add-advanced-threat-protection-to-close-your-security-gaps

ZSCALER ADVANCED THREAT PREVENTION Zscaler inspects all content, all the time Zscaler advanced threat protection begins by quickly validating that browser and plug-ins are compliant and then moves to full content inspection. It identifies malware buried deep within an otherwise legitimate page, so it doesn’t slip through the cracks. Using ByteScan technology, Zscaler efficiently inspects every byte of inbound and outbound traffic, including SSL, with only microsecond delay. Zscaler detects hidden iFrames, cross-site scripts, signs of phishing attempts, cookie stealing, and botnet communications to C&C servers. All content is subjected to every level of inspection, always. That’s important, because web pages are dynamically generated with personalized content consisting of hundreds of objects obtained from multiple sources. Each object poses a potential threat and must be considered untrusted regardless of source. Jay Leno on NBC Total object request: 125 Potential threats: 98 Personalized content from different sources (CDN) Traffic: SSL Page objects loaded: JavaScript, CSS, images For each Web page served, Zscaler dynamically computes a PageRisk Index that takes into account the use of suspicious techniques, like JavaScript obfuscation and zero-pixel images, and correlates it with other factors, such as website location and reputation, to compute a risk score. The calculated score can then be compared to a predefined risk threshold to make an “allow or block” decision for the page or even page object. All of this is done on the fly without slowing the user experience. Real-time threat correlation for comprehensive security REACTIVE REAL-TIME PREDICTIVE Stop known Prevent zero-day Predict zero-day The Zscaler platform has the processing power threats attacks attacks to employ multiple threat prevention approaches Match destination or Inline content Behavioral analysis, and techniques in real time. And it goes much signature inspection, all bytes, machine learning, SSL sandboxing further, by correlating the information amassed AV signature, blacklists, Unknown botnet calls, New malicious files, new known botnets / C&C, unknown phishing, malicious malicious destinations known phishing across those techniques and turning it into JavaScript, XSS attacks actionable intelligence. Appliances were not Comprehensive security requires correlation across all three designed to run as an integrated platform. They are purpose-built to perform their specific tasks and pass the traffic down the chain to the next appliance to perform its tasks. But correlation is critical to providing protection against rapidly changing and increasingly sophisticated threats. ©2017 Zscaler, Inc. All rights reserved. ZSCALER ADVANCED THREAT PREVENTION Cloud intelligence: security in numbers With more than 100 data centers around the world, Zscaler processes over 60 billion transactions at peak periods and detects more than 100 million threats. Out of the detected threats, less than one percent were blocked by anti-virus systems, meaning that Zscaler gains unique insight into advanced and zero-day threats—insight that helps us protect all users. That’s because each time a new threat is detected by any one of our customers, it’s immediately blocked for everyone. Knowledge obtained from the platform—machine learning—grows exponentially every time a new user is added. 99 % of threats blocked by Zscaler would have evaded detection by traditional security appliances. Zscaler uses cloud intelligence to conduct 100,000 unique security updates every day, for the kind of protection no security appliance can touch. Zscaler security research stays ahead of threats The Zscaler ThreatLabZ security research team continually mines billions of web transactions to identify new and emerging threats as they occur and deploys protection mechanisms to keep users safe. These efforts, along with feeds by more than 40 security partners, ensure the latest intelligence is being utilized at all times. PARTNERSHIP & PRIVATE FEEDS PRIVATE WORKING GROUPS COMMERCIAL Zscaler ThreatLabZ Security Research OPEN SOURCE Banking trojans Ransonware Policy deployment made simple With Zscaler, you can define business policies once and those policies follow the user regardless of the device or location. As employees travel, their policies automatically move with them, and any policy change is immediately enforced worldwide on the very next web GET request. Common policies include: • Blocking peer-to-peer communications, like BitTorrent • Blocking all traffic going to hostile countries • Allowing .exe downloads only to IT at HQ ©2017 Zscaler, Inc. All rights reserved.
Please complete the form to gain access to this content