Correlate disparate data for more effective risk management

The Zscaler Data Fabric for Security aggregates and unifies data across all your security tools and business systems. This rich source of security data truth serves as the foundation for the Zscaler Risk Management portfolio, powering feedback loops between products to drive even richer insights.

The Problem
Managing risk is a data problem

Security leaders struggle with dozens of security tools, each providing a view of risk for a specific domain. These tools create isolated data, in different formats, managed by different teams. With this siloed approach, it's next to impossible to holistically understand risk across your organization.

managing-risk-is-a-data-problem
Data Fabric for Security
Benefits

Power superior risk outcomes

get-layered-protection
Connect all your security data sources

Seamlessly connect data from any source and harmonize, deduplicate, correlate, and enrich it to construct a unified view of risk across your environment.

reduce-risk
Apply your business logic

Quickly create custom scoring, automated workflows, and grouping rules that reflect your unique business processes and organizational structure.

simplify-compliance
Report on the metrics that matter

Create the view you need with dynamic dashboards in a few clicks to showcase any combination of data from the fabric, using any factor or measurement.

streamline-policy
Get more from your Zscaler investment  

Benefit from robust feedback loops between the Data Fabric and your deployed Zscaler solutions, driving even deeper risk insights.

Details

Ingest

Take in data from any source, with support for JSON, JSONL, CSV, ZIP, XML, ZST, and ZSTD formats. More than 150 pre-built connectors simply require valid credentials for that source. New connectors can be developed in one to two weeks on customer request.

ingest-data-source-ui

Harmonize and map

Normalize entities of the same type, but with different names, and map the source data to the entity name in the data model. Customers can add any entity to the model at any time.

harmonize-and-map-ui

Deduplicate

Identify and deduplicate findings when multiple tools report on the same asset, vulnerability, user, and so on. This provides an accurate view of asset count, CVE count, and other factors while consolidating multiple remediations into a single work item.

finding-duplication-ui

Correlate and enrich

Recognize when multiple tools share details related to the same entity and correlate them, enriching the collective understanding of that entity. (For example, when an EDR tool shares a device's OS version, and an asset management tool shares the device name.)

Correlate-enrich
Use Cases

Reduce risk with a data-first approach

prioritize-vulnerabilities-based-on-risk

Understand the security gaps you need to focus on first, based on your own risk factors and mitigating controls.

Aggregate and quantify risk

See the full landscape of risk, including Zscaler and third-party sources, with the financial impact of specific risk factors.

Enable identity threat detection and response (ITDR)

Pinpoint and stop malicious users, inside or outside your organization, and stop their attacks before they do damage.

Our Connectors

If you have the data, the Data Fabric can use it

The Data Fabric for Security can support any attribute in your unique environment and custom tools. Bring all the data in your environment together—no matter how obscure or custom the source—to achieve a complete picture of risk. Leverage more than 150 out-of-the-box connectors to the most common security tools, cloud platforms, and more. Or, use our AnySource™ Connector to ingest data in a variety of formats to expand your security insights.

FAQ