader
IntroductionIn October 2024, Zscaler ThreatLabz came across malware samples that use a network communication protocol that is similar to RisePro. However, unlike RisePro which has primarily been used...
View ArticleDefending Against Encrypted Threats: A Guide to SSL Traffic Inspection with...
Full traffic inspection at scale over all ports and protocols is fundamental to the protection Zscaler provides customers: without inline inspection of encrypted traffic, customers cannot leverage the...
View ArticleModernizing Cloud Workload Policies: Using Tags and Attributes with Zscaler...
Intro and Some HistoryIf you’re reading this, you’re probably familiar with Zscaler Private Access (ZPA) and the Zero Trust model. When we introduced ZPA around 2016, it was a key step in helping...
View ArticleUnified SaaS Security: Best Practices to Protect SaaS Applications with Zscaler
IntroductionThe rapid adoption of software-as-a-service (SaaS) apps has transformed how businesses operate, offering flexibility and scale. However, it has also expanded the attack surface, increased...
View ArticleVPN vs. ZTNA: Which is Better for Secure Remote Access?
With this blog, we’re going on a journey that presents twists and turns as we compare two means of securing hybrid workforces and their access to applications, data, and other internet-based services:...
View ArticleExperience Center Update: Your Unified SASE Experience is Here
The Most Comprehensive Zero Trust SASE Platform is Now Even BetterWe’re redefining secure access service edge (SASE) with the latest update to Zscaler's Experience Center—providing a unified, intuitive...
View ArticleGuarding the Holiday Spirit: Staying Cybersecure in a Season of Distraction
Twinkling lights, inboxes overflowing with holiday deals, office chatter about Secret Santa, and last-minute vacation plans—the sweet chaos of the holiday season. But while you’re weighing Die Hard...
View Article