Cyber threat protection policies protect your users from a variety of security threats. Zscaler offers the following types of cyberthreat protection:

• Isolation: uses browser isolation to open suspicious URLs which have not yet been categorized in a remote browser in a Zscaler data center. These include newly registered URLs, dormant URLs, as well as URLs which have not yet been observed and categorized by Zscaler.
• Botnet Protection: protects your users from botnets with a series of methods including blocking known command and control (C2) servers, blocking domain generation algorithms, and examining potential botnet traffic.
• Phishing & Fraud Protection: blocks known and suspected phishing sites, and blocks adware, spyware, web spam, and cryptomining to protect your users from fraud.
• Malicious Active Content Prevention: blocks a number of vulnerabilities that may cause users to download malware, including websites that attempt to load dangerous content, exploitable file formats, and web browser vulnerabilities.
• P2P Protection: blocks the use of peer-to-peer filing sharing applications, many of which encrypt content so they cannot be inspected for data leakage.
• Malware Protection: blocks malware by inspecting inbound and outbound traffic, HTTP, FTP, and FTP over HTTP using signature-based detection and protection using malware feeds from trusted industry partners.
• Zero-Day Attack Protection: isolates and analyzes zero-day threats in a sandbox environment.

During onboarding, Zscaler sets up its default cyber threat protection policies. You can fine-tune these policies later in the Admin Portal. To learn more, see Configuring the Advanced Threat Protection Policy.

When you are done reviewing the cyber threat protection policies, click Next to move on to review the data protection policies.