Zscaler and the move from point-products for cybersecurity

Most household-name cybersecurity specialist providers, and many of the better-known enterprise-grade vendors, too, began their lives as antivirus, or later, anti-malware software outfits. Servers and clients (that we now term ‘endpoints’) could be protected by agent-based routines that examined suspected executables’ checksums against signatures from large lists of known worms and viruses. As threat numbers grew, platforms evolved to protect differently; heuristically or by examining apps’ behavior. These were  joined by perimeter protection methods (like IDS/IPS systems) and specialist layers of insulation against email-carried attacks, insider threats, and so on.

In most enterprises today, there’s a mixed bag of cybersecurity protection measures, latterly joined by platforms capable of working across multiple as-a-service platforms in daily use. These claim to function seamlessly where workers are part-remote, part inside the perimeter, and where BYOD has been joined by SAHWYOD (stay at home with your own device – an acronym we are proud to have just coined). Zero-trust frameworks and this year’s it-girl, SASE, can roughly be described as collections of different cybersecurity protections, albeit operating under one vendor’s banner.

The acceptance of a mix of cybersecurity tools and, often, vendors, has been considered the norm for a while now. Few security specialists (apart from the huge pan-technicas like HPE) dare to suggest that they are the one vendor to rule them all: an all-in-one, end-to-end, be-all-and-end-all in cybersecurity. Zscaler has now raised its head above the parapet with just such a claim.

Cybersecurity specialists acquired

In a press statement dated October 19, 2022, the company celebrates its acquisition of ShiftRight a month previously, and celebrates automation of its cybersecurity offerings as a result of that company’s capabilities joining its portfolio.

The press statement also claims to have built what it terms a system of “unified data protection,” informed by information it draws from its network of worldwide internet and threat monitoring stations (termed the Zscaler Zero-Trust Exchange). It combines those insights with tools that protect endpoints, cloud, perimeter, mobile, and, latterly, edge computing. The automation-capable entirety is now, therefore, controllable from a single point and is described as “zero configuration.” It’s painting a picture of Bilbo’s ring, it seems.

Moinul Khan, Vice President & General Manager of Data Protection at Zscaler, said, “[…] Zscaler Data Protection works for the IT administrator, rather than having the IT administrator work for it. In addition, the technology we acquired from the recently announced ShiftRight acquisition allows organizations to manage hundreds of potential risks and incidents in a simple yet very sophisticated way to reduce case resolution time significantly.”

At a time when cybersecurity personnel are thin on the ground, having centralized command & control facilities is an attractive proposition to many organizations, especially those with an investment in existing security services. The Zscaler’s zero-trust framework is cloud-based but covers endpoint and email protection, plus coverage of web, SaaS, IaaS, PaaS, and private apps. The company states, “This removes the need for point products.” However, on closer examination, the Zscaler portfolio comprises exactly that, some of which it developed in-house (it holds over 200 patents) and others by acquisitions since 2018: it’s bought TrustPath (with an AI specialism), Appsulate, Cloudneeti and Smokescreen, to name a few.

If organizations under resource pressure on their cybersecurity measures feel like “going all in” with a single provider, Zscaler is positioning itself as just that. The question remains whether such confidence in one vendor is warranted.