Partner Data Sheet: Zscaler | Anomali

DATASHEET

Partner Data Sheet: Zscaler

Zscaler Product Overview

Applications have moved to the cloud, users increasingly work remotely, the internet has become the new corporate network. How can one secure a network that one does not have control over? Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) provides a cloud- native in-line security platform that ensures exactly the same level of secure access to internet applications for all users and all devices, irrespective of location. Learn more at zscaler.com or follow us on Twitter @zscaler.

Zscaler Benefits

  • No appliances, security delivered via cloud ensures consistent security even for branch office and remote employees.
  • Transition from traditional hub-and-spoke network and security architecture to modern direct-to-internet user and application-centric security models governed by business policies.
  • Eliminate need for security updates, patching, and change outages by incurring the benefits of cloud effect – 60BN+ requests processed daily, 120K+ unique security updates daily, 100M+ threats blocked daily.
  • Get secure, fast and reliable access to all applications – across any network, any device, any user.

Zscaler Next- Generation Cloud Security Solutions

Zscaler Internet Access delivers your security stack as a service from the cloud, eliminating the cost and complexity of traditional secure web gateway approaches. By moving security to a globally distributed cloud, Zscaler brings the internet gateway closer to the user for a faster experience. Organizations can easily scale protection to all offices or users, regardless of location, and minimize network and appliance infrastructure.

Because Zscaler Internet Access sits between your users and the internet, every byte of traffic is inspected inline across multiple security techniques, even within SSL. This gives you full protection from web and internet threats. And, with a cloud platform that supports Cloud Sandboxing, Next-Generation Firewalls, Data Loss Prevention (DLP), and Cloud Application Visibility and Control, you can start with the services you need today and activate others as your needs grow.

Anomali: Know Your Adversary

Anomali detects adversaries, informs security teams who they are, and helps them find and respond to cyber threats. The Anomali Threat Platform automates all processes for collecting, managing and integrating threat intelligence from multiple sources. This gives security analysts tools and resources needed to quickly respond to active threats and attacks.

Benefits of the Joint Offering

Anomali delivers threat intelligence in real-time to customers via its integration with Zscaler’s cloud security platform. Zscaler leverages high fidelity intelligence from Anomali to enforce security policies to protect organizations’ users and devices, no matter where they are located. User-defined IOCs forwarded to Zscaler from Anomali are enriched with factors such as risk score to add context and relevance to the delivered information.

Anomali Zscaler Diagram

To start receiving high-confidence IOCs and enforcing them in Zscaler, administrators need to spend only a few minutes configuring the integration within the Anomali UI. After setup, the administrator can define a search query in Anomali and create a user-defined
URL filtering policy. Zscaler will then start receiving intelligence
on suspicious domains, IP addresses and URLs, and automatically blacklist these across the Zscaler Platform for all organizations’ users, on or off network.

Prioritized Information

By utilizing specific threat intelligence feeds around targeted attacks, the Anomali Zscaler integration not only helps prioritize threats, it also helps proactively mitigate them.

Contextual Enforcement Specific to User Needs

Organizations rely on threat intelligence from multiple sources. However, without context, it’s worthless. Anomali provides relevant intelligence that understands the broader context of external threats. By allowing administrators to define custom filtering policies in Zscaler based on user-defined queries in Anomali, the Zscaler cloud platform enforces in-line, just-in-time policies. This protects users and devices on or off the network from malicious internet destinations.

Anomali Overview Overview

Knowing adversaries helps organizations stay ahead with a proactive security posture. Anomali arms security teams with cyber threat intelligence needed to identify and prioritize critical threats

  • Collect intelligence from premium feeds, OSINT, STIX/ TAXII, ISACs
  • Evaluate and purchase intelligence feeds via the APP Store
  • Apply machine learning optimized threat intelligence and reduce false positives
  • Normalize disparate sources and enrich with additional threat context
  • Give your analysts decision advantage and improve situational awareness

Joint Solution Benefits

  • Automatic blacklisting via threat intelligence provided by Anomali to the Zscaler Platform
  • Strengthen Zscaler policy making with integration of Anomali IOCs and threat intelligence
  • Simplify the analysis of threat incidents and SOC analyst workflows
  • Improve visibility and protection across all users on and off network

About Zscaler

Zscaler (NASDAQ: ZS) enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet AccessTM and Zscaler Private AccessTM, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100 percent cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances are unable to match. Used in more than 185 countries, Zscaler operates a multi-tenant distributed cloud security platform, protecting thousands of customers from cyberattacks and data loss. Learn more at zscaler.com or follow us on Twitter @zscaler.

About Anomali

Anomali® detects adversaries and tells you who they are. Organizations rely on the Anomali Threat Platform to detect threats, understand adversaries, and respond effectively. Anomali arms security teams with machine learning optimized threat intelligence and identifies hidden threats targeting their environments. The platform enables organizations to collaborate and share threat information among trusted communities and is the most widely adopted platform for ISACs and leading enterprises worldwide. For more information, visit us at www.anomali.com.