Learn

Generative AI is rapidly reshaping how we work. However, unsanctioned AI tools can create significant blind spots, leading to the potential loss of sensitive data. Security leaders are left with the critical challenge of discovering how to embrace the benefits of AI, without exposing the organization to risk.We are going to cover the who, what, when, where, and how when it comes to discovering the use of generative AI in your organization and how to ensure its safe use with the enterprise. Rapidly Reshaping WorkThe rapid integration of Generative AI into our daily workflows marks a pivotal moment in enterprise technology. These powerful tools are no longer niche innovations but have become standard, expected features within the products and services we rely on, promising unprecedented gains in productivity and creativity. As we embrace this transformative wave, however, we must also recognize that this new frontier comes with inherent challenges. The very nature of AI tools, with their

“Another Security Assessment report to review? I’ll need coffee… and maybe another pair of eyes.” If you’ve ever found yourself buried in long, detailed Security Assessment reports, you know the pain.Pages of findings to go through. CVSS scores that may (or may not) be consistent. Missing screenshots or vague remediation steps. And the endless back-and-forth just to make the report business-ready.Sound familiar? You’re not alone. Manual report reviews are slow, error-prone, and rely heavily on the reviewer’s bandwidth and expertise. But what if we had a smart first-pass reviewer that flagged gaps, standardized structure, consistency in findings & recommendations and freed us to focus on the real contextual risk analysis?That’s exactly what we set out to build — an LLM-powered Report Reviewer. Why Report Reviews Matter More Than EverSecurity assessments don’t end when testing is complete. The report is what travels to:Engineering teams → to guide fixes. Executives and stakeholders →

How the Salesloft Drift breach highlights the urgent need for visibility into SaaS-to-SaaS connections.The recent Salesloft Drift security incident has impacted hundreds of organizations and serves as a powerful reminder of a growing threat: risk from third-party SaaS-to-SaaS integrations.  This attack exploited trusted connections between applications to access sensitive data, bypassing traditional security controls. The attack chain: How stolen tokens led to data exfiltrationThe incident began when a threat actor acquired OAuth and/or refresh tokens connected to Salesloft's Drift application. Drift, an AI chatbot, integrates deeply with platforms like Salesforce to log user interactions, leads, and meeting data. By using these stolen tokens, the attacker could effectively impersonate the legitimate Drift application. This allowed them to make authorized API calls to their victims' Salesforce instances, exfiltrating sensitive customer accounts and meeting information. The full extent

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on “Managing Certificate Errors with Netskope Client” can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Our recommendation from a Netskope implementation engineer was to keep developers in a steering configuration group that was only cloud apps, not all traffic. This doesn't seem like a feasible nor secure option. Is this recommended to most all customers?A: This is the initial approach to temporarily resolve the issue and keep things running. But as mentioned in the webinar, you will have to work with the developers and understand their traffic patterns to add the Netskope CA to tools to securely enable developers. Q: There is a script that is available on your Support site but it doesn't appear to be updated oft

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on “Netskope Data Loss Prevention for Sentiment Analysis” can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: If we are creating keywords in English, will the dictionary be captured in all regional languages?A: No, I think it would just be for the keywords which are specified within the framework. So as far as regional languages, we'll have to check internally if we are supporting those. Q: When creating and deploying a DLP policy for AI, can you provide some tips on how to identify false positives in the Alerts?A: It involves extensive analysis of the incidence and forensic data because this is something that is a challenge for us as well whenever we implement a new DLP framework or a policy. So, we take a step by

Why Certificates and What is Cert-Pinning?In the internet age, it has become mandatory for all organisations and services which are hosted on the internet to rely on certificate based authentication and authorisation in order to protect the confidentiality and integrity of their data accessible and traversing over the internet. Certificates help prove your identity over the internet when communicating with parties/services which you have not interacted with before. As organisations and service providers started heavily relying on certificates for their security needs, they wanted to be sure that there was no chance of data leakage through techniques such as man-in-the-middle attacks. This led to the rise of adoption of the concepts like trusted certificate stores and certificate pinning.Certificate pinning is a security method which protects the service providers against man-in-the-middle attacks. The server/host is associated with a specific certificate or public key and the applicati

The Netskope One Enterprise Browser (NOEB) is a security solution designed to provide security access to sensitive applications and content in specific scenarios. The NOEB enables Netskope One SSE (Secure Service Edge) services such as Secure Web Gateway (SWG), CASB, as well as threat protection and DLP to be extended to cover corporate users with unmanaged/personal devices, as well as non-employee contractors. NOEB leverages the Netskope One platform, with a single policy engine and admin console. It enables organizations to secure access to sensitive applications and content when devices are unmanaged and also when Netskope client services are not running on devices. NOEB can be deployed through MDM solutions and supports automation for installation and profile management.  How is NOEB used by the customer zero team?At the customer zero team, we have been involved in designing, implementing and validating security use cases and protection strategies with NOEB. Some of the specific sc

Netskope provides a comprehensive data loss prevention (DLP) enforcement solution for cloud applications and public cloud resources that is ideal for addressing regulatory compliance requirements and protecting sensitive data in your enterprise. In addition to securing traditional confidential and sensitive data on the web, Netskope DLP can also be diversified for some creative data analysis. In this blog post, I would like to share one of the use cases that can be implemented with Netskope DLP, which is sentiment analysis of user queries in Gen AI web apps. Sentiment Analysis is a technique used to determine the overall sentiment expressed in a piece of text, such as a customer review, social media post, or email. Sentiment analysis relies heavily on positively and negatively used words to determine the overall sentiment of textual data. To learn more about this topic, read the following and register for our upcoming webinar—where we’ll cover this live in more detail and answer custom

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on “Tracking Client Bypasses with Netskope Endpoint SD-WAN” can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: We are in the process of implementing BWAN functionality in OCC. I would love to understand how we can get rid of bypasses, specifically for cert pinned apps such as ZoomA: Well, there's a couple different things. One, in order to see those bypasses we would have to steer it one way, shape, form, or another. So you're either steering it with the NG SWG traditional Client, steering it with the BWAN client, or you're not steering it at all. If you don't steer it at all, you don't get that visibility or that functionality. So it's really who, what, when, where, and how on being able to monitor as well as use

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Client Troubleshooting can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Is there a solution to force Netskope to switch multiple devices (>100) to a specific POP in case of issues with one POP?A: It is my understanding that our GSLB will detect those issues and reroute you to a new POP very quickly.  Q: How to troubleshoot issues with uninstallation process for older Netskope clients? (Netskope client unable to be removed)A: I recommend renaming the folder. After renaming it, you can uninstall the old client. Here is a great troubleshooting guide! Q: How would you go about troubleshooting a Microsoft Teams call performance issue to confirm if Netskope proxy is the root cause or its something else?A: For me,