Skip to main content
  • EN

Learn

Education, Training, Certification, and Thought Leadership

194 Topics
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Quarterly Product Release Webinar - October 2024

Hear from our Product Management and Product Adoption leads as they cover the latest platform updates from Release 118, 119, and 120.  Key product updates:Site, User—App Synthetic Monitoring for Web Apps and Custom Web Applications  E2E Encrypted App Inspection and AI generated insights for CCI attributes (CCI copilot) Enhanced risk profiling for 3rd party applications—Workday, Entra ID, and Google Workspace Expanded App Coverage for Box, Slack, ServiceNow, and Cisco Webex on a new NG CASB API platform Comprehensive categorization and classification insights for URLs, domains, and IPs using the URL lookup API for SWG Malware workflow for submitting false positive and allowlisting  Reset UEBA UCI score to 1000 for use-cases such as role changes and test users Leverage MIP and Box Labels for DRM Integration for Classification  Provide visibility into custom classifier performance, including insights into the training data Endpoint DLP Printer Content Control Support for AIP/MIP Sensitivi

3870
aplaza
Netskope Employee
2 months ago
Aaron_Zhang
Netskope Employee
Aaron_ZhangNetskope Employee
published in Video Library
Netskope Advanced Analytics: AI Usage Dashboard Demo

Learn how to best monitor & manage the AI applications being used in your organization with our latest AI Usage Dashboard.  

3840
Aaron_Zhang
Netskope Employee
5 months ago
Gary-Jenkins
Netskope Employee
Gary-JenkinsNetskope Employee
published in Blogs
Okta + Netskope = Zero Trust

A common use case using Netskope One SSE and Okta is to extend your zero trust perimeter using Okta Network zones and the Netskope NewEdge network. This will create an additional obstacle for an attacker to use compromised credentials and is recommended by Okta as a defense against credential stuffing attacks. The Netskope One client checks the device posture or compliance in real time via Device Classification to ensure that only Corporate managed devices are allowed to connect to Okta. The following Okta authentication policy rule scenarios are presented below: (these would also apply when using tunnels)Prerequisites for all policy scenarios Scenario: Restrict access to application(s) for users that originate from Netskope NewEdge Scenario: Restrict access from Netskope NewEdge in the United States  Scenario: Restrict access to originate from Netskope NewEdge and the user’s client IP originates in the United States Scenario: Restrict access for Administrators to originate from Netsk

8350
Gary-Jenkins
Netskope Employee
8 months ago
ematchey
Netskope Employee
ematcheyNetskope Employee
published in Video Library
Netskope Advanced Analytics - Getting Started

This video helps you get started with Advanced Analytics in around 5 minutes, which includes an overview of the UI, copying & pasting dashboards, customizing dashboards, and editing widgets (visuals).  

1600
ematchey
Netskope Employee
1 year ago
ematchey
Netskope Employee
ematcheyNetskope Employee
published in Video Library
Netskope Advanced Analytics - Introduction

A brief introduction to Advanced Analytics.  

2060
ematchey
Netskope Employee
1 year ago
S
Netskope Employee
stevanNetskope Employee
published in Inside Netskope
Netskope Endpoint SD-WAN: The Unsung Hero for Tracking Netskope Client BypassesBlog

Netskope products serve the purpose of security AND as tools to troubleshoot with.  Tools that are often overlooked by everyone, including us!In this article, we are going to cover one of our newest products acquired through the purchase and partnership of Infiot’s Borderless WAN (BWAN).  BWAN is the technology commonly known as Software Defined Wide Area Networking (SD-WAN).  We will answer the questions of:How does the Netskope Endpoint SD-WAN Client become a tool to be used? How am I able to use the Netskope Endpoint SD-WAN Client for displaying bypasses in the Netskope Endpoint SD-WAN console?As a little background information, “Netskope BWAN extends the concept of network segmentation beyond traditional network perimeters, catering to the needs of a modern workforce that operates from varying locations and uses a multitude of devices. Netskope BWAN ensures network segmentation for any device by encapsulating each session in a secure and encrypted tunnel. This segmentation extends

960
S
Netskope Employee
1 month ago
B
Netskope Employee
borisgekhtmanNetskope Employee
posted in Blogs
Safe QR code scanning on iOS devices

Stating the Obvious: The Rise of QR Code-Based AttacksQR code-based attacks are on the rise, and it's no surprise why. Almost everyone carries a smartphone, making QR codes effortless to scan. QR codes are everywhere—on restaurant menus, event tickets, and even advertisements—creating a massive attack surface for bad actors to exploit.You may have come across the term “Quishing”—a blend of QR code and phishing. Essentially, it’s phishing using a QR code to lure victims. However, this is just the tip of the iceberg. Threat actors can use QR codes to deliver malicious payloads, exploit browser vulnerabilities, or carry out other harmful activities.What’s the Right Security Approach?For QR-based phishing, the guidance might seem straightforward: treat it like any other phishing attempt. Don’t enter sensitive information unless you’re confident in the source, and stay vigilant for suspicious signs. However, the sheer size of the attack surface and users’ reduced caution—especially when out

630
B
Netskope Employee
1 month ago
B
Netskope Employee
borisgekhtmanNetskope Employee
posted in Blogs
Protection against QR code attacks on iOS

 Stating the Obvious: The Rise of QR Code-Based Attacks QR code-based attacks are on the rise, and it's no surprise why. Almost everyone carries a smartphone, making QR codes effortless to scan. QR codes are everywhere—on restaurant menus, event tickets, and even advertisements—creating a massive attack surface for bad actors to exploit.You may have come across the term “Quishing”—a blend of QR code and phishing. Essentially, it’s phishing using a QR code to lure victims. However, this is just the tip of the iceberg. Threat actors can use QR codes to deliver malicious payloads, exploit browser vulnerabilities, or carry out other harmful activities. What’s the Right Security Approach? For QR-based phishing, the guidance might seem straightforward: treat it like any other phishing attempt. Don’t enter sensitive information unless you’re confident in the source, and stay vigilant for suspicious signs. However, the sheer size of the attack surface and users’ reduced caution—especially when

270
B
Netskope Employee
1 month ago
M
Netskope Employee
madhurasridharNetskope Employee
published in Inside Netskope
Register Now! Inside Netskope: Off-boarding User Monitoring Protections in Practice

Off-boarding User Monitoring Protections in Practice Wednesday, January 158am PST |  4pm GMT |  5pm CETRegister now! Get a glimpse into some of the off-boarding protections that our internal security team has developed to aid them in monitoring users who transition from Netskope.  In this webinar we’ll touch on:Who gets monitored and why How we use policies to collect data and maintain security posture How we use automation to start collecting data almost instantly

240
M
Netskope Employee
1 month ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Inside Netskope 06: Effective Allowlisting with Netskope DLPInside Netskope

If DLP is not utilized in the right manner, the Admin is in for a nightmare with the number of alerts they would receive every single day. Netskope’s DLP has an extensive suite of offerings, with respect to detection of content and object types, to help eliminate this risk.  Hear from our security team as they discuss how to use Netskope DLP to effectively allowlist and minimize false positives.  Learn how to: Create effective DLP policies per your organization's situation Build processes to identify DLP exceptions within your organization Utilize different techniques to Allowlist the DLP exceptions Use Netskope’s Cloud Exchange for Allowlisting Check out our blog for more information! 

2481
A
1 month ago
S
sbrownNew Member
posted in Blogs
Managing Netskope Publishers in AWS using Terraform

Introduction   In my previous post I introduced the Netskope Provider for Terraform and showed you how it can be used to deploy publishers and applications inside of a Netskope tenant. While I think this capability on it's own is extremely exciting, I know we can do better. When looking at creating automation for Netskope, our goal was always to ensure a new publisher including the underlying infrastructure could be managed in the same configuration. In fact this concept is one of the primary reasons that we choose to use Terraform as our initial entry into Infrastructure as Code(IaC). In this post I will expand upon what we introduced previously by walking you through how to use the Terraform Module for automating Netskope Publishers running in Amazon EC2. This should be fun!   What is a module?   For those that are new to Terraform let me start by explaining what a module is. The definition of a module is something along the lines of 1 or more .tf configuration files i

8884
zthompsoncr
Netskope Partner
1 month ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Inside Netskope: Session 08 Recap—Protecting Lost/Stolen Managed Devices with Netskope ClientInside Netskope

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on protecting lost/stolen managed devices with Netskope Client can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Can a client be flagged as stolen via API?A: The client cannot be directly flagged as stolen via API, but you can use APIs to move users or devices between groups. This will have to be done within the Groups section and not with the client directly.  Q: How to setup monitoring and tracking of stolen devices? Also, can we pinpoint the location of the lost/stolen device?A: If the device comes back online and connects back to the tenant, we can get all of the location data (wifi connected to, geographic location, etc.). Regarding how to setup monitoring and tracking, the presentation covers quite a few use

850
ukrishna
Netskope Employee
1 month ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Inside Netskope 08: Protecting Lost/Stolen Managed Devices with Netskope ClientInside Netskope

Hear from our internal security team as they discuss the possible settings and changes which can be made in the Netskope tenant to accommodate a lost/stolen corporate managed device.  Learn how to: Modify settings in the tenant proactively for lost/stolen device cases in the future Effectively deal with lost/stolen devices by setting up protective measures against device misuse Minimize data loss in case of lost/stolen device cases by blocking data movement from the device  Check out our blog for more information!

1402
R
Netskope Employee
1 month ago
D
Netskope Employee
DiogenesNetskope Employee
posted in Blogs
Deploy Netskope Client for Mac using Jumpcloud MDM

In this article, we will cover how to silent deploy the Netskope Client on Mac devices using IDP enrollment mode with Jumpcloud MDM. Prerequisite: SAML Forward Proxy integration with Jumpcloud as an IDP must be configured prior to deploying the Netskope Client. Configuration Steps 1 - Install Netskope CertificatesDownload both certificates from the Netskope Tenant on Settings > Manage > Certificates > Signing CA:  Jumpcloud allows you to choose only one certificate per policy. Follow the steps off the link Create a Mac or iOS Install Certificate Policy  and create two certificate policies on Jumpcloud. One for the Netskope Root Certificate and one for the Netskope Intermediate Certificate: Approve System Extension and Network ExtensionCreate a new Jumpcloud policy following the steps of the link Create Mac System Extension Policy  to Approve the System Extension and use the following details on the policy:In the latest SO versions it is necessary to check the System extension

12384
D
Netskope Employee
2 months ago
Gary-Jenkins
Netskope Employee
Gary-JenkinsNetskope Employee
posted in Blogs
Add user and group via scim API

This one is more for my tech partners than for customers. If you tie your idp into your Netskope tenant you would never do this. This is really just for a lab environment. This will create users and groups that you can then use in policy.  Create API token for scimGo to Settings > Tools > REST API v2 > New Token  Create an API token that has the two scim endpoints added.  With the token copied and stored somewhere. Go to API Documentation.  Add the token to the Authorize In the scim section use the apis to view and create the users/groups.  Adding a userStart by adding the user. Be sure to change the userNamePOST /api/v2/scim/Users{  "schemas": [    "urn:ietf:params:scim:schemas:core:2.0:User"  ],  "userName": "taylorkelce",  "name": {    "familyName": "kelce",    "givenName": "taylor"  },  "active": true,  "emails": [    {      "value": "taylor@eras.tour",      "primary": true    }  ],  "externalId": "User-Ext_id",  "meta": {    "resourceType": "User"  }} Search for your user

7583
Gary-Jenkins
Netskope Employee
2 months ago
M
Netskope Employee
mitchellNetskope Employee
posted in Blogs
Automated ZTNA Deployment for Azure with Bicep

This Azure Bicep template facilitates the automated deployment of Netskope Publisher instances in Azure environments. It's designed to streamline the deployment process for DevOps teams, enabling quick and consistent Publisher setups while following infrastructure-as-code best practices.This can be a key item on how to achieve ZTNA in PaaS environments: You can check out the files here: https://github.com/Mitsj0l/nskpub_azureSupported Functions ✨Azure Integration: Automated deployment of Netskope Publisher Marketplace VMs Integration ready for Azure Pipelines End-to-end deployment in 3-4 minutes Network Management: Support for existing networking components VNet, Subnet, and NSG integration Option to create new or use existing network components Security & Configuration: Secure parameter handling through dedicated parameter files API token and SSH key management Cloud-init based post-deployment setup Automated Publisher registration with Netskope tenant  Project Structure

660
M
Netskope Employee
2 months ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
DEMO: Three key use cases for Proactive Digital Experience Management (P-DEM) Enterprise

Elevate your network monitoring and user experience with the advanced capabilities of P-DEM Enterprise. Thierry Notermans, Product Management Director for Proactive Digital Experience Management (P-DEM), demonstrates the innovations introduced with P-DEM Enterprise using three key use cases.  Learn how to: Monitor onramp, app performance, and user experience from sites connecting to Netskope via SD-WAN, SASE gateways or private connectivity Monitor any application, from over 80K predefined apps or any custom web-based application, including synthetic application monitoring for how apps are performing Streamline operations and deliver a cohesive, transformative monitoring experience with the integration of Real User Monitoring (RUM) and Synthetic Monitoring Get a consistent 360-degree view of digital experiences across the entire path from users to apps   

650
aplaza
Netskope Employee
2 months ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Unveiling New Capabilities of Proactive Digital Experience Management Enterprise

Unveiling Netskope Proactive Digital Experience Management (P-DEM) Enterprise, a groundbreaking solution that delivers unmatched end-to-end insights and user experience monitoring within SASE and SD-WAN environments. Discover how P-DEM Enterprise eliminates blind spots, provides complete transparency across your entire network, and empowers you to optimize performance at every stage. Key Takeaways:Discover groundbreaking innovations like site-specific, user-specific, and app-specific monitoring that deliver a comprehensive 360-degree view of your digital experience. Learn how advanced contextual visibility and AI/ML-driven insights accelerate troubleshooting and reduce operational costs. Explore how this solution enhances workforce productivity, reduces operational friction, and delivers significant cost savings through proactive monitoring and remediation.  

240
aplaza
Netskope Employee
2 months ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Register Now! Inside Netskope: Protecting Lost/Stolen Managed Devices with Netskope Client

Protecting Lost/Stolen Managed Devices with Netskope Client Thursday, November 148am PST |  4pm GMT |  5pm CETRegister now!  Join our security engineers as we discuss the possible settings and changes which can be made in the Netskope tenant to accommodate a lost/stolen corporate managed device.  Learn how to: Modify settings in the tenant proactively for lost/stolen device cases in the future Effectively deal with lost/stolen devices by setting up protective measures against device misuse Minimize data loss in case of lost/stolen device cases by blocking data movement from the device

890
ukrishna
Netskope Employee
3 months ago
T
Netskope Employee
twillisNetskope Employee
posted in Blogs
How to Configure SAML 2.0 for the Netskope Client Enrollment with PingOne

 Overview Forward Proxy Authentication (FPA) ensures secure access to cloud applications by requiring SAML-based authentication via an intermediary server that allows organizations to enforce granular authentication policies. Netskope’s FPA allows integration of multiple Identity Providers (IdPs) based on criteria like access methods (IPsec, GRE, Cloud Explicit Proxy, NS Client Enrollment) and network location, enabling flexible and secure user authentication management. Organizations can maintain existing SAML setups while utilizing Netskope’s enhanced authentication features, supporting multiple concurrent IdPs to match specific conditions for robust security and control. Configuration in PingOne  Login to the PingOne Admin Console. Navigate to Applications > Application Catalog. Search the Application Catalog for Netskope Client Enrollment and click + Add Instance. Enter temporary values into the ACS URL and Entity ID fields, like https://pingone.com and https://pingone.com

1000
T
Netskope Employee
3 months ago
T
Netskope Employee
twillisNetskope Employee
posted in Blogs
Netskope Client Integration with PingOne

This article is going to cover how to leverage PingOne for SCIM Provisioning via PingOne.  SCIM Provisioning  Netskope supports provisioning of users and user groups authenticated via Ping Identity. The Netskope SCIM app supports the following: Push New Users: New users created through Ping Identity will also be created in NetskopePush Groups: Groups created through Ping Identity will also be created in NetskopePush Profile Updates: Updates made to the users profile through Ping Identity will also be pushed to NetskopePush User Deletion: Deleting a user in Ping Identity will also delete the user in Netskope.By default a user disabled in Ping Identity will be deleted in Netskope. Configuration Steps Configuration in Netskope Login into your Netskope Admin Console. Select Settings in the lower left. Select Tools > REST API v2. Ensure REST API Status is enabledSelect New Token and enter an appropriate name. Select a token expiry duration (To ensure the security and reliability of your

1850
T
Netskope Employee
3 months ago
R
Netskope Employee
rakeshgNetskope Employee
published in Inside Netskope
Inside Netskope: Session 07 Recap—Automation of IOC Hunting and Continuous Monitoring using Cloud Threat ExchangeInside Netskope

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Automation of IOC Hunting and Continuous Monitoring using Cloud Threat Exchange can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Are new IOCs hunted against historic data? Or, only on new events after IOC is known?A: Yes, that's the beauty of this workflow is that it's not just updating tools with new IOCs but it's looking to determine whether we've seen that IOC before. Once we know that it is an indicator of compromise, it looks back to see if anything has happened and alerts an analyst immediately as soon as it finds something.  Q: Can you integrate Cortex XDR with Netskope? If so, how?A: Yes, via Cloud Exchange. Check out this doc for more information.  Q: Do you have SentinelOne Integration?A: Absolutely!

840
R
Netskope Employee
3 months ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Inside Netskope 07: Automation of IOC Hunting and Continuous Monitoring using Cloud Threat ExchangeInside Netskope

Hear from our security team as they discuss how Cloud Threat Exchange is implemented within Netskope to streamline the automated integration of IOCs with a ticketing system and perform continuous monitoring.  Key topics covered:Cloud Threat Exchange Integration with multiple security tools and technologies such as Netskope, SIEM, EDR, etc. Automation of IOC ingestion from ticketing platforms such as Jira into Github repo The plugin to Ingest IOC's from Github to Cloud Exchange And real-time monitoring of these IOCs (continuous monitoring)  

1220
aplaza
Netskope Employee
3 months ago
ppasseri
Netskope Employee
ppasseriNetskope Employee
posted in Blogs
How to use the Universal Connector to govern suspicious cloud services

Recently I stumbled upon an interesting campaign carried out by a threat actor dubbed Dark Pink and characterized by the exploitation of a legitimate cloud service, GitHub, to host the malicious payload. GitHub is a well-known service, categorized as "Development Tools" and "Technology" within the Next Gen SWG, and for which a dedicated connector allows to enforce granular security policies in terms of adaptive access control, DLP and threat protection.    However, it is common for threat actors to abuse even less-known cloud services for malicious purposes such as malware distribution, command and control and data exfiltration, and the above campaign is no exception. As a matter of fact in the above mentioned case, the attackers exploited an additional less-known cloud service, textbin[.]net, to deliver the malicious payload.   Netskope customers are protected out-of-the-box from the malicious exploitation of textbin[.]net as this service is already classified as "Secur

2361
A
3 months ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Netskope Client & Stolen Managed DevicesBlog

Netskope Client & Managed DevicesNetskope offers multiple steering mechanisms and the Netskope Client is the most recommended option due to its operating nature and the available feature list. The Netskope Client is a lightweight application which can be installed on a managed device and it can be used to steer traffic from the device to Netskope Security Cloud. It provides real-time visibility of the managed devices accessing the cloud and web from any location. The Client uses Forward Proxy Steering mechanism where the Client creates an SSL tunnel from the end device and terminates it at the Netskope forward proxy in the Cloud.So when the mode of steering is Netskope Client, all managed devices are expected to have the Netskope Client installed. In the context of this blog, a device is classified as managed if it has the Netskope Client installed. In this post, let us discuss the possible settings and changes which can be made in the Netskope tenant to accommodate a Lost/Stolen m

4290
ukrishna
Netskope Employee
3 months ago

Badge winners

Show all badges
Terms & ConditionsCookie settings