Objective

The combination of English characters and other special characters is treated as a single word. Netskope Regex does not support detection when English characters are combined with uncommon symbols, even underscore, and the specification of Netskope Regex rules remains unclear.

Prerequisite

This issue generally applies to all Netskope Standard and Professional DLP modules, including, but not limited to, NGSWG DLP, Email DLP, Endpoint DLP, and more.

Context

Customers can validate this issue by adding an underscore (“_”) or random characters after the English keyword they want to detect, as demonstrated below.

Do You Know?

Users can easily bypass Netskope’s DLP detection mechanism without even decomposing the keywords. This means administrators will be unable to track or investigate potential data leakage incidents.

We have requested clearer instructions on how Netskope defines Regex rules, but so far nothing has been provided.

Notes

We’ve discovered that others have already raised similar concerns. We have reported this to Netskope Support and the escalation team, but their actions are limited. Please be aware that neither regex nor data identifiers can be trusted 100% for an unknown period of time.