Cloud security leader Zscaler bets on generative AI as future of zero trust

Clarifying its vision that the future of zero trust is built on generative AI, Zscaler made many new product and service announcements this week at Zenith Live 2023 that reflect an aggressive growth strategy aimed at upselling and cross-selling new cybersecurity services on its cloud-native Zero Trust Exchange™ (ZTX) platform. Zscaler thus joins the race to monetize generative AI on its platform while assuring customers of the platform’s security.

CrowdStrike, long known for its AI and machine learning expertise, recently introduced Charlotte AI as its generative AI cybersecurity analyst. Google Cloud Security AI Workbench and Microsoft Security Copilot are among the leading generative AI-assisted cybersecurity solutions.

Palo Alto Networks‘ CEO Nikesh Arora remarked on that company’s latest earnings call that Palo Alto sees “significant opportunity as we begin to embed generative AI into our products and workflows.” Arora added that the company intends to deploy a proprietary security LLM in the coming year.

Other vendors are in the game as well. Airgap Networks with its ThreatGPT, as well as Recorded Future, SecurityScorecard, SentinelOne, Veracode and ZeroFox are all delivering AI-based services today.

Boards expect CISOs and CIOs to get behind generative AI

Zscaler’s keynote quickly addressed one of the most discussed topics among customers at the event: the threat of internal data leaking into publicly available LLM models. Interviews VentureBeat conducted with Zscaler customers confirmed that news of Samsung engineers’ recent feeding of sensitive data into ChatGPT had led to board-level discussions of how much and which generative AI-based technologies would be accessible at their companies.

>>Don’t miss our special issue: Building the foundation for customer data quality.<<

VentureBeat spoke with Alex Phillips, CIO at National Oilwell Varco (NOV), about his company’s approach to generative AI. Phillips, tasked with educating his board on the advantages and risks of ChatGPT and generative AI in general, periodically provides the board with updates on the current state of generative AI technologies. This ongoing education process is helping to set expectations about the technology and how NOV can put guardrails in place to ensure Samsung-like leaks never happen.

Zscaler often hears the same concerns from its enterprise accounts, evidenced by the topic’s importance in the opening keynote. Syam Nair, chief technology officer at Zscaler, asked the audience: “How do I ensure that I protect that data? I protect the data from being used as well as its intellectual property that will not be used in terms of training models in the public domain. This is where zero trust and the need for zero trust for AI applications comes into being.”

Zscaler sees generative AI strengthening zero trust across a broad spectrum of cybersecurity challenges today, starting with solving the dilemma of using generative AI for productivity without introducing a strategic security risk.

>>Follow VentureBeat’s ongoing generative AI coverage<<

Zscaler wants Zero Trust Exchange™ to be a revenue multiplier 

Zscaler CEO Jay Chaudhry’s keynote emphasized how ZTX relies on globally distributed cloud and zero-trust connectivity to support its foundation while integrating cyber-threat protection and data protection. Zscaler looks to capitalize on the telemetry data that ZTX manages daily for its customers to train and deliver in-depth business insights, reporting and new services (previewed at the event).

Chaudhry used the following graphic several times during his keynote to explain how Zscaler is prioritizing its generative AI investments in the context of ZTX and associated product and service initiatives.

Zscaler bets big on generative AI as the future of zero trust

Chaudhry emphasized that Zscaler has invested $1.7 billion in research and development (R&D), pursuing next-generation AI projects while continuing to invest in existing platforms and solutions. Its R&D on generative AI and zero trust delivered four new solutions introduced this week at Zenith Live.

One of these is Zscaler Risk360, a risk quantification and visualization framework that relies on AI and predictive modeling to remediate cybersecurity risk. Another is Zero Trust Branch Connectivity, designed to eliminate lateral threat movement by providing AI/ML-powered zero-trust connectivity from branch sites to data centers and multicloud environments.

Zscaler also introduced the Zscaler Identity Threat Detection and Response (ITDR) solution designed to reduce the risk of identity attacks with continuous visibility, risk monitoring and threat detection, and ZSLogin, which includes centralized entitlement management, passwordless multifactor authentication and automated administrator identity management.

Zscaler’s Business Insights strategy dominated several keynotes and formed the fourth solution set of the Zscaler strategy. How highly the senior management team prioritizes Business Insights, including Risk360, was evidenced by how much time they devoted to it across several keynotes and in interviews with VentureBeat. Chaudhry told the keynote audience that “with 300 billion transactions a day, hundreds of billions, or trillions of telemetry [data] a day, there’s a lot of business insights we got, and customers [have] said, ‘You need to help us. Give [us] some more valuable information out of this.’ So Business Insights based on AI cloud has become our next big focus area.”

Risk360 is designed to provide CISOs, CIOs and security and risk management professionals who work with boards of directors with the summarized risk data they need to make the best decisions possible. Zscaler claims that the platform supporting Risk360 can integrate internal and external data sources and capture insights from over 100 data-driven factors to help provide risk quantification, visualization, reporting and suggested remediation actions.

Zscaler previews its future AI plans

Zscaler introduced and provided in-depth demonstrations of three generative AI products and services under development. They are:

Security AutoPilot with breach prediction: Using AI engines to learn from cloud-based policies and logs to secure data continuously, Security Autopilot is designed to simplify security operations. It prevents breaches by recommending policies and performing impact analyses. Zscaler’s ThreatLabz is testing it. Another design goal is to train LLMs with billions of Zscaler logs to predict breaches before they happen.

Zscaler Navigator: This is a simplified and unified natural language interface for customers to interact with Zscaler products and access relevant documentation securely and intuitively.

Multi-Modal DLP: Traditional DLP solutions understand and manage only text and image data, but the world has moved on to more visual and audio multimedia formats. Zscaler will integrate generative AI and multi-modal capabilities into its DLP offerings to protect customers’ data across multiple media formats, including video and audio. Of the three new products previewed, Multi-Modal DLP was the most advanced in its use of generative AI, with the potential to deliver value immediately upon its release.

To gain insights into how Zscaler is capitalizing on generative AI’s strengths in future products, VentureBeat interviewed Deepen Desai, global CISO and VP of security research and operations. Desai is responsible for ensuring that the global Zscaler cloud infrastructure and products are secure. He also leads a global team of security experts continually tracking the threat landscape. One of his team’s top three priorities is protecting against insider threats.

“We’ve been using AI/ML for several years, but traditional models still have their place. Large language models will allow us to correlate, consume large volumes of data and then orchestrate some of these workflows to respond much more quickly,” Desai told VentureBeat.

He continued, “Zscaler on a daily basis secures 300 billion transactions, and this results in eight billion policy violations and threats getting blocked. This provides 500 trillion daily signals to a team of security and machine learning experts, and we leverage this to train our AI and ML models for high detection efficacy.“

During his keynote, titled “Leveraging Generative AI to Improve Risk Posture and Derive Business Insights,” Desai provided an overview of how Zscaler organizes its AI and ML strategies around ZTX. He showed the following diagram and explained how Zscaler’s focus is on reducing data latency with more real-time threats and monitoring data while also alleviating the data delays caused by siloed systems, two challenges that he said CISOs at its enterprise customers are looking for Zscaler to solve.

Keeping Zscaler secure delivers innovation dividends

Desai and his teams’ work to protect the Zscaler build environment has crossover benefits to the product DevOps teams. One area where this is evident is in protecting against insider threats.

VentureBeat asked him what approach he takes as CISO to protect against these threats, from a zero trust and technology-driven perspective. Desai said, “When I say zero trust, my goal is to ensure I don’t trust any endpoints. That’s where these guys [attackers] will gain access to crown jewel applications, is what I’m trying to defend. In the Zscaler world, my production infrastructure is the crown jewel. That’s what I’m protecting. My customers, core infrastructure, and the build environment are my crown jewel. How my users connect to it is [where] I apply the zero trust principle and user-to-app segmentation.”

Desai uses decoys extensively across Active Directory and sensitive environments to identify potential insider threat activity. The lessons Desai and his team have learned add to the knowledge the DevOps teams can use to enrich Zscaler products.