Mumbai: Zscaler and CrowdStrike have joined hands to strengthen the security of their common customers with the zero-trust security approach.
Both cloud-native security companies Zscaler and CrowdStrike have announced a series of integrations that provide security protection from endpoint to application to joint customers.
These integrations strengthen the security of customers. It provides them with an identity and data-centric zero-trust approach covering key aspects of data, people, devices, workloads and networks.
With the integration, Zscaler has become CrowdStrike’s first cloud security partner to leverage its Zero Trust Assessment (ZTA) in general availability. It enables secure access to applications from any endpoint, regardless of the user or location.
The CrowdStrike Falcon platform processes over 5 trillion events a week. Using CrowdStrike Falcon platfrom, ZTA grants dynamic conditional access based on continuous real-time security posture assessments of device health and compliance checks.
The integrations with Zscaler Private Access (ZPA) makes access to private applications automatically adapted based on the ZTA assessment score and updated access policies from Zscaler.
The integrations will offer mutual customers four key benefits:
● ZPA incorporates CrowdStrike’s real-time ZTA to enforce access policy to private apps to reduce organisational risks
● Zscaler Internet Access (ZIA) deployed inline stops malware propagation by triggering device quarantine through the CrowdStrike Falcon Platform
● CrowdStrike’s Falcon X threat intelligence and Falcon Endpoint Protection device telemetry data can be shared with Zscaler Zero Trust Exchange for seamless usage when integrations are activated to provide stronger protection and increased visibility
● Cross-platform workflow shortens response time and helps combat increasing volumes and sophistication of attacks
Zscaler and CrowdStrike first partnered in 2019 to integrate the CrowdStrike Falcon platform with Zscaler’s cloud security platform. It aimed to provide customers with real-time threat detection and automated policy enforcement to improve security across networks and endpoints.
Accoding to Zscaler’s President, CTO and Board Member, Amit Sinha, employees are working from anywhere and applications are moving to the cloud and the enterprise perimeter doesn’t exist anymore.
“The internet is the new corporate network and security should follow users and workloads wherever they are. Zero trust requires decoupling application access from being on the corporate network and allowing access based on identity, context, and business policies,” said Sinha.
“This dramatically reduces an organisation’s attack surface and prevents lateral propagation of attacks. We’ve seen repeatedly when organisations rely on legacy firewall and network-centric solutions,” he continued.
This collaboration between Zscaler and CrowdStrike provides joint customers with adaptive and risk-based access control to private applications. And enabling them with improved defense for people working from anywhere.
The integration also enables automated workflow between the two platforms using data sharing between threat intelligence and telemetry data. It provides zero-day malware protection, automatic update of inline custom blocklists, and faster data correlation and impact assessment.
Recent high profile attacks involving compromised credentials, according to CrowdStrike’s CTO Michael Sentonas have served as a moment of truth for organisations. “Organisations are struggling with expanding remote workforces, cloud applications growth and an increasingly complex threat landscape.”
“Modern organisations need to embrace an identity-centric approach to security with a mature zero trust architecture that is dynamic and end-to-end, automating workflows that ensure verified access across endpoints, networks, workloads, and devices. Zero-trust must be the de facto standard in today’s work-from-anywhere world,” said Sentonas.
Cushman & Wakefield is one of the joint customers of Zscaler and CrowdStrike. It has leveraged and deployed integrated security solutions for its 400 offices in 60 countries.
“The solutions enabled our organisation’s security transformation by providing increased visibility of endpoints and workloads across our approximately 400 offices in 60 countries. Immediate detection and response are critical for stopping potential breaches, and we are able to significantly accelerate our response,” said Cushman & Wakefield’s CISO Erik Hart.
“As distributed workforces continue to grow and increasingly expose corporate environments to intensifying cyber threat activity. An identity-centric zero trust strategy must be implemented to ensure access is verified and organisational risks are minimized,” added Hart.