Skip to main content
  • EN

AD_4nXfYnCK7qpH6HNV5BxD0K-VvVAWESbQIbWarOuDfHhKWJyDZ6oVtnEsCd2DjGFyBUo_tyHERdEbwzY9LB3T9HCwK1V89LmkgCVTiSfFo3c9eiQvi61ly58rG2B5040XO5V2lumyG91fUAmjqjOMjEiMVHPU?key=1BJ1Q1pwy8M60BQRtrJVrg

Netskope Global Technical Success (GTS)

Netskope DLP : Securing Source Code in ChatGPT Interactions

Activity ‘Upload’

 

Netskope Cloud Version - 115

 

Objective

DLP on Source Code for ChatGPT activity - ‘Upload’

 

Prerequisite

Netskope Inline CASB license is required

 

Context

End-users often utilize ChatGPT for unofficial purposes, sometimes uploading sensitive source code-level information, inadvertently exposing their organization to potential data exfiltration risks. This article highlights how Netskope effectively addresses this concern. Netskope DLP can swiftly detect source codes within the chat environment and proactively prevent the unauthorized upload of sensitive data

 

Do You Know?

  • Netskope acknowledges ChatGPT as a Cloud Application and provides a pre-defined cloud app connector.
  • As of June 05, 2024 with Netskope’s ChatGPT predefined connector, customers can exercise control over the following activities:

AD_4nXcFMS-YWk8F4PeZiiz4aBDLYII894bXs-iMM9hUsLFe2AzSWRuz-f1GZGGsTecMIzp8UJ1Qleux5-GtfKJneiAkNm2FuPmqUOg_tL5AteZSl81VGl2YTfL_TPNY2wV0y62D9ExUF7Oc7dpP8OjhqUl5Wr8Z?key=1BJ1Q1pwy8M60BQRtrJVrg

 

Configuration

Step 1 - DLP Profile

  • Netskope's predefined DLP profile effectively detects source codes

Path - Netskope Tenant UI >>> Policies >>> DLP

AD_4nXckK7c0zl8YXfc8ZmShmi2Z0X2YWeOOjM-8M25s5qSUz_megE0PqIcvDQA7CXjn-kK-Qq7Strl2Xj73N8r7k1DxwQWjSPWbYZzt1UPSPlTnU52w2OvDAKBdW4rj31uzQI3tTXQoN6sc4uCGG96jZyAj-hPB?key=1BJ1Q1pwy8M60BQRtrJVrg

  • The predefined DLP profile can detect source codes written in below programming languages

AD_4nXdleuZ9efKTbqHcIieRIHwVQFhhxx98w71-Mkk7H57PkJAfo1WQC_j1ksKk6RaapnYPQgLHQFJCN9KKYWE_VqQj3VkC0_qn2J2bTMVa4Jq6-t3P6R_Vp0XFYm-sKcCf9MLxFv0FsDjVjpyPU94jP3XY_2V5?key=1BJ1Q1pwy8M60BQRtrJVrg

 

Step 2 - Real-time protection policy

Path - Netskope Tenant UI >>> Policies >>> Real-time Protection >>> New Policy

AD_4nXeGic6iwGx99b4jPeRvWuavuDYmJKN3INzJYGmZY0FKX_LrZr6QFOx__ZqdUpXWvkYyZ9BPJPPBxUkQyBiryDyDkBaN-c2BWWXSOY_EPwq5xe8Nkbwc6fnAwLatvZHmiZP10cStQT9zpDXzi5EMnurOeZaF?key=1BJ1Q1pwy8M60BQRtrJVrg

Verification

  • For testing I copied a random code written in C++ from Link and saved the code in a file and named it - C++ Test Code File.docx

AD_4nXdIl1yqEJ-KbbmdZmVG1-SRkO3Vuj3mt1kLyfs5CtmHcCxyj5SL_P0NWmsHL3coJuFhMOaHi6S1afpJ1sTMRl5hxNqS5E8fajkMov8ybVCw7VwTQ59p3CywdSV5pC3ecY4fQLBucqmGp3-7t4Ctztj94wja?key=1BJ1Q1pwy8M60BQRtrJVrg

  • Access ChatGPT and upload the file - C++ Test Code File.docx

AD_4nXfhIyr7sVLjgrAWnQSB4AoW2mGHEiGEs_rePrsDp98OzRD_Zjv7TwVDFv2KgfNm4ZHvAq6ShW_dwuol0LNzf-DBdBumhR3Q3cu_Qr7crzV7qAIk1ACS_qMtgwayU5v5CHoJYFLZG_glWmDYSFQC4_akI1Ck?key=1BJ1Q1pwy8M60BQRtrJVrg

  • Netskope DLP detected C++ source code upload

AD_4nXfLahTrvQKs_gVtKHPtoqW5E4XmRuUdZmBs8XLwh06rQAO1uNmzphGVozn3ZLLW17X-2T4dy62wTdht_gYM-oOnh0ZFah1CTIAtFDAlJBf7WZrCLfYjzt85keyOJv-AKmsArdWQXw2PldQ9cRgj6ZFKrDcP?key=1BJ1Q1pwy8M60BQRtrJVrg

  • Check policy hits

AD_4nXc5tzD_n3u6imYT2Di6Mu5XPvP4NatFcYXxxNrvA1bg-VkHQRSwS8QSY0Yr672diqWKsiusUAhGoGohmr7VWexPk3UBzqYFov45JhFrqfFlLdqPryo9QizmaGeanbXpe5wpdqvWm4xwlWS2yp5R9nuo-vW0?key=1BJ1Q1pwy8M60BQRtrJVrg

AD_4nXeC_n08UFfkNmiB6BEehz-wLicJ25FINWd2CI-4uUzqeQGIZdIzNyzaPR61DyasoZrtlHG0PkNMABcekM4NxWxJOI0vhvjdr2jvUNU-oAv0QmuTAicpz1-ruGl2JMwQyS5WSDr-Xm-4hmMUjIN8hhTyCAZ9?key=1BJ1Q1pwy8M60BQRtrJVrg

  • If desired results are not obtained, verifying the SSL inspection settings is step 1

AD_4nXdjjMiAxA4vdFnWdVGBtJlRyfZa7MnAY6AiSDXypBentEK_eCn_uTOMgTn0v-1JUnqS1qdDWdmLOMqxDX5ZZ1CLVjd6M2hlJwYwK-CMteq9vLFrtu8NfC722NjMbFoLFYx56ROT9DZscO6Wo-0DFXQ5aLQ?key=1BJ1Q1pwy8M60BQRtrJVrg

 

Terms and conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

 

Terms & ConditionsCookie settings