Netskope Global Technical Success (GTS)
Next-Gen ChatGPT Enterprise Inventory Scanning (Retroactive Scan)
Netskope Cloud Version - 123
Objective
Retroactive Scanning on ChatGPT Enterprise Instance using Next- Gen ChatGPT Enterprise API Module
Prerequisite
Netskope Next Gen CASB API license with ChatGPT Enterprise feature enabled
Context
How to perform a retroactive scan on ChatGPT Enterprise to expose the sensitive contents, conversations & collections (files & folders). For this article, we will scan all PCI information exposed through ChatGPT Enterprise.
To Learn more about Netskope Next-Gen API Retroactive Scans: Link
Do You Know?
- On Feb 6, 2024, Netskope announced a new API module called ChatGPT Enterprise API.
- This feature is now generally available, delivering advanced security and compliance controls for your AI-powered workflows.
- Below are the capabilities part of the solution:
- Ability to perform DLP & threat scan over conversations & files to adhere to compliance standards
- Ability to perform retroactive and ongoing scans for files & conversations
- Policy creation via unified NextGen API policy framework and supports visibility via dedicated dashboard
Configuration
To access the retroactive scan page, log in to your Netskope tenant, navigate to
Path: Netskope Tenant UI >>> Policies >>> API Data Protection >>> Next Gen >>> Click on Retroactive Scans >>> New Retroactive Scan
The New Retroactive Scan windows open. Enter the name of the Scan & Under Object, Select ChatGPT Enterprise Instance to run the scan. Click Next.
Note: For the Retroactive Scan, You can select one App Instance only.
Now, New Retroactive Scan Policy Page opens with App Instance as pre-selected like below:
Fill in the Applicable Exposures to include/exclude collaborators like All Users, Internal/External User, User Group, User Profile, Domains, Domain Profile & No. of Internal Users as shown below:
Under Add Criteria, Select the File Type you want to scan or keep it blank to scan all File Types
For this article, we are scanning the exposure of PCI Data over Conversations & Collections. The DLP Profile will be selected.
For this Retroactive Scan, PCI-DSS Pre-defined DLP Profile is selected.
Now, Choose the Action as Alert, Enter the Name of the Policy & Click Save.
On the Retroactive Scans Page, You can choose to Add more Policies to the Scan by clicking on Add Policy or Edit the existing Policy using Edit Scan
To start the retroactive scan, click Start Scan.
Once the retroactive scan is complete, you can view the following status
Verification
You can view the No. of events exposed from here.
The details of the exposure can also be viewed under Alerts Page
With More information about the File & Violated Data here:
Terms and Condition
- All documented information undergoes testing and verification to ensure accuracy.
- In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.
Notes
- This article is authored by Netskope Global Technical Success (GTS).
- For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.