What service engine is used to prevent the leakage of corporate intellectual property

A

Advanced persistent threat (APT)

An advanced persistent threat (APT) is an attack in which an attacker gains unauthorized access to a network and stays there undetected. APTs are “advanced” because they use malware that can bypass or evade many types of security. They are “persistent” because, once on the network, the malware communicates regularly with command-and-control (C&C) servers to which it can send stolen data or from which it can receive instructions.

Read how Zscaler protects against APTs.

Advanced threat protection (ATP)

Advanced threat protection (ATP) refers to a category of security solutions built to stop sophisticated malware or attacks that target sensitive data. ATP solutions detect and respond to new and sophisticated attacks designed to evade traditional security measures, such as antivirus, firewalls, and intrusion prevention systems.

Learn how Zscaler protects against advanced threats, such as ransomware, polymorphic malware, and more.

Amazon Web Services (AWS)

AWS comprises a suite of cloud services (including EC2, RDS, S3, SQS, and VPC) that make up the Amazon cloud computing platform, which many organizations use to connect to private applications and workloads in the cloud.

Learn how Zscaler Private Access improves secure access to AWS workloads without the cost, complexity, or security risks of a VPN.

B

Bandwidth

Bandwidth is the measurement of the maximum rate of data transfer over an internet communications channel, such as a network. Bandwidth varies and affects both the speed and volume at which data can be transmitted.

Bandwidth control

Bandwidth control is the practice of allocating available bandwidth to optimize the performance of mission-critical communications, such as Microsoft 365, while reducing bandwidth allocation for lower priority or recreational applications, such as YouTube.

Learn about Zscaler Bandwidth Control.

Behavioral analysis

Behavioral analysis involves monitoring the behavior of a file in an isolated environment, such as a sandbox, to protect users from unknown (zero-day) threats. Through this monitoring, IT professionals can understand a file’s functions and how it interacts with its environment. It can also identify whether a file will try to communicate with an attacker-controlled external server for command-and-control purposes or to download additional malicious files.

Learn about zero-day protection with Zscaler Cloud Sandbox.

Botnet

A botnet is a network of private computers that have been infected with malware or other malicious software delivered by a single attacker or party of attackers. The term often refers to a group of infected IoT devices (hence “bot”). These infections are most commonly used to facilitate distributed denial of service (DDoS) attacks.

Branch Transformation

Branch transformation is the enablement of traffic in the branch to be routed directly and securely to the internet, rather than being routed through MPLS links to the data center before it can go out to the internet. Branch transformation is a key element of IT transformation.

Breach

D

Data Breach

A data breach is an incident in which sensitive data, such as personally identifiable information (PII), trade secrets, or intellectual property, has potentially been viewed, stolen, or used by an unauthorized individual.

Data breaches in the corporate environment are common and may be the result of the theft or loss of a computing device, internal employees inadvertently introducing malware into the network, or external hackers directly targeting a company’s network. Because these incidents can damage a company’s reputation and are costly and time-consuming to mitigate, data breach prevention is a top priority in most IT environments.

Deception Technology

Deception technology can lure cybercriminals who infiltrate your network away from your valuable data and toward decoy assets such as “honeypots.” Security teams create one or more of these decoys (such as applications, databases, active directories, or browser cookies), which divert attackers from real targets and create high-fidelity alerts that decrease dwell time and speed up incident response.

Using deception technology, you can pinpoint an attacker in your network, and then mislead and bait them into taking specific actions, disclosing information about their identity and location, or making other mistakes that help you shut the attack down.

Learn more about Zscaler Deception.

DevSecOps

DevSecOps is a software development strategy based on the integration of security throughout the application development lifecycle. An operational approach as much as a cultural philosophy, DevSecOps ensures everyone in the delivery pipeline shares accountability for security. Executed effectively, DevSecOps can help accelerate innovation by identifying and resolving security issues as early as possible instead of forcing the security “step” to become a bottleneck in development.

Short for development, security, and operations, DevSecOps helps enterprises integrate security principles and standards across the software development by implementing security controls at each stage—in development, integration, deployment, and production.

DLP (Data Loss Prevention)

Data loss prevention (DLP) refers to systems with which organizations can prevent end users from sending sensitive information to unauthorized devices or recipients. DLP technology detects and blocks the movement of data based on policies set by the network administrator. Such policies may be based on dictionaries, which are algorithms designed to detect specific kinds of information in user traffic. They may also be defined by user or group, URL categories, location, and more.

Learn about DLP for SaaS and other top CASB use cases.

DDoS (Distributed Denial-of-Service)

A DDoS is an attack in which hundreds or thousands of computers or other internet-capable devices (a “botnet”) are hijacked to strike against a single system, network, or application. If an organization becomes compromised by a DDoS attack, its servers become overwhelmed by the barrage of “hits” from the botnet and its services become unavailable.

Digital Experience Monitoring

Digital experience monitoring technology measures system performance by monitoring the health of all systems between an end-user and an application. The process gives IT infrastructure and operations leaders more visibility to identify and remediate issues quickly, therefore optimizing user experience and productivity and decreasing the likelihood that a user will bypass security controls and introduce risk.

Direct-to-internet (Direct-to-cloud)

In a traditional network model, traffic heading to the open internet or cloud apps and services is routed through outbound and inbound security gateways. For users in branch offices and remote locations, cloud-bound traffic is backhauled to the central data center or a regional hub to have security controls applied. But routing traffic over private (MPLS) networks only to have it head to the cloud is expensive and problematic, especially for applications like Office 365, which open multiple persistent connections per user. Microsoft says that Office 365 was designed to accessed “directly” for the best user experience. With more and more business traffic traversing the internet, “direct connections” improve efficiency, reduce costs, and dramatically improve the user experience. Learn about securing direct-to-internet connections here.

DoS (Denial of Service)

A DoS attack occurs when one compromised computer and internet connection inundates an entire system or resource. When an army of remotely controlled computers inundates an entire system, that’s called a Distributed Denial of Service (DDoS) attack. However, both types of attacks attempt to prevent internal employees and customers from accessing an organization’s web-based service by either flooding or crashing the servers.

Double Extortion Ransomware

Double extortion ransomware exfiltrates sensitive data in addition to encrypting it in the victim’s environment, giving the attacker more leverage to demand ransoms. Unlike with traditional encryption-only ransomware, a double extortion attacker can sell or leak the stolen data if their ransom is not paid.

Learn more about Zscaler ransomware protection.

E

Edgewise

Edgewise was a pioneering company in securing application-to-application communications for public clouds and data centers, which was acquired by Zscaler in May 2020. Prior to its acquisition, Edgewise took a different approach to microsegmentation and developed a way to improve the security of east-west communication by verifying the identity of application software, services, and processes to achieve a zero trust environment, which measurably reduces the attack surface and lowers the risk of application compromise and data breaches.

Elasticity and Scalability

The cloud is elastic in the sense that resource allocation can be increased or decreased on demand. Elasticity enables scalability, which means that the cloud can scale upward for peak demand and downward for lighter demand. Scalability also means that an application can scale whenever users are added or application requirements change.

A DDoS is an attack in which hundreds or thousands of computers or other internet-capable devices (a “botnet”) are hijacked to strike against a single system, network, or application. If an organization becomes compromised by a DDoS attack, its servers become overwhelmed by the barrage of “hits” from the botnet and its services become unavailable. >The Zscaler multi-tenant cloud architecture delivers elastic scale for our customers while maintaining security and data privacy. Learn more.

Encryption

Encryption is the process of converting data into code to protect information from unauthorized access.

A majority of global internet traffic now uses Secure Sockets Layer (SSL) encryption, yet many organizations leave SSL inspection turned off, because it’s compute-intensive and severely impacts performance. The Zscaler cloud inspects every byte of traffic — SSL included — so we can catch hidden threats before they get into your network. Learn more.

Endpoint

An endpoint is a device that connects to a network, locally or remotely. This includes desktop and laptop computers, servers, smartphones, and tablets; operational technology (OT) systems such as industrial machinery and energy monitoring systems; and internet of things (IoT) devices such as smart speakers and autonomous vehicles.

Endpoints can pose serious security risks to an organization because they are subject to, or can be made part of, so many types of vulnerabilities and attacks, including ransomware, unpatched software, botnets, credential phishing, data loss, data theft, and more.

Endpoint Protection Cloud

An endpoint protection cloud is a cloud-based service used to protect endpoints—the range of devices that connect to an organization’s distributed network. Endpoint protection solutions generally fall into one of two categories: prevention (before an attack) or response (after an attack). Modern endpoint protection platforms incorporate both prevention and response, managed via a centralized interface.

Today’s endpoint protection clouds let organizations easily manage remote assets, which is key as more people connect from outside the local network, outside of firewalls and network-based mobile device management tools.

Click here to learn more about how the Zscaler Zero Trust Exchange allows your employees to work securely from anywhere.

End-User Experience Monitoring

End-user experience monitoring analyzes the performance of a user’s end-to-end workflow across multiple devices, networks, clouds, and applications with the goal of improving business productivity. An evolution from traditional network monitoring—which typically measures network-centric metrics and collects network logs—end-user experience monitoring measures and analyzes diverse metrics across the complete user journey.

Exact Data Match (EDM)

EDM is a critical component of data loss prevention. It refers to the ability to “fingerprint” sensitive information from a structured data source, such as a database, so you can identify it and stop it from being shared or transferred inappropriately. EDM identifies and correlates multiple tokens that contribute to a particular record—for example, name, birthdate, Social Security number—to identify ownership of that data for set policy for it. Learn more.

F

Fingerprinting

Fingerprinting is a technique that maps large data items to short text strings (bit streams), which become identifiable fingerprints of the original data. Fingerprinting is a scalable way to identify and track sensitive information as it moves across a network, because engines only need to identify the fingerprints instead of the full data sets during inspection.

Forward Proxy

A forward proxy serves as an intermediary between end users and the web destinations they are accessing. In this way, inline security policies can be enforced in real time. Increasingly, forward proxy is used to refer to a cloud access security broker deployment mode, whereby software installed on each user device forwards traffic to an inspection point in the cloud for DLP, ATP, and more. See cloud proxy, and learn about the security use cases CASBs solve. 

G

G Suite

G Suite was launched in 2006 as a software-as-a-service (SaaS) offering. Today’s G Suite includes an office productivity suite, email, and document sharing, as well as Gmail, Google Talk for instant messaging, Hangouts, Google Calendar, Google Docs, spreadsheets, presentations, and more.

To enable visibility into cloud-delivered applications, like G Suite, Zscaler offers a cloud access security broker, which provides secure access and addresses common cloud security use cases. 

H

HTTPS

HTTPS is an aggregate of HTTP and the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol, in which the authentication and encryption capabilities of SSL and TLS protect HTTP communications. HTTPS is widely used, accounting for roughly 80 percent of internet traffic according to Google. When a client accesses a website or a web application, HTTPS provides authentication for both the website and associated web server and encrypts data between the client and server.

An increasing number of malware authors are using SSL to hide threats, yet many organizations still allow SSL traffic to go uninspected. Learn About the Zscaler platform’s native SSL inspection.

Hybrid Cloud

A hybrid cloud is a networking environment that uses a combination of on-premises and public and private cloud platforms.

Hybrid Cloud Security

While the term hybrid cloud refers to the combined use of both public and private clouds as one computing system, hybrid cloud security specifies the method of providing protection for enterprise data, applications, and resources in a hybrid cloud environment.

I

IoT (Internet of Things)

The IoT is the interconnection of a wide range of devices — thermostats, televisions, printers, security cameras, and more — that have IP addresses, enabling them to send and receive data.

While the IoT offers great potential for businesses to create new services and improve operational efficiencies, it offers a greater potential for security breaches. Zscaler provides comprehensive, cost-effective protection for all your internet-connected devices.

Read Zscaler research about the IoT threat.

Internet Security

Internet security encompasses browser security, the security of data entered through a web form, and overall authentication and protection of data sent via internet protocol.

Zscaler offers the world's first and only 100% cloud-delivered internet security platform — providing secure, policy-based access to the internet and private apps for every user, on any device, and in all locations. Learn more.

L

Lateral Movement

Lateral movement is a set of techniques cybercriminals use to access other devices, apps, or assets on a network after they first compromise an endpoint. Using stolen login credentials or other methods of privilege escalation, threat actors move through the network as they close in on sensitive data. With their activities disguised as permitted network traffic, attackers can avoid detection and prolong their attacks.

Least-Privileged Access

Least-privileged access is the idea that any given user should be granted the minimum level of access necessary to perform their assigned function. Least-privileged access may also be known as the principle of minimal privilege (POMP) or the principle of least authority (POLA), but what is consistent across all terms is that the organization attempts to reduce exposure by curtailing unauthorized access to business applications or resources and restricting lateral movement across the network.

Local Internet Breakouts

A local internet breakout brings internet access close to users so they can access their applications and services in the cloud with fast, local connections. Local breakouts enable branches and remote offices to route traffic directly to the internet via an internet service provider (ISP), often using low-cost broadband connections. Local breakouts provide a fast user experience and reduce networking costs because internet traffic is no longer backhauled over private MPLS networks to a regional gateway.

Learn more about the network transformation that enables secure local internet breakouts.

M

Malware

Malware, or malicious software, is any program or file that is designed to compromise a computer or network. Malware includes many varieties of computer viruses, worms, Trojan horses, spyware, and adware, and it has become both plentiful and sophisticated. Malware is coded to perform a range of functions, including stealing, encrypting, or deleting sensitive data; altering or hijacking core computing functions; and monitoring users' computer activity without their permission.

Zscaler inspects all traffic, including SSL, for unmatched protection against malware and other threats. Learn more.

Microsoft Azure

Microsoft Azure is a platform-as-a-service (PaaS) offering that enables developers to create and house cloud-based applications and services.

Microsegmentation

Microsegmentation is a method of secluding areas within a data center, network, or cloud environment to streamline and secure individual workflows. It originated as a way to moderate traffic between servers in the same network segment and has evolved to allow servers, applications, and hosts to communicate more effectively while giving system administrators more flexibility and control over the network using a zero trust network access (ZTNA) framework.

Microsoft Office 365

Microsoft Office 365 is the most widely used cloud-delivered enterprise application today. It has made the ubiquitous Microsoft Office suite of applications available as a subscription service. Because Office 365 was developed for cloud use, Microsoft recommends direct internet access for the best user experience, and distributed organizations with hub-and-spoke architectures are encouraged to enable local internet breakouts in their branch offices.

In addition, Microsoft Office 365 can often result in the need for infrastructure upgrades, as it dramatically increases the number of persistent connections that quickly exceed firewall capacities.

Zscaler makes Microsoft Office 365 deployment fast and easy, and enables secure local breakouts for remote offices, so users can quickly become productive. It requires no infrastructure changes — no hardware, no backhauling, and no impact on performance. 

Zscaler also solves the top CASB use cases that have to be addressed to safely embrace cloud resources like Microsoft Office 365. Learn more.

Multicloud

In a multicloud strategy, an organization uses two or more cloud service providers or services to perform functions such as cloud storage, cloud computing, security, or application support. Organizations can also combine public and private clouds for a hybrid multicloud, though among IT professionals, “multicloud” generally means multiple clouds from different public cloud providers.

Organizations are increasingly adopting multicloud environments due to the rise in remote work and demand for anytime, anywhere access to cloud services and apps. Multicloud doesn’t mean cloud-only, however—some organizations keep some functions in on-premises data centers or private clouds while using multiple cloud service providers for other purposes.

Multitenant Cloud Architecture

Multitenancy can describe hardware or software architectures in which multiple systems, applications, or data from different organizations are hosted on the same physical hardware. This differs from single-tenancy, in which a server runs only one instance of an operating system and application. A multitenant cloud architecture describes a single cloud instance and infrastructure purpose-built to support multiple customers. Multitenant cloud architecture enables customers, or “tenants,” to share computing resources efficiently in a public or private cloud while securely scaling to meet increasing demand.

Multi-Tenancy

Multi-tenancy is an architecture in which multiple systems, applications, or data from different enterprises are hosted on the same physical hardware. Multi-tenancy is a common feature of cloud-delivered services, as it allows clouds to share IT resources cost efficiently and securely.

Multi-tenancy is what enables the Zscaler cloud architecture to secure users anywhere they go because it allows policies to follow users. It also provides the scale needed to deliver multiple security services without latency. Perhaps most importantly, multi-tenancy is what fuels cloud intelligence, which means that if a threat is detected for any one of the 15 million users on the Zscaler cloud, protections are immediately propagated for all 15 million users. Learn more.

N

Network Security

Network security is the strategic combination of hardware and software designed to protect the sensitive data housed within the corporate data center. Network security has evolved over the years as more traffic is bound for the internet than is staying on the local network. Today’s stack in a security gateway, which monitors traffic going to and from the internet, includes a complex array of firewalls, intrusion prevention systems, sandboxes, URL filters, antivirus technology, data loss prevention systems, DNS filters, and many more devices and tools designed to keep outside attacks from entering the network and reaching the data and intellectual property inside.

Network Segmentation

Network Segmentation is the process of dividing a network into multiple zones and applying security protocols to each zone to manage security and compliance. Typically, it involves isolating traffic between network segments using virtual local area networks (VLANs), after which security is applied via firewalls to protect applications and data.

Network Transformation

Applications and infrastructure have moved to the cloud, and users have moved off the network, working on a range of unmanaged mobile devices. Forcing user traffic over established private networks and through centralized security controls or regional hubs is expensive, inefficient, and provides a poor user experience. Organizations are moving away from these traditional hub-and-spoke architectures to new, secure direct-to-cloud architectures. They are taking advantage of SaaS and IaaS, platforms, storage, and much more, and benefiting from cloud intelligence and agility to make their business more efficient and competitive. See how your can transform your network and security.

NGFW (Next-Generation Firewall)

NGFW is a hardware- or software-based network security system that detects and blocks sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.

The Zscaler Cloud Firewall provides NGFW protection for all users, in all locations, across all ports and protocols — without the need to deploy or maintain hardware or software. Learn more.

O

Office 365 Migration/Deployment

Because Office 365 was developed for cloud use, there are many hurdles to overcome when attempting to deploy it on a traditional hub-and-spoke architecture. With Zscaler customers who have migrated to Office 365, we’ve seen an average increase in network utilization of 40 percent, and that’s because each user is now generating between 12 and 20 persistent connections. This increase can easily overwhelm firewalls and increase your transport budget. It’s important to learn the network implications of Office 365 and the steps you can take to ensure a successful rollout. Learn about Zscaler for Office 365.

Operational Technology (OT) Security

OT security is composed of hardware and software controls used to monitor, identify and manage changes to devices and organizational processes, therefore protecting systems from cyber threats. Used in tandem with IT systems, OT security systems use intentional software for industrial process automation and are most commonly used in manufacturing or production environments, which makes it crucial to a company’s wellbeing.

P

Payload

In security, the payload is the part of the malware (malicious software) the gets “dropped” onto a victim’s system and carries out malicious activities. Malicious payloads are typically delivered via email in the form of an attachment or a link to an infected site. If the user opens the attachment or clicks the link, the payload is executed and begins the infection cycle, carrying out activities that may include stealing user credentials, deleting or encrypting data, spying, mining for cryptocurrencies, and more. It can also cause the infected user’s email account to start sending out spam email.

Persistent Threat

Phishing

Phishing is a category of cyberattacks that use deceptive “social engineering” techniques to trick people into divulging sensitive information, transferring sums of money, and more. Phishing attacks are usually disguised as harmless interactions that lure victims into trusting the attacker, and they may serve various ends, from simple profit to corporate espionage.

Purdue Model ICS Security

The Purdue model for industrial control systems (ICS) was developed in 1990 by Theodore J. Williams and members of the Purdue University Consortium for computer integrated manufacturing. The Purdue model for ICS security defines the different levels of critical infrastructure that are used in production lines and the optimal way to secure them.

R

Ransomware

Ransomware is a type of malicious software, or malware, that steals a user’s or organization’s data, encrypts it, and holds it “hostage” in exchange for a ransom, usually demanded in cryptocurrency. Ransomware attacks have increased over the past decade and are becoming increasingly sophisticated, but a modern ransomware protection strategy can help protect against ransomware.

Ransomware Attacks

Ransomware attacks occur when a type of malicious software, or malware, known as ransomware, is installed onto a user’s device or within a network. Orchestrated and executed by cybercriminals, ransomware attacks aim to take a user’s or organization’s data and hold it “hostage” until a specified ransom is paid, usually in cryptocurrency. Ransomware protection can help to prevent cybercriminals from delivering and executing this malware.

Ransomware Protection

Ransomware protection is composed of specific tools, technologies, and strategies used to prevent cybercriminals from infecting a user’s or organization’s data with a type of malware called ransomware. A modern ransomware protection strategy should include an AI-driven sandbox quarantine, always-on protection, and the ability to inspect all SSL/TLS-encrypted traffic.

Remote Access Virtual Private Network (VPN)

A remote access VPN allows remote users to access and use data and applications residing in an organization’s data center, headquarters offices, and cloud locations, often encrypting all user traffic.

Remote access VPNs are effective when corporate data and applications reside solely inside a corporate perimeter. However, as users have changed the way they work and applications have moved to the cloud, the perimeter has extended to the internet, making remote access VPNs less effective as they create opportunities for DDoS and other cyberattacks, cannot provide application segmentation, often provide a poor user experience, and other issues.

Remote Browser Isolation

Remote browser isolation (RBI) is a web security technology that protects users from online threats by hosting their web browsing sessions on a remote server instead of the user’s endpoint device. It separates web content from the user’s device to reduce its attack surface. When accessing a webpage or app, the user’s endpoint receives an exact, pixel-based rendering of it—not the active content. The user’s experience is unaffected, and hidden malicious code can’t reach them. Securing unmanaged devices with agentless browser isolation is one of several top CASB use cases.

Reverse Proxy

A reverse proxy serves as an intermediary between end users and the web and cloud destinations they are accessing. Unlike forward proxies, which sit on the client side, reverse proxies sit on the server side. Reverse proxy is most commonly used to reference an agentless cloud access security broker deployment mode, whereby the CASB integrates with an organization's cloud apps and identity provider to secure access to sanctioned cloud resources. However, because these proxies frequently break, more organizations have begun turning to cloud browser isolation for agentless cloud security (which is key for protecting data and access on unmanaged devices where software installations are typically infeasible). Learn about other CASB use cases.

S

Salesforce

Salesforce, founded in 1999, is the first major cloud-delivered, pay-as-you-go platform. Salesforce upended the world of enterprise applications by delivering software as a service (SaaS) and betting on a pure-cloud future. The company has remained the leader in online customer relationship management (CRM) tools.

SD-WAN (Software-Defined Wide Area Network)

SD-WAN is software-defined networking (SDN) technology applied to WAN connections, which are used to connect enterprise networks — including branch offices and data centers — over large geographic distances.

Zscaler partners with leaders in SD-WAN to provide comprehensive security, visibility, control, and data protection for your users going directly to the internet on your network. Learn more.

Secure Access Service Edge (SASE)

Secure access service edge, or SASE (pronounced “sassy,”), is a framework defined by Gartner in 2019 as a way to securely connect entities, such as users and machines, to applications and services—from anywhere. SASE combines wide-area networking (WAN) capabilities with security functions, such as SWG, CASB, FWaaS, and ZTNA, into a single cloud-based solution that’s delivered as a service. Services are delivered at the “edge” of a distributed cloud architecture, pushing them as close as possible to users for a fast experience with the fewest hops. At a time when workers are increasingly working remotely and off the corporate network, SASE assists organizations in making a secure, seamless transition to the cloud from legacy hardware in data centers, while securing access to cloud applications and reducing costs.

Read about the Zscaler SASE architecture.

Secure Digital Transformation

Secure digital transformation is the concept of securing the use of modern (digital) technologies and processes to empower organizations to operate more efficiently, intelligently, and rapidly. As organizations go through digital transformation, it is imperative to have the right security tools and solutions in place to reduce risk of cyberattacks and data breach. A digital transformation doesn’t simply replace existing processes and systems with new technologies. It’s a fundamental rethinking of business models and processes using digital technologies, such as cloud computing, big data, IoT, and artificial intelligence. The migration of applications and services to the cloud is an essential part of any digital transformation strategy.

Secure Web Gateway

A secure web gateway provides threat protection and policy enforcement for users accessing the web. It prevents users from accessing infected websites and prevents infected or otherwise unwanted traffic from entering an organization’s internal network. It is used by enterprises to protect their employees from accessing and being infected by malicious web traffic, websites, and viruses/malware.

Zscaler was named a Leader in the Gartner Magic Quadrant for Secure Web Gateways for 10 consecutive years. In 2021, Gartner defined the security service edge—a new category that includes SWG—and subsequently recognized Zscaler as a Leader in the 2022 Gartner Magic Quadrant for Security Service Edge, with the highest “Ability to Execute.”

Read more about Zscaler Web Security.

Security as a service

Security as a service is a way to deliver security technologies, traditionally deployed as hardware appliances in enterprise data centers or regional gateways, as a cloud service. Security as a service has become an important enabler of business in the increasingly cloud and mobile world because it is everywhere, providing secure access to applications and services no matter where they are hosted or where users connect. Security as a service closes gaps in enterprise security created by off-net users and those connecting directly to cloud apps and the open internet rather than being routed through the secure gateway.

Security Service Edge (SSE)

The security service edge (SSE), as defined by Gartner, is a convergence of network security services—namely SWG, CASB, and ZTNA—delivered from a purpose-built cloud platform. Where SASE focuses on access services, as the name implies, you could consider SSE a subset of SASE focused squarely on security services.

SSE is an important concept for modern data-driven organizations, where remote user bases and adoption of more cloud-delivered and as-a-service solutions have made data much more distributed. Traditional network security approaches tend to increase risk in these environments because they cannot follow connections between users and cloud apps, can be costly and complex to maintain, and are often built on point product stacks that are poorly integrated.

Shadow IT

Shadow IT refers to employee usage of unsanctioned or unmanaged applications without the approval of their organization’s IT department. Because IT lacks visibility into or control over such applications, they can increase the organization’s risk of data loss, leakage, or breach. You can address this issue with shadow IT discovery, a feature of CASB technology.

SLA (Service-Level Agreement)

An SLA is a contractual agreement between a service provider and customer that defines the level of service, responsibilities, and priorities. An SLA also makes guarantees regarding availability, performance, and other service metrics.

Zscaler is ISO27001-certified and provides 99.999% availability guarantees, with additional SLAs on latency and security.

Software-defined Perimeter

The software-defined perimeter (SDP) is a cloud-based approach to secure access. SDP mediates the connection between users and internal applications, without placing users on the network. While the traditional security perimeter were designed to protect internal services from external threats, the widespread use of SaaS applications and IaaS extend the perimeter to the internet. The software defined perimeter enable organizations to deploy the perimeter in the cloud so it can protect assets anywhere they reside—inside the data center or in public or private clouds. Access Gartner’s findings on SDP here.

Solarwinds Cyberattack

The SolarWinds Cyberattack took place on December 13, 2020 and was a coordinated software supply chain attack that involved the SolarWinds Orion platform. An advanced persistent threat (APT) adversary was able to gain access to the SolarWinds system to create “trojanized” updates on the platform and subsequently deployed malware on the networks of SolarWinds customers.

Spear Phishing

Spear phishing is a type of email cyberattack that uses social engineering to deceive a specific individual into divulging sensitive information, downloading ransomware or other malware, and more. Spear phishing attacks use publicly available or stolen personal data and other information specific to their targets to make their deception more convincing than other broader phishing techniques.

SSL (Secure Sockets Layer)

SSL commonly refers to the two cryptographic protocols in computer network security — transport layer security (TLS) and its predecessor, security sockets layer (SSL). The purpose of SSL is to provide secure communications over a network, and SSL-encrypted data now accounts for more than 80 percent of all internet traffic, according to Google. Many malware authors now hide their malicious code inside SSL-encrypted traffic. Yet many organizations don’t scan SSL traffic, because it is compute intensive do to so, requiring considerable hardware upgrades.

Zscaler inspect every byte of traffic — including SSL-encrypted traffic — so we can block hidden threats before they get into your network. Learn more.

SSL Decryption, Encryption, and Inspection

SSL traffic accounts for about 80 percent of all internet traffic, making SSL decryption, encryption, and inspection a vital component of your security posture. ThreatLabz researchers found that more than 54 percent of the malware discovered by Zscaler security engines was hidden behind SSL.

Zscaler inspects all traffic—including SSL-encrypted traffic—so we can block hidden threats before they get into your network.

SSL Decryption

SSL (Secure Sockets Layer) decryption is the process of decrypting inbound and outbound traffic and routing it to be inspected for threats. SSL decryption enables organizations to break open encrypted traffic and inspect its contents. The traffic is then re-encrypted and sent on its way. But inspecting encrypted traffic is nontrivial and it requires a proxy architecture.

If you want to learn how to inspect all your SSL traffic without costly appliances and without limitations, see how Zscaler’s SSL Decryption can help.

SSL Inspection

SSL (Secure Sockets Layer) inspection is the process of intercepting and reviewing SSL-encrypted internet communication between the client and the server. The careful inspection of SSL traffic has become critically important as the vast majority of internet traffic is encrypted with SSL (and its successor, TLS (Transport Layer Security), and encryption is widely used by malware authors to hide their exploits.

The Zscaler Cloud Security platform enables SSL inspection at scale, without latency, so you can inspect all traffic whether users are on the network or off. By pairing SSL inspection with Zscaler’s complete security stack as a cloud service, you get improved protection without the inspection limitations of appliances.

Supply Chain Attack

Supply chain attacks—also known as value chain or third-party attacks—are attacks against the suppliers of an organization as a means for gaining access to that organization, which is typically a high-value target. These types of attacks involve a high degree of planning and sophistication, and they can have a devastating impact on organizations in the blast radius of the original compromise, as in the case of the 2020 SolarWinds attack.

U

URL Filtering

URL filtering screens and blocks access or web content that is deemed inappropriate. URL filtering also protects against exposure to web-borne malware and viruses. URL filtering is a component of the Zscaler Secure Web Gateway. Learn more.

W

Web Security

Web security describes a set of protective measures put in place between enterprise users and the internet to prevent successful cyberattacks and data loss. This includes protecting employees from falling victim to ransomware, malware, credential phishing, and more. It can also include web application security—practices and tools that protect public websites from attack.

Web security has traditionally consisted of a stack of security appliances at an internet gateway, made up of various security and access controls, such as firewalls, intrusion prevention systems, sandboxing, URL filtering, and data loss prevention.

Learn more about Zscaler Web Security.

Z

Zero Trust

The zero trust security model was first introduced about ten years ago by an analyst at Forrester Research. The concept was built around the idea that enterprises should never inherently trust any user on or off the network. Access is granted based on user identity, device posture, and the policies defined for a particular application. Because all traffic must be inspected and logged in a zero trust model, it requires a level of visibility that’s not possible with traditional security controls. Zscaler Private Access enables zero trust security and access through multi-factor authentication, micro-segmentation, and visibility and reporting. Learn more.

Zero Trust Architecture

Zero trust architecture is a security architecture built to reduce a network's attack surface, prevent lateral movement of threats, and lower the risk of a data breach based on the core tenets of the zero trust approach, by which implicit trust is never granted to any user or device. The zero trust security model puts aside the traditional "network perimeter"—inside of which all devices and users are trusted and given broad permissions—in favor of least-privilege access controls, granular microsegmentation, and multifactor authentication (MFA).

Zero Trust Exchange

With remote work becoming more common and users and data moving off the corporate network, and onto the internet, organizations need to secure this transformation. Zero Trust Exchange provides a platform of services to make this transition easier. It is built around five core attributes including zero attack surface, connecting users to apps instead of a network, proxy architecture, secure access service edge (SASE), and multitenant architecture.

Zscaler Internet Access

Zscaler Internet Access is a 100% cloud-delivered replacement to the security stack of appliances in the outbound gateway. It provides multi-layered security for secure, policy-based access to the internet, for every user on any device in all locations across a distributed organization. Zscaler Internet Access includes Access Control services (Cloud Firewall, Bandwidth Control, URL Filtering, and DNS Filtering); Threat Prevention services (Cloud Sandbox, Advanced Protection, Antivirus, and DNS Security) and Data Protection services (Data Loss Prevention, Cloud Application Control, and File Type Controls). Learn more.

Zero Trust Network Access

Zero trust network access (ZTNA), also known as the software-defined perimeter (SDP), is a set of technologies that operates on an adaptive trust model, where trust is never implicit, and access is granted on a “need-to-know,” least-privileged basis defined by granular policies. ZTNA gives users seamless and secure connectivity to private applications without ever placing them on the network or exposing apps to the internet.

Zscaler Private Access

Zscaler Private Access provides policy-based, secure access to private, internal applications no matter where users connect or where the applications reside. With Zscaler Private Access, you can enable authorized users to access an application without allowing access to your network. And your private apps are never exposed to the internet. Learn more.

Zscaler Platform

Built on a global, multi-tenant architecture, the Zscaler platform is the world’s largest 100 percent cloud-delivered security platform with more than 150 data centers on 6 continents. The Zscaler platform is the foundation on which the Zscaler Internet Access and Zscaler Private Access services are built. Learn more about the platform.