How Zscaler is leveraging generative AI for advanced cybersecurity defense

• The capabilities of AI put to use in cybersecurity. 
• Zscaler showcased generative AI-based solutions in Las Vegas.

Rapid changes in the digital world bring increasing threats from sophisticated and persistent cyber-attacks, meaning companies must continuously bolster their defense mechanisms. Addressing this need, Zscaler has unveiled a series of cybersecurity solutions leveraging the immense capabilities of generative AI, along with four distinct cybersecurity offerings, fortifying its Zscaler Zero Trust Exchange cloud security platform.

These pioneering developments aim to enhance the surveillance and mitigation of complex cyber-attacks, pioneer a fresh strategy for secure branch office connectivity, and simplify administrative procedures for IT professionals, even when operating at a large scale.

Reimagining cybersecurity with generative AI

At the Zenith Live Las Vegas event, Zscaler demonstrated a range of solutions leveraging the transformative force of generative AI. Utilizing its vast data repositories, Zscaler employs AI and machine learning, or generative AI, to anticipate breaches and suggest policy changes, thereby bolstering threat identification, prevention, and response.

To achieve meaningful AI-driven outcomes, substantial volumes of diverse, high-quality data are needed, along with an advanced AI engine to train AI models for accurate and precise results.

Zscaler’s CEO, chairman, and founder, Jay Chaudhry, emphasizes that generative AI signifies a pivotal shift in technology. He believes that organizations with extensive, pertinent proprietary enterprise data stand to emerge as frontrunners, fully harnessing the potential this technology offers.

Chaudhry highlights Zscaler’s early appreciation of the critical role of AI and ML, which has resulted in significant improvements in services, ranging from data protection to digital experience monitoring. “Today, Zscaler is making a substantial leap forward by launching a suite of security features that enable our customers to safely utilize the power of new generative AI tools to predict and thwart breaches,” he explains.

Empowering the AI transformation journey

In its endeavor to unleash the full potential of generative AI, Zscaler must consider several crucial aspects associated with the potential applications of generative AI in enhancing cybersecurity measures. These factors could include cybersecurity training based on specific scenarios that use synthetic data and various attributes to generate simulated attacks, environments, and situations for cybersecurity training.

Another critical component is the generation of synthetic data, a method that can securely create anonymized copies of data for the development of AI and software applications. This technique also aids in the process of security monitoring, reporting, and recommendations that are specific to a particular context. It allows security teams to scan existing code and networks for potential vulnerabilities and offers remediation suggestions that are context-sensitive.

Watch the video below on the recap of Zenith Live ’23 Las Vegas:

In this light, Zscaler’s array of AI-driven cybersecurity innovations assists organizations in speeding up their journey towards AI transformation, while preparing to fully exploit the benefits of generative AI in the future. This includes:

• Enabling safe use of generative AI for Zscaler clients – Recognizing the necessity for visibility in cybersecurity, Zscaler has integrated a new URL category and cloud application for tools such as Bard and ChatGPT, among others. This allows administrators to accurately manage user access to these tools and enforce browser isolation for data protection. Zscaler also offers risk assessment for popular apps, evaluating the potential threat posed by their AI integrations based on the apps’ security posture and data retention policies.
• Propelling product development – Zscaler has revealed the development of its unique natural language processor, Zscaler Navigator. This tool capitalizes on the company’s data lake to allow users to interact with products, request usage statistics, and ask about support in a user-friendly and conversational way.
• Boosting overall performance – The deployment of multi-modal scanning strengthens data loss prevention (DLP) by examining various media types, including images, videos, and even Zoom calls for sensitive information. This aids in preventing the upload of such content to third parties and helps security teams tackle one of the most challenging threats to manage – insider attacks.

Sanjay Kalra, Zscaler’s VP of Product Management, acknowledges that the model’s predictive accuracy is not flawless; it operates on a probabilistic basis, improving in accuracy as it incorporates more data points. However, thanks to the company’s massive dataset, the model closely approximates accurate prediction and helps clients prevent breaches spreading.

Kalra emphasizes that the model is tailored to provide customers with advanced and timely information, especially during a breach’s early stages. Although the model’s accuracy might not always hit 100%, its precision improves as it gets closer to the event, giving a significant edge to those in the earlier stages of the lifecycle.

Solid defense is imperative

In the face of intensifying and convoluted cyber-attacks, organizations encounter considerable threats to their reputation, finances, and operations. They, therefore, require a robust cloud security platform for immediate threat detection, automated responses, and proactive risk reduction. Zscaler has launched the following enhanced security services and features to support organizations:

1. To begin with, Zscaler launched Risk360, a tool that leverages data from various sources within its platform to enable IT leaders to make informed decisions to counteract cyber threats.
2. Next, they introduced Zero Trust Branch Connectivity, a novel approach to branch connectivity that improves security, cost-efficiency, and reduces operational complexity. It eradicates the risks associated with site-to-site VPNs over SD-WANs, benefiting M&A processes.
3. Zscaler unveiled its ITDR solution to combat identity-based cyberattacks by providing continuous visibility, risk monitoring, and threat detection.
4. Finally, the ZSLogin Feature was announced, which centralizes login processes and automates administrative identity management for IT. It features simplified authentication, centralized entitlement management, and passwordless multi-factor authentication.

Zscaler’s VP of Product Management, Naresh Kumar, highlighted that these services would assist enterprises facing heightened security threats due to reliance on site-to-site VPNs for branch locations.

“Site-to-site VPNs establish an entry point for lateral threat movement and lack the security benefits of a zero-trust architecture,” Kumar said. “Zscaler has re-envisioned branch connectivity by eliminating VPNs and providing secure access via the Zscaler Zero Trust Exchange for users, servers, and devices at branch sites – all that is required is a broadband connection.”