Zscaler Inc. today unveiled a major expansion of its zero-trust SASE platform, adding an agentic framework that lets administrators manage the system through natural-language prompts and extending its protection to unmanaged devices, business partners and multicloud workloads.

The announcements were made at the company’s Zenith Live 2026 conference in Las Vegas, where Zscaler on Tuesday introduced a set of products for securing autonomous AI agents. Together the releases mark a push to fold AI into both how Zscaler defends enterprises and how those enterprises run security operations.

At the center of the SASE expansion is the ZAgent Framework, which orchestrates Zscaler’s various platform agents to automate configuration, troubleshooting and policy work. Administrators interact with ZAgent through natural-language prompts in the Zscaler Experience Center rather than legacy management consoles. One of the first agents built on the framework is a Zscaler Digital Experience agent that diagnoses the root cause of end-user problems such as Wi-Fi, internet service provider or device issues and remediates them before they escalate.

Zscaler is also taking aim at unmanaged and bring-your-own devices with a zero-trust browser extension and a full Chromium-based enterprise browser. Both deliver localized data controls and browser detection and response on any device and the company positions them as a replacement for costly virtual desktop infrastructure and virtual private network setups. The move builds on Zscaler’s February acquisition of browser security firm SquareX Ltd., whose technology turned standard browsers into secured environments without a separate corporate browser.

Other additions extend the platform across supply chains and clouds. A zero-trust business-to-business connectivity offering allows two-way application access between Zscaler customers and their partners without exposing networks or managing firewall rules, replacing site-to-site VPNs and MPLS links.

An endpoint sandbox protects against malicious files introduced from offline sources such as flash drives. A Zero Trust Gateway for Google Cloud brings uniform protection to Google’s cloud alongside existing Amazon Web Services support and a new microsegmentation capability for Google Kubernetes Engine and other Kubernetes environments aims to stop lateral movement.

“Legacy SASE was built in the post-pandemic rush, based on a firewall and VPN model for a network perimeter that no longer exists,” said founder and Chief Executive Jay Chaudhry. “In a world of AI with distributed users, partners and cloud workloads, that model leaves enterprises exposed.”

The company said its platform now secures more than 750 billion daily transactions, a volume it argues serves as a training advantage for its Zero Trust Exchange and AI engine.

Zscaler also released its ThreatLabz 2026 Phishing and Initial Access Report. Phishing volume dropped 20% last year and has now fallen for two years running. The attacks, though, are growing more sophisticated.

The report tied that shift to generative AI. ThreatLabz identified 413,524 AI-generated site instances, nearly 10% of them flagged as explicitly malicious, with tools such as Manus AI, Blackbox AI and Lovable AI used to spin up brand-consistent phishing portals in minutes. The services sector saw a 65.5% rise in attacks as adversaries targeted trust-based workflows like billing, onboarding and support renewals. Government attacks rose 50% and Microsoft Corp. and Google LLC remained the most imitated brands.

Attackers are also hiding their work. The report found 95.2% of phishing attempts now travel inside encrypted traffic, evading security stacks that lack deep TLS inspection. Deception telemetry from Zscaler decoys captured nearly 90 million hostile interactions across 1.37 million unique attacker IP addresses over six months, evidence that adversaries probe enterprise identity and collaboration platforms well before any breach.

“The decline in raw phishing volume isn’t a sign of retreat, it’s a sign of evolution,” said Chief Security Officer Deepen Desai. “Attackers are trading quantity for quality, using gen AI to eliminate traditional ‘tells’ like poor grammar and generic lures.”

Zscaler did not disclose pricing or general availability dates for the new SASE capabilities.

Photo: Zscaler