Zscaler to acquire Red Canary to boost AI-powered security ops
Zscaler has agreed to acquire Managed Detection and Response provider Red Canary as part of an expansion of its AI-powered security operations capabilities.
Zscaler stated that Red Canary's decade-long expertise in security operations enables customers to investigate threats up to ten times faster with 99.6% accuracy, aided by streamlined workflows and automated remediation. This acquisition will bring Red Canary's threat detection and response across endpoints, identity, network, and cloud workloads together with Zscaler's Zero Trust Exchange Platform and Data Fabric.
The companies said the combination will form a unified Security Operations Center with agentic AI that fuses AI-driven workflows and human expertise. According to Zscaler, the move is intended to help security teams improve the speed and efficiency in detecting, triaging, investigating, and responding to threats, while aiming to reduce missed signals and incomplete threat analysis that can leave organisations vulnerable.
Jay Chaudhry, CEO, Chairman, and Founder of Zscaler, said: "With our innovative AI-powered risk management services like Risk360 and the acquired data fabric technology from Avalor, we are disrupting legacy security operations just like we did with our Zero Trust ExchangeTM platform. The proposed acquisition of Red Canary is a natural expansion of our capabilities into managed detection and response and threat intelligence to accelerate our vision of AI-powered SOC of the future. By integrating Red Canary with Zscaler, we will deliver to our customers the power of a fully integrated Zero Trust platform and AI-powered security operations."
Zscaler reported that it provides protection to nearly 45% of the Fortune 500, running a cloud security platform that processes more than 500 billion daily transactions. Over its 15-year history, the company has developed AI-driven solutions leveraging a comprehensive dataset, such as Zscaler Digital Experience (ZDX) and Zscaler Exposure Management.
Red Canary has been recognised for its contributions to managed detection and response, being named a Leader in the Forrester Wave: Managed Detection and Response for the third year running and featured in the Gartner Market Guide for MDR for the past seven years. Within security operations centres, Red Canary's technology helps automate remediation workflows, improving efficiency in response processes.
Zscaler described the transaction as uniquely positioned to address operational pain points linked to missed signals and increased vulnerability from undetected threats. The companies expect that their combined platforms and expertise will provide organisations with the tools to address current cyber security challenges more confidently and with precise response capabilities.
Brian Beyer, CEO of Red Canary, commented: "For over 10 years, we've protected our customers by combining high-fidelity signals with agentic AI, behavioral analytics, and global threat intelligence—delivering fast, accurate, and high-quality threat detection and response. As part of Zscaler, we will elevate how IT and security teams address the rapidly shifting threat landscape with the strength of our combined technology and expertise. Zscaler's global scale and reach provide the resources and granular data needed to fuel advanced AI, threat intelligence, and detection engineering, giving us a broader view of adversary behavior while enabling faster innovation across the board. Both companies share a relentless commitment to quality, execution, and delivering exceptional outcomes for our customers."
The completion of the acquisition remains subject to customary closing conditions and regulatory approvals. The companies anticipate closing the transaction in August 2025.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
29-05-2025
- Techday NZ
Zscaler to acquire Red Canary to boost AI-powered security ops
Zscaler has agreed to acquire Managed Detection and Response provider Red Canary as part of an expansion of its AI-powered security operations capabilities. Zscaler stated that Red Canary's decade-long expertise in security operations enables customers to investigate threats up to ten times faster with 99.6% accuracy, aided by streamlined workflows and automated remediation. This acquisition will bring Red Canary's threat detection and response across endpoints, identity, network, and cloud workloads together with Zscaler's Zero Trust Exchange Platform and Data Fabric. The companies said the combination will form a unified Security Operations Center with agentic AI that fuses AI-driven workflows and human expertise. According to Zscaler, the move is intended to help security teams improve the speed and efficiency in detecting, triaging, investigating, and responding to threats, while aiming to reduce missed signals and incomplete threat analysis that can leave organisations vulnerable. Jay Chaudhry, CEO, Chairman, and Founder of Zscaler, said: "With our innovative AI-powered risk management services like Risk360 and the acquired data fabric technology from Avalor, we are disrupting legacy security operations just like we did with our Zero Trust ExchangeTM platform. The proposed acquisition of Red Canary is a natural expansion of our capabilities into managed detection and response and threat intelligence to accelerate our vision of AI-powered SOC of the future. By integrating Red Canary with Zscaler, we will deliver to our customers the power of a fully integrated Zero Trust platform and AI-powered security operations." Zscaler reported that it provides protection to nearly 45% of the Fortune 500, running a cloud security platform that processes more than 500 billion daily transactions. Over its 15-year history, the company has developed AI-driven solutions leveraging a comprehensive dataset, such as Zscaler Digital Experience (ZDX) and Zscaler Exposure Management. Red Canary has been recognised for its contributions to managed detection and response, being named a Leader in the Forrester Wave: Managed Detection and Response for the third year running and featured in the Gartner Market Guide for MDR for the past seven years. Within security operations centres, Red Canary's technology helps automate remediation workflows, improving efficiency in response processes. Zscaler described the transaction as uniquely positioned to address operational pain points linked to missed signals and increased vulnerability from undetected threats. The companies expect that their combined platforms and expertise will provide organisations with the tools to address current cyber security challenges more confidently and with precise response capabilities. Brian Beyer, CEO of Red Canary, commented: "For over 10 years, we've protected our customers by combining high-fidelity signals with agentic AI, behavioral analytics, and global threat intelligence—delivering fast, accurate, and high-quality threat detection and response. As part of Zscaler, we will elevate how IT and security teams address the rapidly shifting threat landscape with the strength of our combined technology and expertise. Zscaler's global scale and reach provide the resources and granular data needed to fuel advanced AI, threat intelligence, and detection engineering, giving us a broader view of adversary behavior while enabling faster innovation across the board. Both companies share a relentless commitment to quality, execution, and delivering exceptional outcomes for our customers." The completion of the acquisition remains subject to customary closing conditions and regulatory approvals. The companies anticipate closing the transaction in August 2025.
Techday NZ
30-04-2025
- Techday NZ
Sonatype updates Repository Firewall to target open-source malware
Sonatype has announced significant updates to its Repository Firewall, designed to enhance proactive malware protection throughout the software development lifecycle for enterprises. The enhancements are designed to help development, security, and data science teams block known and suspected malicious components at an early stage. The approach reduces the need for rework, prevents potential security incidents, and ensures consistent enforcement of policies across traditional, containerised, and artificial intelligence (AI)/machine learning (ML) environments. Malicious open-source packages represent a particular risk within the industry, as they often bypass traditional security solutions. These packages, which Sonatype refers to as open source malware, tend to evade detection by standard perimeter tools and can enter development environments before software composition analysis tools are activated. Sonatype's Repository Firewall identifies and blocks these malicious packages before they are downloaded, minimising exposure and protecting every entry point for open source and third-party components. As part of the new features, Sonatype Repository Firewall now integrates with Zscaler Internet Access (ZIA). This expansion delivers open source software intelligence and protection to the network perimeter. The combination of Repository Firewall and Zscaler is designed to prevent high-risk open source components from entering the development pipeline, giving developers increased confidence as risky elements are filtered out early. The integration aims to address the challenge of shadow downloads, which Sonatype defines as open-source components downloaded directly from public repositories onto developer machines, thereby circumventing internal controls. According to Sonatype's data, there has been a 32.8% rise in shadow downloads throughout 2024, illustrating the expanding risk facing organisations. By enforcing security measures both at the perimeter and within developer processes, the integration with Zscaler delivers what is described as end-to-end protection against open-source malware in DevSecOps environments. Tyler Warden, Senior Vice President of Product at Sonatype, stated, "Enterprises are doubling down on zero trust strategies, and that must include open source software and AI governance. By combining ZIA with Sonatype's intelligence-driven policy-based blocking, teams can proactively quarantine risky components at the point of ingestion, reducing attack surface, manual effort, and remediation costs — while increasing coverage and strengthening governance." The Repository Firewall now also includes support for Docker registries, allowing organisations to extend malware and vulnerability protection to container images alongside traditional package formats. This ensures consistent security and compliance across various deployment methods, including virtual machines, Kubernetes clusters, and cloud-native architectures. Developers can receive feedback and protections, regardless of whether containers are used for testing or production deployment, all without altering their workflow. Another addition is support for Hugging Face AI models. This feature brings the capabilities of the Repository Firewall to AI and ML components, giving teams the ability to detect and block potentially malicious or non-compliant Hugging Face models before incorporation into development workflows. Earlier this year, Sonatype researchers identified and addressed vulnerabilities in 'picklescan', a security tool on Hugging Face, which had allowed malicious AI models to evade detection. By applying stringent checks to AI models similar to those used for traditional open-source packages, organisations can guard against emerging threats, such as malicious PyTorch pickle files and other risky model payloads that might otherwise appear harmless. With developers and data scientists increasingly adopting advanced AI tools and model libraries, the Firewall is positioned to help maintain security and compliance standards. The firewall has also been enhanced with an automated malware detection system that works at scale. A new suite of application programming interfaces provides real-time malware insights, enabling detection and blocking of malicious components during any stage of the software development lifecycle. Organisations can automate detection and enforcement tasks across continuous integration and continuous delivery pipelines, security tools, and threat prevention platforms. This flexibility allows teams to specify how and where to restrict risky components based on their environments and risk definitions. Sonatype reports that its Security Research Team is actively monitoring the evolving threat landscape. The company's Open Source Malware Index for the first quarter of 2025 indicates substantial growth in data exfiltration packages over the past year. Repository Firewall is intended to address these challenges without disrupting developers.
Techday NZ
24-04-2025
- Techday NZ
AI use in enterprises soars but brings surge in cyber risks
A surge of over 3,000% in enterprise use of artificial intelligence and machine learning tools has been revealed by Zscaler's ThreatLabz 2025 AI Security Report, with significant security concerns arising alongside this sharp growth. The ThreatLabz 2025 AI Security Report analysed more than 536 billion AI transactions processed between February and December 2024 within the Zscaler Zero Trust Exchange platform. This study highlights real-world threats including AI-enhanced phishing, fraudulent AI platforms, and increased risks related to agentic AI and open-source models such as DeepSeek. The report found that ChatGPT dominated usage, accounting for 45.2% of all AI/ML transactions, making it both the most popular and the most-blocked AI application. Grammarly and Microsoft Copilot followed as the second and third most-blocked tools, reflecting widespread enterprise concerns about data leakage and unsanctioned use of these platforms. "We had no visibility into [ChatGPT]. Zscaler was our key solution initially to help us understand who was going to it and what they were uploading," said Jason Koler, Chief Information Security Officer at Eaton Corporation. Agentic AI and the open-source DeepSeek model have opened new avenues for threat actors to exploit AI technologies, allowing them to automate and scale attacks at an unprecedented rate. The report notes that DeepSeek, originating from China, has begun to challenge established American players such as OpenAI, Anthropic, and Meta, providing strong performance, open access, and affordability, yet also introducing significant security challenges. Enterprises provided substantial data volumes to AI tools, sending a total of 3,624 terabytes during the review period. This data movement signifies deep integration of AI into business operations. However, organisations blocked 59.9% of all AI/ML transactions, reflecting heightened awareness and proactive efforts to manage risks around data exposure, unauthorised access, and regulatory compliance. "As AI transforms industries, it also creates new and unforeseen security challenges," said Deepen Desai, Chief Security Officer at Zscaler. "Data is the gold for AI innovation, but it must be handled securely. The Zscaler Zero Trust Exchange platform, powered by AI with over 500 trillion daily signals, provides real-time insights into threats, data, and access patterns—ensuring organisations can harness AI's transformative capabilities while mitigating its risks. Zero Trust Everywhere is the key to staying ahead in the rapidly evolving threat landscape as cybercriminals look to leverage AI in scaling their attacks." Regionally, Australia has emerged among the top generators of AI/ML transactions, alongside the United States, India, Canada, Germany, Japan, and the United Kingdom. In the Asia-Pacific region, India led with 36.4% of activity, followed by Japan (15.2%) and Australia (13.6%). The global distribution saw the United States with 46.2% of transactions, followed by India (8.7%), the United Kingdom (4.2%), Germany (4.2%), Japan (3.6%), Canada (3.6%), and Australia (3.3%). The finance and insurance sector generated the largest share of enterprise AI/ML traffic at 28.4%, with manufacturing following at 21.6%. The services (18.5%), technology (10.1%), healthcare (9.6%), and government (4.2%) sectors also showed substantial AI/ML activity, each encountering unique regulatory and security challenges amidst new AI-driven use cases such as fraud detection, risk modelling, supply chain optimisation, robotics automation, and customer service automation. "The rapid rise of AI adoption across Australia and New Zealand is reshaping the way employees and organisations work, driving productivity and unlocking new possibilities. Industries like finance and manufacturing are leading the way, but this surge in AI usage also shines a spotlight on the urgent need for robust security measures to protect sensitive data and sustain innovation," said Eric Swift, Vice President & Managing Director, Zscaler Australia and New Zealand. "At Zscaler, we're seeing AI usage skyrocket—ThreatLabz has recorded a staggering 36-fold increase in AI transactions year-on-year globally. While this surge is helping businesses supercharge their operations, it also brings new cyber risks that we can't afford to ignore. The Zscaler Zero Trust Exchange is here to help businesses confidently embrace AI. With unmatched visibility, control, and security, we're ensuring that organisations in Australia and New Zealand can scale their AI adoption safely, boost innovation, and build trust in how sensitive information and data is handled." The report indicates that, while the adoption of AI is delivering substantial productivity gains, it has also exposed organisations to a "rapidly evolving threat landscape". The need for upskilling is pronounced, with 83% of Australian business leaders prioritising AI adoption by 2025 and 40% identifying training as essential. Zscaler continues to promote its zero trust security model as a measure to address these emerging risks. Key strategies detailed in the report include data classification, breach prediction, real-time AI insights, threat protection, and app segmentation, all designed to manage risk and limit exposure as enterprises increase their use of AI tools.
