Skip to main content
  • EN

Anyone concerns about Email draft can not be detected by Netskope?

On App Catalog it says “Create, Edit, Post, Send” support DLP.

On the Application Events, ObjectID can successfully be fetched and we also can clearly saw the activities and content through DevTools.

However, DLP policy is not triggered but the action is recorded.

We also created a support case on this but L3 support responded and claimed it should be related to SMTP DLP module.

 

We are curious if anyone else has encountered this and have similar concern as we do. 

Not sure which mail provider you are referring to, but more generally, Netskope does not scan HTTP GET requests for DLP. Which is how some email services handle saving drafts as you write.

 

However, this also allows data to be exfiltrated via URL query strings. I have raised this concern to Netskope before and, as far as I know this has not been addressed. Though, it has been well over a year since I last tested it.

 

 

We tested on both Gmail and Exchange. They both use HTTP POST requests so this DLP detection we assumed it should be supported by Netskope.

However, what surprised us is after 1 month back and forth, Support thinks this belongs to SMTP DLP module, instead of using NGSWG detection.

 

We understand that RFE could take a while to process and glad to know this also get other’s attention.

However, what surprised us is after 1 month back and forth, Support thinks this belongs to SMTP DLP module, instead of using NGSWG detection.

 

I would request escalation of the ticket, as that does not make any sense.

SMTP does not even come into play in this scenario.

Reply


Terms & ConditionsCookie settings