Dear Netskope Customers,
Netskope has been notified that certain third party vendors, who are not Netskope integration partners, are recommending unsupported mechanisms for integration with Netskope, and may be falsely representing that such mechanisms are endorsed by Netskope. These unsupported integrations typically require privileged access to Netskope tenants, scrape data out of Netskope beyond what is officially supported by Netskope, and may lead to abuse of Netskope APIs. Here is an example of a configuration guide for such an unsupported configuration. Netskope provides a broad and growing ecosystem of partners that offer supported integrations. These official integrations go through rigorous testing and use stable APIs/interfaces that Netskope is able to support. If you are not certain whether the vendor is offering an officially supported integration, please consult Netskope support or your Netskope account team.
Vendors implementing unsupported integrations put customers at risk for the following reasons:
-
Giving privileged access into the customer’s Netskope tenant to a third party that has no direct relationship with Netskope is a security risk. In some cases, these may be third parties with somewhat overlapping value propositions, which further increases the security risk and potential abuse of privileged access.
-
These vendors often brute force their way through Netskope APIs without Netskope’s authorization or testing. This may force customers to adopt mechanisms that can break any time, or worse, have unpredictable behaviors as Netskope evolves/changes its APIs. Because such integrations are not supported, Netskope may be unable to provide assistance in such situations.
-
Finally, some of these integrations, which abuse Netskope APIs to scrape data beyond what the API endpoints were designed for, are causing strains and performance issues in some customer tenants.
Before giving privileged access to a third party security vendor, we encourage you to reach out to Netskope support or to your Netskope account team in order to confirm the integration is officially supported by Netskope. Doing so ensures that the solution has undergone the necessary technical and rigorous programmatic validation to allow you to use it with peace of mind.
We are constantly adding new partners and integrations to the Netskope partner program. If you have a vendor that wants to participate in the program, please direct them to Netskope. But, until they are a participant, we strongly recommend not to implement any unsupported integrations that can put your security controls and environment at risk.