Austin, TX – June 11, 2024 – CyberRatings.org (CyberRatings), the non-profit entity dedicated to providing confidence in cybersecurity products and services through its research and testing programs, has completed an independent test of Zscaler’s Zero Trust Exchange Security Service Edge (SSE). An SSE is a purpose-built cloud platform of integrated network security services designed to facilitate secure business use of the Internet. Zscaler received a “AAA” rating for Security Service Edge after achieving a 98.0% Protection Rate for blocking 98.05% of Exploits, 99.93% of Malware and 100% of Evasions.
The product was subjected to thorough testing using both clear text and encrypted traffic to provide a more realistic rating based on modern network traffic. Zscaler’s Zero Trust Exchange was measured against how it defended against 205 exploits, 7,140 malware samples and whether any of 1,124 evasions could bypass its protection using clear text and TLS/SSL 1.2 and 1.3 cipher suites.
Threat actors apply evasion techniques to disguise and modify attacks to avoid detection by security products. Therefore, it is imperative that an SSE correctly handles evasions. An attacker can bypass protection if an SSE fails to detect a single form of evasion. Zscaler resisted 1,124 out 1,124 evasions.
The combined measurements to determine the overall Protection Rate also included false positives, which is a key to correctly identifying and allowing legitimate traffic while protecting against malware, exploits, and phishing attacks. False positive tests assessed Zscaler’s ability to block attacks while permitting legitimate traffic achieving 99.86% for browsing and 96.85% for file downloads.
“Zscaler handled all use cases with ease and demonstrated that they could block attacks under a wide variety of conditions. Their offering should be on everyone’s short list,” said Vikram Phatak, CEO of CyberRatings.org.
CyberRatings is on track to test several other SSE vendors this year for Threat Protection along with Software-Defined Wide Area Network (SD-WAN), and Zero Trust Network Access (ZTNA) bringing together the Secure Access Service Edge (SASE) package of test results later in the year.