2 min

Zscaler announced the acquisition of ShiftRight. The startup’s software helps organizations manage the responsibility and accountability of security teams. An important asset, Zscaler says, because many companies don’t know which departments are responsible for which security measures.

ShiftRight’s software is currently being integrated into Zero Trust Exchange, Zscaler’s cloud security platform. Organizations use the platform to secure connections between employees and cloud apps. The platform verifies employee identities and blocks suspicious traffic.

The technology cannot guarantee that an organization is secured against every cyberattack. That responsibility lies with organizations themselves. Every department and employee plays a role in a company’s cybersecurity. Security teams collaborate with multiple business units, but are often held responsible for the organization’s entire cybersecurity.

ShiftRight’s software provides insight in the responsibility and accountability of teams and departments. As a result, organizations are more effective at incident prevention and response.

Zscaler and ShiftRight

Zscaler will implement ShiftRight’s features in the short-term. The startup’s small team — six employees, according to the company’s page on LinkedIn — now works for Zscaler. The financial details of the acquisition were not disclosed.

“Security teams are forced to work with multiple distinct groups to keep users and data properly secured”, Zscaler said. “The current working model is an ineffective patchwork of error-prone spreadsheets interlaced with disparate systems where critical security issues fall through the cracks.”

“ShiftRight is a natural fit for the Zscaler Zero Trust Exchange by automating accountability and responsibility management for security teams”, ShiftRight CEO Sanjay Kalra added. “As an integrated capability into Zscaler’s platform, ShiftRight’s technology will strengthen Zscaler’s offerings and transform security into a collaborative solution for internal teams to tackle numerous security challenges, like remediation, deployment, compliance and upgrades.”