Zscaler, Inc. announced the introduction of Zscaler Asset Exposure Management, designed to advance how organisations manage their asset risk, commonly referred to as Cyber Asset Attack Surface Management (CAASM). Serving as a critical foundation for Zscaler’s broader Continuous Threat Exposure Management (CTEM) offerings, this innovative solution consolidates and correlates data from a vast array of sources to deliver to organisations a precise inventory of assets and visibility into their security gaps to mitigate cyber risk.
Organisations often struggle to maintain an accurate inventory of their assets. As a result, IT and security teams resort to spending hours using spreadsheets to track assets, making it difficult to assess the risks these assets pose and to prioritise remediation efforts. This issue is particularly pressing in regulated industries, such as healthcare and financial services, where non-compliance can result in significant fines.
Built on Zscaler’s powerful Data Fabric for Security, Zscaler Asset Exposure Management integrates and correlates data from hundreds of sources, including Zscaler’s cloud security platform providing organisations with a comprehensive and accurate inventory of their assets and their risk. Zscaler’s Zero Trust Exchange platform processes over 500 billion security transactions daily, offering a comprehensive view of customer assets and associated risks. With more than 50 million devices using Zscaler agents to collect and share telemetry, the platform provides in-depth visibility into assets operating in branches and factories through the Zero Trust Branch solution. Additionally, it delivers insights into workloads in multi-cloud environments via the Zero Trust Cloud solution. This breadth of data delivers more effective security outcomes.
Zscaler Asset Exposure Management offers comprehensive asset risk management, enabling organisations to:
* Create an accurate asset inventory: Aggregate and deduplicate data from multiple sources to provide a comprehensive view of assets and their associated software stacks.
* Identify coverage gaps: Detect assets lacking essential security measures, such as missing Endpoint Detection and Response (EDR) solutions or outdated software versions.
* Enhance data accuracy: Improve data hygiene by automatically updating Configuration Management Databases (CMDB) and resolving data discrepancies across systems.
* Mitigate risks: Trigger automated remediation workflows and policy adjustments to restrict access for users associated with risky assets, thereby immediately lowering enterprise risk.
Together with Zscaler Risk360 and Unified Vulnerability Management, this new CAASM offering provides customers with a comprehensive solution for more effective exposure management.
“Managing the security stack on our endpoints has been a labor-intensive task for our team,” said Mike Melo, CISO of LifeLabs. “Previous CAASM tools lacked the policy management features we needed to pinpoint risky or non-compliant assets. With this new software, we expect to save hundreds of hours of manual work, and because it’s built on the Zscaler Data Fabric for Security, which is already serving our exposure management program, we’ll see value in just a week, with no extra effort required.”
“Companies have struggled for decades with the fundamental question of how many assets they actually have and what risk they pose to the business,” said Adam Geller, Chief Product Officer, Zscaler. “The unmatched data set of 500 billion daily transactions from the Zscaler platform, combined with data from third-party sources, provides our customers with a unique advantage in identifying asset risk. By aggregating and synthesising this data for additional context, we deliver more complete insights and empower our customers to make better decisions.”
“Zscaler is integrating its own unique telemetry alongside the data aggregated from third-party sources,” said Michelle Abraham, senior research director, Security and Trust at IDC. “The Data Fabric for Security’s ability to synthesise, normalise, and enrich this data brings depth to asset visibility and security insights providing Zscaler with a foundational product for improving organizational cyber hygiene.”