Thought Leadership

Nov 8, 2022

Voices from Validate – Simplifying Posture Management

Zscaler shared how zero trust, MITRE ATT&CK, and breach and attack simulation (BAS) can work together to optimize cloud security posture management across complex environments.

Earlier this year, SafeBreach held its first-ever Validate Summit at Levi’s Stadium in Santa Clara, California. This in-person event brought together top cybersecurity leaders and innovators to discuss the changing requirements to build and optimize a proactive security organization.

A representative of Zscaler’s product management team sat down with Itzik Kotler, CTO and co-founder of SafeBreach, for a fireside chat focused on how the Zscaler Zero Trust Exchange platform and SafeBreach breach and attack simulation (BAS) go hand in hand. 

In this edition of our Voices from Validate series, we unpack their chat to uncover how our joint solution integration helps organizations improve security posture and how BAS is essential technology, especially for organizations leveraging zero trust and the MITRE ATT&CK framework. 

Zero Trust Validation

“As our network environments become more complex, you can’t expect humans alone to manually assess security posture. Automation and visibility across the board are essential, as is the ability to continuously validate the what-if scenarios.” – Zscaler

The discussion began with a look at the state of modern cybersecurity in the wake of the pandemic. With more people working remotely than ever before, organizations have had to quickly adapt to “perimeter-less” security environments. Although this distributed enterprise trend actually started years before the pandemic, it was immensely expedited by the wave of restrictions and policy changes brought about by COVID. And cloud security follows a similar storyline. It existed before 2020, of course, but it’s now become the accepted reality and new normal as data centers have moved to the cloud—and their security networks along with them. 

Zscaler noted that, despite all this digital transformation in recent years, security still has the same core challenge of verifying user identities. For instance, he may use his work station, laptop, phone, or other device—each with different levels of control in place—to access an application, which may live in a data center or the cloud, but all it takes is for one device to be breached, and his entire identity is compromised. When it comes to security validation, it’s not just the endpoint or infrastructure that matters, but also the identity of the user behind the access to an application.

The concept of zero trust was introduced to resolve the issue between all these moving parts. With so many different networks people connect with, zero trust focuses on identity by asking who is accessing what application. It can also add context around what device is being used and even what level of risk may be tied to the user, all with the aim of creating more secure connections.

Zero trust solutions like Zscaler’s allow us to extract security away from the network and bring it back to what matters: identity and applications. But regardless of how well zero trust is used and implemented, there still needs to be an automated, ongoing validation component. An organization’s security technology may be first-rate, but it’s ultimately only as good as its configuration and will always be prone to human error and lapses in judgment. This is where continuous security validation powered by a BAS platform like SafeBreach becomes critical.

More Than MITRE 

The conversation next shifted to exploring the role of the MITRE ATT&CK framework in security posture management. Over the past several years, MITRE has established a solid baseline by fostering a common understanding across the cybersecurity industry. They’ve introduced a general framework and taxonomy of adversarial tactics, techniques, and procedures (TTPs) in a way that can be incorporated into a range of security technology products and that also helps security teams evaluate the best tools for their needs from a holistic perspective.

Zscaler views BAS as the prime technology to consume MITRE techniques, simulate them, and optimize overall security posture. However, MITRE only goes so far in its coverage of the threat landscape. This is why continuous validation with BAS should never be limited by the scope of the ATT&CK framework. SafeBreach works closely with MITRE—both as a consumer and contributor—but our clients and partners like Zscaler also count on SafeBreach to provide truly comprehensive, real-time coverage that extends well beyond what the MITRE ATT&CK framework provides.

Zscaler & SafeBreach

Zscaler uses SafeBreach internally to assess the efficacy of its own products, and in turn, Zscaler’s partnership with SafeBreach enables our joint clients to assess their ecosystem configuration and make better use of the tools and capabilities they already possess. The SafeBreach integration with Zscaler Internet Access (ZIA), for instance, helps security organizations effectively validate and optimize their deployed network and cloud security controls and empowers security teams to proactively test their defenses to prevent network and cloud attacks.

To learn more about how Zscaler and SafeBreach have worked together to simplify cloud security posture management and optimize enterprise protection, check out the on-demand webinar below about our joint solution. And stay tuned for more Voices from Validate posts in the coming weeks as we continue to share industry-leading insights and perspectives from SafeBreach’s Validate summit.

Get the latest
research and news