Welcome to Zscaler Pulse, a monthly podcast brought to you by the Zenith Community team that is aimed at empowering our audience to better understand Zscaler products, the Zenith Community, and the zero-trust industry. We will go cover some updates around the Zenith Community, discuss advancements with Zscaler products, and highlight some key industry trends/news each month!
In today’s podcast, we get a community update from @vcotton17 our community lead as she discusses plans for the community and our upcoming Zenith Live event!
We also touch base with @rohit_goyal - Product Marketing Manager and @Vikas_Srivastava - Principal Product Specialist on ZDX and why monitoring can save you money, and time and NOT get your coffee (sadly).
Then we transition to discuss some top cybersecurity-related news and discuss how Zscaler can help mitigate those impacts.
Links
Zenith Community: https://community.zscaler.com
Zscaler Academy: Zscaler Academy
ZDX Landing Page: Digital Experience Monitoring | Zscaler Digital Experience
Mentioned News Articles
New MacStealer malware steals iCloud Keychain data and passwords — how to stay safe (Tom’s guide)
Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse (Dark Reading)
Zscaler Extends CNAPP Capabilities with Integrated Data Loss Prevention and Threat Intelligence from the World’s Largest Security Cloud (IT Security Wire)
Transcript
Hey everyone. Welcome to Zscaler Pulse, a monthly podcast brought to you by the Zenith community team that is aimed at empowering our audience to better understand Zscaler products, the Zenith community, and the zero trust industry. We’ll cover some updates around the Zenith community, discuss advancements with Zscaler products, and highlight some key industry trends and news every month.
Hey everyone. I’m Ben Garrison, technical moderator, knowledge manager of Fruit of the Community here at Zscaler, and I’m joined by beneath the Cotton. Community lead here at Zscaler. Hi Vanitha. How you doing? Hey, how’s it going? We also have two special guests today, um, that are gonna join us and talk to us a little bit more about some z DX and monitoring.
We have Rohit Goyle, director of of, uh, product marketing manager with our Z DX team. Hi Rohit. How you doing? Good, how are you doing? Thanks for having me on. I’m doing great. Doing thanks. Thanks for coming on. Um, and we also have, uh, Vics Srivastava, I said before this show, I was not gonna try and slaughter his name, so I did my best.
He’s a principal for product specialist. Thanks. Uh, Vic Os is the principal product specialist with Z dx. So, um, can’t wait to talk to you both about Z dx and monitoring. Um, here later on in the show, I know I’m a nerd and uh, you know, I like, like to talk about that kind of stuff. But, uh, uh, we’re first gonna kick it over.
We’re gonna talk a little bit about community, cuz that’s what we’re doing here is as a community program. So we’re gonna talk about some, uh, some community with Beha. Beha, what do you got for us today before we’re on the community?
All righty. So this is the first of our exciting podcast series. So, hi, I’m Bernita Carton.
I’m the community lead for Zenith community at Zscaler. Welcome to our community. Highlights. Over the past month, we’ve had over 300 new posts on the community, and we would like to highlight a few of those just as you know, a starting point for you to get more familiar with our community. So Zscaler provide d n s services follow up.
This was posted by one of our influencer trailblazers, Alex, and has enjoyed over 180. Uh, we have certification Champions of February every month. We like to celebrate our certification champions, folks who have taken the time and the effort to get certified in the various courses offered by Zscaler. And so we celebrate these folks every month.
You can see our posts on social, on LinkedIn, and on the community, and we have tremendous number of impressions on this post as. Well on the community. We also like to keep track of all the happenings in the world, all these significant days. So of course, March was the International Women’s Day. We celebrated this on our Zenith community by celebrating one of our own.
We have Cindy Bennet, who is a sales engineer, and we have followed her career journey through the world of cybersecurity. A really interesting. And about her life, about her career and the kind of advice that she has for young women, men and women, young women specifically, uh, wanting to get into the industry and what some of her challenges were and how she overcame them.
So this, um, obviously. Was spotlighted and it gained a lot of traction and momentum on the community. Now I know we are going to speak to Rohit today. Um, he’s one of our, um, SMEs, subject matter experts on Z dx. So we did release a Stinger, a Community Video Stinger, and this was welcome to Z Dx with Rohit Goyle.
And, um, it has, I, I believe, over a few hundred impressions across social media and on our community. We always like to release some incredible insights into our solutions and products. We wanna make sure that we have significant viewpoints from our SMEs if we haven’t already seen it. Please do visit the community.
Look at this video recording. You have a 10 minute segment, which is an extended view on the community, and of course on LinkedIn we have the teaser view and the best part is on the community. Also get to download the ebook that was written by Rohit. Now, obviously, if you’d like to read these very interesting topics, have a look at some of these videos, please go to the community, make sure you register, log in and visit us often because there is, it’s a highly, uh, subscribed to a community.
It’s a highly well documented community, and I’m sure you’ll be able to gain a lot of insight into the world of cybersecurity and more specifically around Zscaler products and solutions. So moving. Um, March has been an incredibly busy year. You know what, I have my notes here. I don’t mind saying it. I need to be able to hit a lot of points here, so bear with me.
March has been an incredibly busy month. Uh, with so many plan announcements, we are gearing up. For a full community migration from our current platform, the new design is going to be a new experience, a new robust experience in a new environment. And this is completely targeted towards our partners, customers, employees, uh, and our prospects.
And we want to make sure that we are going to reveal this by the end of May. And as you all. If you’re tracking with cybersecurity, XNET Live, which is the the biggest cybersecurity event of the year, is coming up in June, and we wanna make sure that we have our robust platform up and running for you before Xnet Live kicks off.
So talking of Xnet Live, amazing concepts in play right here. Last year, I don’t know if you attended Zeni Live in person, but we had a phenomenal community booth experience. We. Three specific community archetypes that we kind of melded with spirit animals. So we had the influencer who was the lion? We had the advocate that was an octopus.
We have engagers that were bees, and there were people who were actually able to relate. To these community archetypes. And of course we had a phenomenal swag giveaway. So that was by, by day two of the of the experience. Almost everybody was wearing community T-shirts that made us feel really great.
Everyone always loves swag. Back this year, everyone always loved swag.
Everyone loves swag, everybody loves t-shirts. And, um, it, you know, it’s, it’s, it makes you feel good when everyone is wearing your t-shirts and walking around and they’re cool concepts. They’re a little cartoony, but at the same time, people are wearing it with so much of, you know, pride and it’s, it’s
amazing.
I am wearing the shirt that has Yes, you are onto, So there’s the bees, there’s the lion, there’s the octopus. You know, I’m always on brand here, over at the zine of the community. You are Ben.
You’re always on brand, that’s for sure. But you know, this year we have these archetypes, but hey, we have a new archetype.
You know, no spoilers here, but you need to, you need to actually be a part of Zeni Live to know what is this fourth amazing archetype that we are going to unveil at Zeni Live. And of course we have the t-shirts, we have swag, we have some. Cool. Other swag, but more importantly, we have a phenomenal agenda.
We are going to have our SMEs talking. We are going to have our, um, you know, our influencers talking. You might get to meet them at the booth, both at Vegas and in Berlin. We actually have them spending time with us, talking to us about what it means to be a technology partner with us, or a customer with us, or you.
Just as a member of the community to be able to engage, help peers, what makes them do it, and why is it important to be a part of the community and why the community should be your number one stop when you have an issue to resolve. Very, very important. So it’s going to be super awesome. Now, uh, similarly, just a quick thing on the virtual part of the event, we are gonna have a lot of on demand.
Kind of like this. Um, you know, we are going to have, uh, our SMEs speaking, our product manager speaking, our, uh, project marketing managers, product marketing managers speaking. We have other SMEs within the industry. So, uh, have a lookout. It’s going to be a phenomenal experience. And, and again, go to the community.
There is a post there, you know exactly how to resist for the community. Well, I’ve. Nonstop. I can speak all day, but man, I need to give Vic Cousin and Rohit a
chance to, there was a couple things you said in there. You, you touched on swag. Yeah. Um, and I can’t confirm or deny that I may or may not sleep in my Zenith community t-shirt.
It might just be a staple of who I am. Just kidding. Um, maybe, I don’t know. Um, but you said go to the community a couple times, but you never told them how to go to the community beneath.
Community zscaler.com. Thank you very much. You are a very important community. Do zscaler.com please go ahead, register, log in, engage with the content.
We have over 25,000 pieces of content there. Um, really credible sources from our SMAs, from our sales engineers and from our customers and partners. Uh, huge plethoras, incredible
information. That’s awesome. You know, and, you know, we also do, I have a pleasure of doing those spotlights, like with Cindy Bennett on the celebrating with International Women’s Day.
I also get to do the spotlights for some of our community members as well. The last one that we did, um, I did with, uh, Ramish Manny, and he’s a security solution architect located out of the city of Chennai in. Chenai in the Bay of Bengal. Uh, he’s been, he’s been leveraging Zscaler since 2013, has been active on the ana, the community since 2019.
And one of the things that he said in his quote is that, uh, community helps him build good people relationships, which makes our lives easier as the ideas, thoughts, and experiences are shared within the community. And I really thought that was just super amazing. And if you want to read more about, um, remission and the spotlights that we do with him, or just all of our members that we.
On the community, again, community dot z gill.com. You can go read his story and a few others that we’ve done, um, recently in the past. So a lot of cool stuff on the community. Not to mention, you get the, you get the technical stuff on how to do things. Um, you can have your questions answered from other community members and, and professionals.
But then we also, you know, can tell stories about people and, and celebrate their successes. So, um, come check us out. Uh, I think it’d. Fabulous. Well, thanks so much. We’re gonna shift gears just a little bit though. What, do you have something else you wanted to say? No, I was like, what else you got? Oh, I got, I got, I got, we got all day.
We got, well at least for the next hour or next 40 minutes. So, yeah. Um, we got a lot to talk about. So we’re gonna switch gears just a little bit, and again, we’re gonna reintroduce here Rohit and Vic Os and these two are focused here at Zscaler on our Z DX capabilities. And, uh, I’m super excited to have them on the show.
And I’ve said Z DX a few times. What the heck is Z dx?
Yeah. Yeah. No, uh, you know, I’ll add to that. It’s funny because, uh, we always, uh, sometimes, uh, on the product side, we get so much into the, the actual product, you know, acronyms we have, and we don’t take a second to explain what they are. So Zscaler, uh, digital experience is what Z DX stands for. And, you know, the, the great thing is that we launched this, uh, because we are seeing that, you know, based on customer feed, They wanted insight into the platform, right?
They wanted insight into end user experience, and they weren’t getting that with a lot of what they have today. Um, they may have had point solutions, you know, along the way where they can get visibility into different parts of the, their environment, whether they’re looking at, you know, the laptops that people are using.
Uh, or maybe they’re looking at, you know, part of the network, uh, so diving into like ISPs or wifi, things like that. But, um, they’re just not getting that holistic view. So what we did is, you know, we built a pretty cool solution to be able to give you that visibility. Really from, from that endpoint all the way up to the application and, and you know, absolutely that’s
insight.
Um, Roy, and uh, just to add to that, uh, traditional approach to monitoring is more, uh, like siloed in nature, right? So there are tools either too much focused on device or too much focused on network or the application from a CDX perspective, we bring all of them together, right? We bring all of them together and give it service, test, network.
One place to go and you know, look for problems and quickly being able to troubleshoot that
so. So is Z Dx then not just a basic troubleshooting tool for zero trust environments? Yeah,
I would say it helps with troubleshooting, but it also helps with continuous end user experience monitoring. As well.
Right. Okay. Making sure your user experience, no matter where they’re working from, working from home, working from a coffee shop, right? Like in today’s hybrid world. So we are continuously monitoring their experience and being proactive if there are any trouble and issues, uh, when they’re working from home or, you know, uh, when they’re accessing
their applications.
Yeah. And I, and I talk with Rohit about Yeah. Uh, a few things in the, you know, we have another video about, uh, an e-book that he written and some outage blogs. And so we’ll make sure that we also link that, um, in the description of this and then in the transcripts and that kind of stuff. So you can go watch that video if you really wanna learn more about it.
But, uh, uh, you know, Rohit or, or Vic Os, I mean, we know that Covid. Right. We know that when Covid hit a lot of IT teams and organizations had to quickly adopt strategies to overcome many IT challenges, right? But now that things are, in most cases, settling down a little bit, right? We have many IT teams adopting high bread environments if they haven’t already, or they’re trying to move towards that, or trying to flush out, you know, any kind of tech debt that they had over the last couple of years.
From your perspective, what’s happening in the industry as it, uh, overall as it relates to the hybrid workforce and how is that putting pressure on IT teams, specifically the teams that you had mentioned in the network operations and the service desk teams?
Yeah, so, uh, maybe I can take a stab at it and vi cost definitely jump in here, but like there’s, there’s definitely a lot of pressure with IT teams trying to figure. Hey, how do I troubleshoot an environment that I don’t own? So I went from a network of, you know, managing one network, which was my corporate environment, to managing, say we’ve got 10,000 employees and now I’ve gotta manage 10,000 networks.
And that all of a sudden, uh, put a lot of pressure on, on the IT teams, especially like right networking teams. Um, and service Desk would get, you know, imagine that, you know, everybody’s starting to use these, uh, zoom and Microsoft team applications. Um, you know, when they get, when they have trouble, they’re not able to connect and they don’t, they don’t typically have enough information to be able to troubleshoot that.
Um, so service desk teams end up basically just escalating up to like network operations teams. And that’s another, you know, impact that, you know, network operation teams are facing. Right. So they’re getting a lot more escalations. Um, and they, you know, they’re having to troubleshoot something that they don’t know.
Yeah. I mean, you know, it’s interesting that you, you talk about that, you know, And I feel like a lot of IT teams already have monitoring tools in place, right? Most organizations typically have something in place today, so why do they need yet another monitoring tool? What does Z DX do that these other monitoring tools either fall short on or, or why would we.
Why do we want to replace or, you know, be in a position to replace those other
tools? Uh, that’s a, that’s a great, uh, question, Ben. And basically, uh, it’s like, like you rightly pointed out, there are so many tools. There are tools which are, uh, focused on network monitoring. There are tools which are focused on, you know, maybe I T S M based device monitoring.
So, um, as I mentioned before, these tools generate lot of signals, right? And what it, uh, what the IT tools, uh, it. Teams end up with is too many alerts, which, uh, ends up resulting in alert fatigue, right? They have too many devices to look at. Too many, uh, places to look at for problems happening. But these traditional, uh, the traditional approach of monitoring, they don’t share context.
Right. And that is where Z DX comes in. And, uh, it is looking at, uh, the user’s wifi, the user’s process level information, the network, the user is traverse, saying, uh, doesn’t matter if they’re going direct to the internet or going via the zero trust exchange, right? Traditional monitoring tools are not able to provide visibility into the zero trust environment, right?
Because by. The lights just turned off in that whole place. So, you know, the traditional way of, uh, trace route and, you know, going path detection, just fail. This is where Z DX is, comes in very handy for it. And service desk tools, service desk teams to be able to, uh, quickly, uh, understand that you know what part the user is taking.
Is it the user’s local wifi, is it the user’s device or maybe the app itself and enable them to quickly get to the root cause of the problem? No.
Do, do you know what’s really interesting is what you brought there, uh, Vico in terms of like, uh, you know, doing trace routes as a former network engineer, my big thing was like, Hey, let’s pop open a console.
Let’s, you know, log in and let’s start doing some trace routes. But doing that in a corporate environment, probably it’s a little bit easier, right? I know what I, what to expect, but now I’m doing it across say, 10,000 users. How do we, how do we do that? How do we, and like, you know, um, I C M P, you know, typically fails depending on, you know, firewall policies, things like that.
So
how do we do a better, you were one of, you were one of those, those IT people that just looked for any excuse to show off their skills in Terminal Look, weren’t you?
Oh, why, why? I love it. I love diving into it, but now I don’t feel like I need to With
vdx, you start going at it and just like, yeah, I’m doing vib.
You don’t know what this is.
I would, I would add to that, right? Like, uh, we are talking about like. Normal network problems, but a lot of times, uh, uh, you know, a lot of time is spent by the network team trying to prove innocence that hey, it’s not the network. Yeah. Right. Um, and, uh, think about more complex problems where a user was on a team’s call or a Zoom call, right?
Mm-hmm. And, uh, they had a problem and they are reporting it after the fact that, Hey, I had a blip when I was talking, uh, or was sharing my. Uh, with traditional monitoring approaches, it’s too late. You know, the problem might have disappeared and, uh, you are no more able to fine to the root cause. With Z Dx, what I love so much about it is you have the ability to go back in time, look exactly on what’s going on with that specific meeting, what was happening to the user’s device, the network at that point of time, and get to the root cause of that issue.
We also have. AI driven root cause analysis, which helps the IT teams to be able to get, uh, machine learning, AI based analysis on problems. You know, so they can, instead of looking through the data themselves, they can get, you know, help from ai, uh, to quickly resolve the problem.
Yeah. In, in particular, when, you know, Vigas talking about, you know, Uh, finding that analysis. The cool thing in Z dx. Um, and, you know, Vigas has this awesome, uh, awesome blog where he talks about, like, some of the details there. He’s actually highlighting, Hey, there was a network change with my adapter. So all of a sudden I went from this one type of network to another one.
And that’s potentially why my, my wifi experience, you know. But like being able to get down to that granular level is really important for, you know it.
Okay, so we’re gonna play a game here. All right. It’s just gonna be a quick one. True or false? Okay. It’s just rapid fire, not thinking, okay, not thinking.
First thing that comes to mind. True or false? Can Z Dx help people? It teams close ticket faster. True. Vinita. True. True. Okay. Uh, Ken Z dx Help with. Having fewer escalations. Absolutely true. I say true. True. Okay. True. And do you think Z Z DX can help lower costs within an organization? Absolutely true.
Absolutely. Okay, true. Can Z DX get me coffee? You
can
try False.
Well, it can save you time so that you can go get your coffee. It’ll save me
time so that I can go get the coffee. Exactly.
We understand there’s word experience in zx, but it’s not the coffee experience. It’s
not the coffee experience. Okay. I need, I need to have Vim open in my caffeine in order to really get the full experience.
Um, Um, so I do know that we have a certified administrator exam, the Z dx um, admin exam that I know people can go take. If you want to learn more about that, I would definitely check that out. Um, where can they go to get the, to get that certification if this’s on the Zscaler learning portal?
Absolutely.
Yep. Yep. It’s on the learning portal. So, and, uh, we also have, uh, for customers and partners, uh, we have this, uh, solution demo center environment, which they can, uh, go ahead, subscribe to, and, uh, play around with a live Z DX
environment themselves. I I, I do have a question. This is really, this is kind of just off the top of my head here.
I’m just making stuff up as I go along for some of this stuff. Do organizations, would, if they, if they wanted to adopt Z Dx or they’re looking at Z DX to help reporting, is this something that can work with their current SIM tool or is it something that they’d have to replace their current SIM tool with?
So,
uh, I would take that Z Dx. Is the end, end user experience monitoring solution. So we aren’t replacing the same solution, but we can feed in, uh, using our, uh, open APIs into their SIM solution. So the alerts could go into their SIM solution, or if the customer is interested in pulling out data off from Z D X, they can use our open APIs to do that.
So, great question.
That’s awesome. That is awesome. Well, hey, thank you so much. I know. Any last, any last comments about Z dx?
I have one. It may not be the most technical one, but let me say it. Okay. So. In all of the organizations I’ve worked before, and I’m, I’m, my core skillset is user experience, right? And customer experience and product experience.
And, um, when you actually look at it, experience, user experience is something that is so low down the totem pole when it comes to, you know, um, companies and mindsets investing on the experience. Of the cool products that they build. To have Z Dx and have experiences a as an, as a part of the name itself means a lot to somebody like me where I go, okay, Zscaler truly focuses on the experience.
That the users are going to have when they use our products and solutions and the synergies that they bring and the importance that they give to the end user experience. Anyway, that was my 2 cents.
That was profound. That was not,
no, that’s awesome. That’s awesome. Yeah. Let me, let me quickly add to that.
So like, Um, you know, when you’re thinking about, you know, your initiatives internally and you’re thinking about, you know, some, some of the goals you have company-wide. And what we’re seeing from our customer base is that like, you know, they’re having challenges with like, bringing people back into the office and being able to help troubleshoot and be, provide a great experience no matter where the user is.
Um, that’s really key and that’s where some of our customers are, are really excited about something like z. The other one, which is, um, really, really interesting to our customers is that you’ve got security plus monitoring under one agent, and that makes it so much easier for people to deploy. So if you’re in it and you’re thinking.
Hey, I’ve gotta deploy this out. Um, CDX is
basically a toggle plus. I know there’s a lot of, there’s a lot of security or risk teams that when I try to minimize the number of agent footprint that’s within the organization, right? So yeah. To consolidate agent agents within their endpoints. This is actually a really good, a really good point to make.
Yeah. Yeah. And it’s a,
it’s a big, uh, you know, big differentiator in terms of. Lift for companies, uh, and then cost you, you mentioned cost in the beginning, uh, during that rapid fire, uh, piece. And the cost piece is really interesting because you can actually simplify things, right? So maybe you’ve got those point solutions Vic Cost was talking about, and you can say, okay, these are kind of coming up for renewal.
And maybe I can, I can leverage CDX to be able to solve those
challenges. Yeah. I mean, I think, I think, I’m pretty sure there’s objections to people not wanting to use Z Dx or wanting to, to, to, to adopt the monitoring tool. Um, I would, I would encourage them to get a demo, right? Can, how can they reach out and get a demo or see exactly what the monitoring can do, what’s the best path forward for someone who’s on the.
Come on, join the community. There we go. That’s what I wanted hear. Ding, ding, ding, ding.
Right. Absolutely. I mean, you know, we have you folks there. We have some incredible talent there. Some of the conversations that happen there are just fantastic and just so helpful. Yeah. You know. Hey, Ben, before you wrap, For whatever reason, I know that at the beginning of this, people heard from me.
I would love for not to put you on this spot, but I guess I’m putting you on this spot, is. Just talk to us a little bit before you end the show. That is, just talk to us a little bit about, uh, what people can hope to see or what, what kind of activities happening within the community with respect to conversations, so any strategic content and, you know, with the information architecture.
Anything, like, any insights that you’d like to share without being a story
there. There’s a lot, there’s a lot, you know, information architecture, we’re always, we’re always evolving the information architecture, and if you don’t know what that is, All that. All that really is, is that we’re trying to align our categories, subcategories and conversations and topics in ways that are around, uh, feature isolation or problem isolation.
To be able to help people either answer or find questions or ask questions in a more. Rapid way. Right. Um, obviously this is our new podcast that we’re really trying to get off the ground, which is going to really help in bringing a lot of that news and awareness and empowerment to everybody in a very condensed, uh, isolated way, right.
Distilled down to, um, kind of in your face. But we always want to expand on that, on the community to, to bring in a. More context when necessary. So there’s gonna be a lot that’s gonna happen within the communities, bring a lot of different content and a lot of different, uh, flavors of content. Video is just one of 'em.
Mm-hmm. We have, we have a lot of, for instance, I mentioned that we have a video series or a video that we published recently with, with ro hit and that obviously is gonna be a link in the description there as well that you can find. Um, but we also have another one coming up next month that we’re doing.
Yeah, and it’s gonna be kind of touching on a little bit how Zscaler saves money and, and, and that type of stuff. And so we have that type of content. And then we have another one for a really exciting feature release that we have coming up here pretty soon too. Not to, not to give you what it is, but it’s rough April 19th.
So, you know, just saying, just putting it out there that, uh, you might wanna stay in tune for that. So just a bunch of really cool things happening. Um, but just to wrap up the Z dx conversation, our new reality is that working from. Using apps everywhere, you know, is a, is a, is a strain on organizations, right?
Hybrid work has placed a challenge on IT teams driving up ticket volumes, right? And so Mon CDX monitoring helps with that, helps alleviate or mitigate that impact. Um, and then, uh, network operations struggle with too many ticket escalations and not owning the end-to-end network. Right, like, like Rohit was saying.
So, um, and you know, if you’re a service desk team, Z DX monitoring should be your friend. So if you are interested in that and you want to be a champion for Z DX within your organization, then let us know and we’ll definitely get you going on that. So, Um, Vics, Rohit, stick around because I have a really cool segment that I want to do here to wrap up.
And this is just kind of like cyber security news around the industry. Uh, has, nothing has, there’s one thing about Zscaler, the other stuff is just completely not relevant to Zscaler at all. Well, actually kind of is. We know we can help. It is. It is. We can help in these categories, but I was kind of hoping that everyone can just kind of give.
They’re color commentary to it. That’d be kind of fun. Right. Uh, so I’ll read, I’ll read the headline and a little snippet and, you know, we just go around real quick and everyone kind of give your thoughts like a quick, like 22nd what your thought is on that and, and maybe where you think that Zscaler might be able to fit or even, it’s just a funny comment.
I mean, I don’t. I don’t care. Like it’s just, it’s a podcast, right? We we’re, we do whatever we want within, within reason beneath it. I’m looking at you over there. Beha just bought a McLaren recently. I just wanna say that. Oh boy. I’m super jealous.
Yeah, it is fast,
that’s for sure. We were just joking. We were just joking about it.
Oh, very nice man. All right. Anyway, all. Tom’s guide just reported that New Max Steeler malware steals iCloud key chain data and passwords. What? So it goes on. So if you want Tom’s guide be link in the description as well to that article. So Max are currently under attack from a new info stealing malware, capable of a exfiltrating sensitive data stored in iCloud key chain, including passwords for your online attacks.
Reports Tom Guides as reported by the hacker. This New Mac malware has been dubbed the Mac dealer by researchers at the cybersecurity firm, upticks, who came across it while hunting for threats on the dark web. While many of the best MacBooks are vulnerable upticks notes in its report that Apple computers running Mac Os Catalina and later equipped with M one and M two chips are the most affected, wha.
That’s crazy. Yes. What?
Yeah. That is crazy. So, so if you have the latest, that’s where you’re,
you’re trouble, uh, I’m, I’m sure there’s gonna be a patch for it. So I guess go back to p the old school, not old school, but like best, best practice of, you know, making sure your stuff is patched. Right. Make sure there’s updates.
I’ll follow up on that to see if there is a patch, password. And change your passwords. Thank you. And change your passwords. Yeah, if they have, change your
passwords. Cyber a security.
All the rules change everything. Just change all your passwords and redo all of your two factors. Just redo everything. I, I I, I go read the article to see how, you know, if you’re affected.
I didn’t get that far in the article. I want, um, to, to in here. But I would definitely go read the article to see how, you know, you can tell if you’re affected or not.
But yeah, I mean in, uh, all honesty, I think like, you know, beyond, beyond that, like the Zscaler, you know, can help in a lot of different ways, right?
From limiting. So even if you get exposed, right? Mm-hmm. It’s about limiting your attack surface and thinking about how you can, uh, prevent, you know, prevent these things from Yeah. From being a bigger problem. Right? And I think that’s, that’s what you have to think. Like, hey, maybe okay, maybe some of these will get compromised.
Let’s limit that exposure so that, uh, that, you know, it doesn’t have, you
know, yeah, that’s software spread across the entire company. All right, next one up. According to Dark reading, I love that website, dark reading.com, if you haven’t been there. So, no, I haven’t. Say what, what’s it? It’s just, it’s a, another cybersecurity like,
oh, we published an article on DDX there.
According to dark reading, millions of pin tests show companies security postures are getting. What a lack of, and this is, here we go. Ready? This is, this is, I was thinking exactly of a couple of these of products on this one, but a lack of website protections, sender policy framework records, and uh, D n s set configurations leave companies open to phishing and data exfiltration attacks as reported on dark reading.
The risk score for the average company worsened in the past year as companies failed to adapt to data exfiltration techniques and adequately protect web applications. Company’s effective data. Exfiltration exfiltration risk increased to 44 out of a hundred with 100 indicating having the riskiest posture in 2022 from an average score of 30 in the previous year.
So it went up 14 points indicating that the overall risk of data being compromised has increased. And that’s according to the rankings by, I’m gonna slaughter this. I think it’s sim. Um, which crunches the data in 1 million pin tests, including 1.7 million hours of offensive cybersecurity testing within its production environments.
So in its 2022 State of Cybersecurity Effectiveness report published in March 28th, the firm, which was just yesterday, the firm noted that there are various, Persistent problems leading to increased risks, so for one with many companies are improving their adoption and the strictness of network and group policies, attackers are adapting to sidestep such protections and, and report the, the report stated so crazy.
You know what’s, you know what’s interesting there is that, uh, this, again, I used to do, we used, we always hired a company to do pentest against our environment. And the challenge is it’s always like a speed versus productivity issue, right? So like we had to get applications out, uh, fast mm-hmm. To make sure people are productive.
But you can’t always do these pen tests, um, against them. So sometimes you’re, you’re putting out these applications faster than you can, you can rely, rely on, uh, you know, the data from the pen test and you have to take the pen test with a grain salt too. There’s a lot of, a lot of like, high, medium and low is the way they categorize 'em.
So maybe you kind of focus on those highs first and then you get into the other ones because, uh, you could spend, you know, your whole time just, you know, trying to solve all those. But back to Zscaler, if you can. If you leverage Zscaler, you know, you, we limit, again, we limit the attack surface, so you don’t even get exposed to it in the first place.
So I think, you know, that in
itself is huge. And, and, and also, you know, you said, I feel affordability and, and the importance to cyber security are two really, really critical factors. Mm-hmm. And it’s a nice lead into your next podcast series is how these scale saves customers money. We’re
always plugging here, we’re always plugging.
At the same time, you know, let’s face it, you know, there’s, uh, there are companies that have, that are on-prem and then gone onto cloud. We in Zscaler, we were born in the cloud. Yeah. We are the real champions here. Yeah. We know our stuff. We know how to build the right products and solutions for our customers.
So there you go. You
know, well, RO hits, well, the RO hits and the Vic oss of Zscaler. Yes. They, they really know how to build the products. Um, right, right. We just, we just talk about 'em and pretend to be. Just kidding. Just kidding. Just kidding. Just kidding. Okay. So, um, last, last article, um, is actually about Zscaler, which is really cool.
This came out on March 15th. Um, this was on the IT security wire. Zscaler extends CNET capabilities with integrated data loss prevention and threat intelligence from the world’s largest security cloud. According to the IT security wire. There we go. Um, so Zscaler, the leader in cloud security, announced on March 15th, enhancements to the Zscaler Posture Control Strengthen its cloud native application protection, which is C N A P C N A P P capabilities with data loss prevention and threat labs threat intelligence powered by the world’s largest security cloud.
So integrating D L P and threat intelligence into posture control makes it the only. C a P that delivers an accurate cloud risk view by correlating risk, impact, and likelihood using sensitive data discovery and security signal. Deep insights into how incidents will occur and the resulting data exposure, uh, give DevOps and security teams an unprecedented understanding of where to focus their limited resources.
For example, an internet facing container with a critical unpatched vulnerability represents a significant risk because attackers can exploit it to gain access to personally identical. Blah. Personally identifiable information, B II P ii. With this new integration, organizations can reduce costs, oh my gosh.
And resources while staying agile and proactive in securing sensitive data and secrets in the public cloud. Wow. Talk about ra, how to wrap that up. That was a lot. That was a mouthful. PII is a lot. If you break, break that out. There’s a lot, lot to say. Lot to say.
Yeah, I mean, data loss prevention is key, right? So think about like all the different ways people, and people don’t always do it maliciously. I think that’s the, that’s the problem. Sometimes people are just, you know, uh, trying to be effective at their job and they’re like, Hey, what if I just copied this off to a u USB drive and, you know, uh, all of a sudden that’s a vulnerability, right?
So you have to be careful what people are doing. You know, part of it’s about education, right? Just letting them know, Hey, these are the things you do
and these are, or writing down passwords. Yeah,
look at me, but look at me. I’m sometimes,
or like, oh, the printer. The printer in the office is down. Because that never happens, right?
Yeah. The printer in the office went down, so I’m gonna save this or email it to my personal email address and then print it out when I get home because you know, I need to be able to get this job done because, you know, pressure deadlines, et cetera, et cetera, right? So those are things that although good intentions could lead.
You know, something else entirely, um, which is, which is not good. No, agreed.
Agreed. But hey, has any, uh, sorry man, I just wanted to make sure No, go for it. Has any finishing thoughts from you? You’ve been watching this show unfold,
this, this, this spiral, this. No. I mean, I,
I’m, I’m still thinking about the first one, which, uh, Ben mentioned about the key.
And I’m like, it’s being synced iCloud. So like what? You know, just make sure that once you’re changing your password, you’re not affected. Because even after you change your password, you are still, you know, open and vulnerable with, even if you check, go and change the password. So, yeah, a lot of good info.
Thanks.
Yeah. Yeah. And that, that’s kind of what we wanna try and do on this show, and I think that’s a good segue to kind of wrap up, right? We’re at the 40 minute mark. Typically, we wanna try to go for an hour, but this is the first one, so cut us some slack. But you know, our goal is to bring, you know, news about the Zenith community, news about Zscaler.
Bring in p, you know, pro product. Experts from the organization to talk to in a more transparent way to where it’s not just a webinar or another event, it’s more of a more of a casual way to talk about how things correlate. And then also co talk about the news that’s happening within the cybersecurity space.
And then also try to connect those dotted lines between Zscaler and what’s actually really happening within the industry. And so, um, these conversations can continue and should continue on. Zenith community. Right. Community dot z com. zena.com. Yes. Always plugging. Um, so you know, definitely come check that out and, you know, let’s continue the conversation there or wherever you’re seeing this content, it’ll be on YouTube.
I think we’re also going to be put, you know, pushing it to an actual podcasting platform, which is gonna be super nice in case you want to hear me. Hearing me without seeing me, trust me, it, it’s, it’s, you have to see me. You can’t, you can’t just listen to me. It’s, it’s not, it’s not gonna go well if you just have to listen to what I have to say.
So, um, but yeah, that’s, that’s the show. That’s the Zscaler Pulse brought to you by the Zena community team. Um, and this was our first show, so be sure to let us know how you, how you like it, and what you think. Join the community. We’re gonna have a post there. Give your feedback. If you don’t wanna do that, that’s great.
We’ll monitor the, the Ute YouTube, we’ll monitor the platform is where it’s at that has any kind of feed, get feedback capability. We want to hear what you think, and we wanna make sure we’re bringing really good content to you, um, to help you in, empower you to be, um, better, better professionals in this space.
So be sure to check us out each month and we plan on doing this every single month. Any last words from anybody? I wanted to say
thank you to. No, your time is so appreciated.
Yeah, thank you. Yep. Appreciate it. Thanks guys. I appreciate it, van Ethan, I’ll see you next time and I’m pretty sure you’ll message me on Slack eventually.
So yeah, give it three seconds. Give it three seconds. Take care everyone. Bye.
