Hello Team,
Good Day.
I'm curious to know the setps or methods for integrating Sentinelone EDR and Netskope DLP solution for the Data analysis part.
As a part of my study on Endpoint Security, I feel DLP also play a major role in protection of Data at Endpoints as same as EDR. Seeking guidance here for the integration.
Thank you for the help.
Regards & Thanks,
Best answer by Gary-Jenkins
View original
+15
If you go into the SentinelOne Singularity Marketplace page and search for Netskope you will see two available integrations.
We also have another one that shares threat information from Cloud Exchange. https://docs.netskope.com/en/netskope-help/integrations-439794/netskope-cloud-exchange/threat-exchange-module/configure-3rd-party-threat-exchange-plugins/sentinelone-plugin-for-threat-exchange/
+15
While I work to get the documents around this integration posted I wanted to add which Netskope API endpoints are needed for the Netskope threat enrichment and threat intel sharing integration.
REST APIv2
/events/data/alert
/ubadatasvc/user/uci (read and write)
/api/v2/policy/urllist/deploy (read and write)
/api/v2/policy/urllist (read and write)
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.