Lead Machine green 160x1200

Lead Machine green 160x1200

Lead Machine green 600x108

Thursday, 23 June 2022 17:21

Zscaler launches Posture Control solution to remediate hidden security risks across cloud-native application environments

By Zscaler
Zscaler president Amit Sinha Zscaler president Amit Sinha

COMPANY NEWS: Zscaler, the leader in cloud security, today announced its new Posture Control solution, designed to give organisations unified Cloud-Native Application Protection Platform (CNAPP) functionality tailor-made to secure cloud workloads. Integrated into the Zscaler Zero Trust Exchange, the Posture Control solution enables DevOps and security teams to efficiently prioritise and remediate risks in cloud-native applications earlier in the development lifecycle. The completely agentless solution correlates and prioritizes risks, such as unpatched vulnerabilities in containers and VMs, excessive entitlements and permissions, and cloud service misconfigurations.

"The cybersecurity landscape continues to evolve as more applications reside across multi-cloud footprints, making it more difficult than ever for security, IT, and DevOps teams to keep up with new types of attacks and efficiently prioritise and then remediate cloud risks," said Zscaler president Amit Sinha. "Unlike point cloud security tools, which lack context and overburden operators with alerts while missing the full picture, Zscaler's new Posture Control solution correlates signals across several cloud security disciplines to identify and prioritise real risk drivers and high priority security incidents. Also, by extending security directly into developer workflows, infosec teams can collaborate more effectively with DevOps teams to proactively secure applications earlier in the development lifecycle."

Today, most enterprises are forced to implement and manage dozens of point security tools to achieve complete security coverage. These tools operate in silos and are not integrated, leading to visibility challenges, security gaps, and friction among cross-functional teams. However, due to the dynamic nature of the cloud, security risks are made up of a combination of several complex issues that are interconnected across multiple layers. To address them, security teams need a consolidated platform that prioritises risk across all their cloud environments.

To meet the scale and speed required for cloud-native application development, organisations need a unified approach that envelops the entire continuous integration and continuous delivery (CI/CD) lifecycle, integrating seamlessly with developer and DevOps workflows. They also need a simplified architecture that correlates issues across multi-cloud environments to better identify high priority security risks and deliver remediation via each stakeholder's preferred workflows earlier in the development process.

"As organisations increasingly move their applications to the cloud, security teams struggle to keep up with cloud-native development because multiple siloed tools create too many alerts that are difficult to manage and prioritise," said Enterprise Strategy Group (ESG) senior analyst Melinda Marks. "With its integrated approach, Zscaler's Posture Control solution can help security and DevOps teams better identify, prioritise, and remediate risks. With solutions like this, organisations can focus on the top issues to greatly reduce their overall risk."

Zscaler's new Posture Control solution builds on the security capabilities of Zscaler's proven Workload Communications solution, which is designed to secure cloud applications at runtime. Integrated with the Zscaler for Workloads service, the Posture Control solution and Workload Communications are combined to unify development and runtime security of cloud-native and VM-based applications running on any service in any cloud. The Posture Control solution delivers comprehensive coverage of all cloud environments in a singular view and a unified data model to enable security, IT, and DevOps teams to secure cloud apps without disrupting the development processes. Following are key features of the Posture Control solution.

• Advanced threat and risk correlation: Identify and assess the combination of multiple security issues that may appear to be low-risk individually, but have the potential to create larger, more malicious risks across cloud environments when combined. These correlated risks are unified in a singular view, giving security teams the context they need to properly explore and prioritise risks in the cloud.

• Agentless workload scanning: Avoid developer friction and eliminate blind spots due to incomplete coverage of security tools with a 100% agentless, API-based approach. VMs and containers are scanned in both registries and in production environments, correlating vulnerabilities with other cloud weaknesses to prioritise actions based on risk rather than on CVSS score alone.

• Full lifecycle cloud security: Detect and resolve security issues early in the development phase before they become production incidents with 'shift left' security. Zscaler monitors automated deployment processes and sends alerts when critical security issues are found.

• Risk and compliance visualisations across the entire cloud: Gain 360-degree visibility into risks across the entire multi-cloud footprint, including VMs, containers, and serverless workloads. Zscaler integrates with development platforms like VS Code, DevOps tools such as GitHub and Jenkins, and all major cloud providers to enable visibility and control 'from build to run.'

• Simplified, fast deployment and operations: Zscaler and HashiCorp, a leader in multi-cloud infrastructure automation, have extended their integrations to secure cloud-native workloads in multi-cloud environments. The Posture Control solution can now easily scan infrastructure-as-a-code templates written in Terraform in the development environment. This shift-left approach provides the ability to build security in the CI/CD process, thereby reducing friction between development and security teams, and providing rapid application deployment and better security posture of cloud workloads.

For more details about Zscaler's Posture Control solution, please see here.

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centres globally, the SSE-based Zero Trust Exchange is the world's largest in-line cloud security platform.

Read 878 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments