Zscaler Posture Control (ZPC) is a multi-tenant software-as-a-service (SaaS) platform that detects and responds to cloud security risks and helps businesses adopt the digital transformation journey towards the cloud faster. The service enables your organization to correlate across multiple security engines to prioritize hidden risks caused by misconfigurations, threats, and vulnerabilities, and achieve continuous security, compliance, and governance. ZPC offers data protection, high availability, and resiliency for all imported, stored, and exported data types. ZPC leverages cloud service provider APIs to connect to your hybrid, multi-cloud environments and collect real-time configuration metadata for your cloud infrastructure, such as web servers, databases, and virtual machines. ZPC evaluates the metadata and offers visibility into your risk, compliance, and security posture.

ZPC continuously monitors your cloud resources and detects vulnerabilities in your cloud resources, misconfigurations in DevOps workflow, as well as threats like ransomware attacks, account takeover, privilege escalation, etc., once the business applications are deployed in the cloud infrastructure across Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Kubernetes.

ZPC is part of Zscaler Cloud Protection, a comprehensive multi-cloud security platform covering misconfigurations, entitlements, exposed attack surfaces, lateral threat movement, and data loss.

ZPC comprises functionality previously covered by several point products, including:

• Cloud Security Posture Management (CSPM): Ensure cloud resources have proper configurations for authentication, data encryption, internet connectivity, and more for compliance and a strong security posture.
• Cloud Infrastructure Entitlement Management (CIEM): Identify and remediate excessive permissions that humans and machines have by using machine learning analysis for increased visibility into access policies, resource policies, actions, and roles.
• Security and Compliance: Benchmark and validate public cloud configurations against best practices standards and compliance frameworks to report misconfigurations, policy violations, and automate remediation.
• Infrastructure-as-Code (IaC) Security: Monitor your IaC infrastructure and implement security controls to address any misconfigurations or security issues before deployment and thereby ensure the code is secure and compliant with standard security policies.
• Vulnerability Management: Monitor and detect any known vulnerabilities and security weaknesses in the cloud infrastructure and take immediate action to protect networks from potential threats.

Key Features and Benefits

How Does ZPC Work?

ZPC implements the following process to achieve continuous security, compliance, and governance for your cloud infrastructure:

• Discover assets, identities, and sensitive data: Works with read-only access to cloud environments (AWS, Azure, and Google Cloud). It collects metadata information that gives consolidated visibility of deployed assets, identities (human and non-human), sensitive data, configuration, and associations across the environment.
• Detect misconfigurations, entitlements, and data exposure: Compares discovered configurations, identity permissions, and data access against built-in security policies and best practices, and identifies misconfigurations and policy violations at the security policy and resource level. It also provides a complete mapping of security policies within various compliance frameworks. Intuitive dashboards and reports help review this information.
• Remediate violations: Provides remediation for every security policy, identity and access misconfigurations.
• Agentless deep scanning: Avoids developer friction and blind spots with an API-based, agentless approach. ZPC scans container images in registries and VMs in production environments to identify and prioritize risk.
• Full life cycle cloud security: Shifts security left to detect and resolve issues early in the development phase before they become production incidents. ZPC monitors automated deployment processes and sends alerts when it identifies critical security issues in CI/CD tools like Jenkins, GitHub actions, and code repositories like GitLab and GitHub.
• Intelligent threat protection: Leverages threat intelligence from the Zscaler ThreatLabz research team to gain a holistic view of the threat landscape and block malicious activity and future attack paths.