Zscaler Announces New Study to Examine Hidden Vulnerabilities Found in Enterprise VPNs

Zscaler | February 17, 2021

Zscaler, Inc. (NASDAQ: ZS), the pioneer in cloud security, today announced another examination that analyzes hidden vulnerabilities found in big business virtual private organizations (VPNs) and spotlights the requirement for a zero-trust security way to deal with alleviate dangers. Distributed as a team with the Cybersecurity Insiders, the report incorporates discoveries from a worldwide study of in excess of 350 cybersecurity experts on the present status of far off access conditions, the ascent in VPN vulnerabilities, and the job zero-trust security models play in giving admittance to big business applications. To download the full examination, see the Zscaler 2021 VPN Risk Report.

Throughout the previous thirty years, VPNs have been conveyed to furnish far off clients with admittance to assets on corporate organizations. Notwithstanding, the expanded interest for distant work arrangements, a move to the cloud, and progressions in advanced change have revealed expanded inconsistency among VPNs and genuine zero-trust security designs. These inconsistencies, generally because of VPNs natural requirement for admittance to the organization, and should be presented to the Internet, have expanded the venture assault surface permitting danger entertainers to misuse these heritage models dependent on their innate trust of clients.

The 2021 Zscaler VPN Risk Report features the current VPN utilization by endeavors and uncovered the rundown of top difficulties looked by IT overseers who oversee VPNs. It suggests security options that exist for organization and security pioneers needing to give quick, consistent and secure admittance to business applications without bargaining their current zero trust security methodologies, and incorporates information that gives a brief look into the job that zero trust will play later on for far off access. The review discoveries show:

• 93 percent of companies surveyed have deployed VPN services, despite 94% of those surveyed admitting that they are aware that cybercriminals are exploiting VPNs to access network resources.
• Respondents indicated that social engineering (75%), ransomware (74%), and malware (60%) are the most concerning attack vectors and are often used to exploit users accessing VPNs.
• With nearly three out of four businesses concerned with VPN security, 67% of organizations are considering remote access alternatives to the traditional VPN.
• As a result of growing VPN security risks, 72% of companies are prioritizing the adoption of a zero-trust security model, while 59% have accelerated their efforts due to the focus on remote work.
• Looking at the future need for zero trust services, the report states that 77% of respondents indicated that their workforce will be hybrid, with greater flexibility for users to work remotely or in the office.

“It’s encouraging to see that enterprises understand that zero-trust architectures present one of the most effective ways of providing secure access to business resources,” said Chris Hines, Director, Zero Trust Solutions, Zscaler. “As organizations continue on their journey to cloud and look to support a new hybrid workforce, they should rethink their security strategy and evaluate the rising cybersecurity threats that are actively exploiting legacy remote access solutions, like VPN. The more secure approach is to completely leave network access out of the equation by taking the users securely and directly to the applications by brokering all user to app connections using a cloud-delivered zero trust access service instead.”

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.


House of Brick Technologies, LLC received partial financial support from both EMC Corporation and VMware, Inc. for the research and writing of this white paper. However, the opinions and conclusions expressed in this paper are those of House of Brick, and not of any other company or individual. The third party products referenced in this document, including from VMware, EMC, Oracle, and Microsoft, are copyrighted to their respective owners.


House of Brick Technologies, LLC received partial financial support from both EMC Corporation and VMware, Inc. for the research and writing of this white paper. However, the opinions and conclusions expressed in this paper are those of House of Brick, and not of any other company or individual. The third party products referenced in this document, including from VMware, EMC, Oracle, and Microsoft, are copyrighted to their respective owners.

Related News


SoftServe Achieves Master Services Competency in Cloud Native Field with VMware™

SoftServe | August 03, 2022

SoftServe, a leading digital authority and consulting company, has been named a principal partner in VMware’s Certified Application Modernization listing. This recognition marks the first year SoftServe has been named a high-valued partner for innovative services in the Cloud Native field from VMWare, further deepening cooperation between the companies throughout Europe. “These achievements are significant milestones for us, and they reinforce recognition of our continued commitment to learning and developing with our partners and customers, We are honored to be recognized by VMware as a high-valued partner and trusted advisor in Application Modernization for our customers through cutting-edge solutions and services.” Volodymyr Semenyshyn, SoftServe’s EMEA president This is the second master services competency (MSC) in the Cloud designation for SoftServe. The company’s first MSC is for its capabilities in VMware Cloud on AWS. Leveraging both achievements, the company deploys modern application technologies to help clients maximize and run applications across private and public cloud environments without limits. SoftServe is a principal partner, the highest tier of partnership through VMware. SoftServe boasts more than 20 VMware-certified architects who utilize their experience and strategic skills to create innovative roadmaps and bolster infrastructures for our clients across key industries. SoftServe's reputation as a trusted adviser in delivering cloud transformation combined with VMware Cloud solutions solves today's most pressing technology challenges. Through collaborating, the cloud migration journey is simplified and clients save time and reduce operating costs as they build and deploy modern apps and APIs. About SoftServe SoftServe is a digital authority that advises and provides at the cutting-edge of technology. We reveal, transform, accelerate, and optimize how enterprises and software companies do business. Our end-to-end solutions and expertise deliver innovation, quality, and speed across the healthcare, retail, energy, manufacturing, and financial services verticals. We empower enterprises and software companies to (re)identify differentiation, accelerate solution development, and vigorously compete in today’s marketplace—no matter where you are in your journey. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More


VMware Advances Its Anywhere Workspace Platform

VMware | June 06, 2022

VMware Inc., a leading business software pioneer, announced enhancements to its VMware Workplace ONE anytime workspace platform that will make it simpler for IT teams to manage and protect all employee devices. Workspace ONE Mobile Threat Defense for superior mobile device security is one of the new features. Improved update/patch management capabilities for Windows OS devices Shankar Iyer, senior vice president and general manager, End-User Computing, VMware said that “As the frequency and sophistication of threats continue to intensify, IT teams need a way to proactively detect threats across the entire device population and respond quickly. That is a tall order for taxed IT and Sec-Ops teams. VMware Workspace ONE is ideally suited for the new security realities of enabling a hybrid workforce. Leveraging intelligence and injecting automation in every step of the process, it simplifies IT operations, improves security against modern threats, and empowers the best employee experience across any device, anywhere.” Best-in-Class Mobile Device Security The mobile threat environment is broad nowadays, and mobile workstyles need specific security against phishing and application, device, and rogue network-based attacks. VMware Workspace ONE Mobile Threat Defense, a new add-on to the market-leading Workspace ONE UEM platform, raises the bar for mobile security. It includes mobile security technology from Lookout, a market leader. Application-based risks, such as mobile malware, app vulnerabilities, and unsafe application behaviors and setups, are addressed by the solution. Phishing using email, SMS, and messaging applications exposes web and content vulnerabilities. Malicious URLs, malicious online pages, videos, and images, as well as site and content behaviors and setups, are all included. Device vulnerabilities and zero-day threats, including jailbreak and root access detection Device risk includes operating system version and update uptake. Machine-in-the-middle attacks include dangerous activities such as SSL certificate stripping, forcing weaker algorithm negotiation, abnormal application network connection activity, and vulnerabilities linked with rogue Wi-Fi. Workspace ONE Intelligent Hub can be used to enable application, device, and network security through Workspace ONE Mobile Threat Defense. This means that there are no separate applications or agents to download or install for IT, and essential information – such as alarms and proposed remedies – is communicated through a resource that workers utilize on a regular basis.

Read More


Vultr Talon Cloud Virtualization Provider Now Available on Beta

Vultr | May 27, 2022

Vultr, a leading independent cloud infrastructure provider, announced today that Vultr Talon, powered by NVIDIA GPUs and NVIDIA AI Enterprise software, is currently in beta. Vultr Talon, a ground-breaking cloud-based platform, enables GPU sharing, allowing several workloads to execute effectively on a single NVIDIA GPU. Vultr is the first cloud service to provide GPU sharing by virtualizing NVIDIA A100 Tensor Core GPUs. Vultr is launching a set of virtual machine (VM) packages incorporating the NVIDIA A100 today, with prices beginning at $90 per month, or $0.13 per hour. Breakthrough Cloud Platform Enabling AI Workloads at a Fraction of the Cost Vultr Talon is powered by a cutting-edge NVIDIA GPU virtualization technology based on NVIDIA's vGPU software. Rather than connecting whole real GPUs to VMs, Vultr adds just a portion in the form of a virtual GPU (vGPU). The NVIDIA AI Enterprise software package, which incorporates NVIDIA vGPU software and is geared for remotely performing AI workloads and high-performance data analytics, powers these vGPUs. A vGPU appears to a customer's system just like an actual GPU. Each vGPU has its own devoted memory, which is a fraction of the memory on the underlying card. The vGPU has access to a fraction of the computing capacity of the actual GPU. NVIDIA's Multi-Instance GPU (MIG) technology is utilized for Vultr plans with at least 10GB of GPU RAM to give tenants with assured QoS, completely isolated GPU high-bandwidth memory cache, and dedicated compute cores. High-end GPUs can cost hundreds of dollars per month to rent. While this cost is often justified for the most demanding corporate workloads, for many enterprises and developers, the cost of even a single GPU might be prohibitive to getting started, experimenting, or running apps in development and testing environments. Even organizations with large IT budgets may wind up losing money by supplying more GPU capacity than required or just electing not to use GPUs at all. At Vultr, we pride ourselves on making high-performance cloud infrastructure affordable for everyone. With Vultr Talon, we have turned the GPU delivery model upside down. Because of our breakthrough cloud platform, AI developers and data scientists can provision exactly as much NVIDIA GPU processing as they actually need, at prices they can afford.” J.J. Kardwell, CEO of Vultr’s parent company,

Read More