Customer Success Webinar: Securing AI Environments with Netskope One AI Guardrails
Education, Training, Certification, and Thought Leadership
Recently active
Hear from our Product Management and Product Adoption leads as they cover the latest platform updates from Release 136, 137 and 138.Key product updates:Enterprise Browser Now Covers Every Device, Everywhere: Expanded protection to all major platforms, including IGEL thin clients, with new features like watermarking, sandboxed clipboard controls, and NPA integration on mobile. AI Security: From Threat Testing to Real-Time Enforcement: Use AI Red Teaming to identify LLM vulnerabilities, detect deepfakes via API, and enforce real-time guardrails on AI traffic, including custom topic controls. Data Lineage: The Full Story Behind Every File: Built into Incident Management, this allows DLP analysts to follow sensitive data from origin to destination for faster investigations and to stop unauthorized data movement. Zero Trust Private Access: Performance, Compliance, and Coverage: Enhanced for better network throughput (BBR congestion control, dual-stack IPv4/IPv6 support), geo-fencing, and en
A brief introduction to Advanced Analytics.
Hear from our Product Management and Product Adoption leads as they cover the latest platform updates from Release 133, 134, and 135. Key product updates: Comprehensive AI Security and Governance: Protect private AI applications with the Netskope AI Gateway and AI Guardrails, providing real-time content moderation, threat protection, and vulnerability assessments via AI Red Teaming to ensure compliance and quality Advanced Visibility for Agentic Workflows: Gain full oversight of Model Context Protocol (MCP) communications through the Agentic Broker, featuring detailed audit logs and policy enforcement for remote MCP servers and clients within Skope IT Steganography detection: Identify and protect sensitive information from the growing threat of sophisticated data-hiding techniques Manager Escalation: DLP Analysts can now initiate a review workflow to request feedback from the manager of the user who committed the DLP violation DLP on Demand: Power your DSPM scans using Netskop
We’re excited to introduce a simpler, more transparent way to register for training at Netskope Academy! You can now self-register for courses using training vouchers, which means no more forms or back-and-forth. Just purchase training, receive your voucher, and enroll in minutes. Any existing, non-expired training credits you already have will automatically convert into vouchers. We’ve created a short video to show you how the new system works. See the new process in action: We’re confident this update will make your learning experience faster and easier.Questions? Contact us at training@netskope.com
Learn how to best monitor & manage the AI applications being used in your organization with our latest AI Usage Dashboard.
A common use case using Netskope One SSE and Okta is to extend your zero trust perimeter using Okta Network zones and the Netskope NewEdge network. This will create an additional obstacle for an attacker to use compromised credentials and is recommended by Okta as a defense against credential stuffing attacks. The Netskope One client checks the device posture or compliance in real time via Device Classification to ensure that only Corporate managed devices are allowed to connect to Okta. The following Okta authentication policy rule scenarios are presented below: (these would also apply when using tunnels)Prerequisites for all policy scenarios Scenario: Restrict access to application(s) for users that originate from Netskope NewEdge Scenario: Restrict access from Netskope NewEdge in the United States Scenario: Restrict access to originate from Netskope NewEdge and the user’s client IP originates in the United States Scenario: Restrict access for Administrators to originate from Netsk
This video helps you get started with Advanced Analytics in around 5 minutes, which includes an overview of the UI, copying & pasting dashboards, customizing dashboards, and editing widgets (visuals).
Overview This guide shows how to stream Netskope alerts and events into Microsoft Sentinel.The connector is called Netskope Alerts & Events Connector (via Blob Storage). Netskope publishes it. It ingests alerts and events logs from Netskope Log Streaming into Microsoft Sentinel via Azure Blob Storage, using the Microsoft Sentinel Codeless Connector Framework (CCF).The data flow does not push logs straight into Sentinel. Netskope Log Streaming writes logs to an Azure Blob Storage container. Sentinel then reads those blobs and writes the records into the Log Analytics table NetskopeAlertEvents_CL.This article is based on the connector's own deployment template (netskope_alert_events_log_streaming.json). UIs in Netskope and Azure change over time, so verify each screen against current documentation as you go.How it works (architecture)The pipeline has three stages.Netskope Log Streaming sends Alerts & Events logs to an Azure Blob Storage container. Azure infrastructure signals new
OverviewA continuation of Sending Alerts and Events to Microsoft Sentinel using the Codeless Connector Platform.The first article set up the Codeless Connector for a single Netskope tenant. This post extends it. It sends alerts and events from several Netskope tenants into one Microsoft Sentinel workspace, and it labels each record so you can tell the tenants apart.If you have not read the single-tenant article, start there. The base ideas carry over: the Codeless Connector Framework, the RBACv3 service-account token, and the REST API index. Architecture Each Netskope tenant sends alerts and events to the same connector. The connector posts the data to one Data Collection Endpoint. A separate Data Collection Rule for each tenant adds a TenantSource value and writes the record to the shared tables. The result: all tenants share the same tables, and the TenantSource column tells you which tenant a row came from.This template supports up to five tenants.What is different from the single-t
Hear from our security engineers as we share how Netskope moved beyond blanket restrictions to a more adaptive, context-aware approach that lets us safely say “yes” to SaaS and GenAI. We’ll highlight real-world patterns of risky usage, common blind spots across managed and unmanaged apps, and the unique data exposure risks posed by GenAI assistants and copilots. Learn how to:Discover and continuously assess SaaS and GenAI usage across your environment Protect sensitive data with granular, inline, and context-aware controls Apply consistent policies to managed, unmanaged, and AI-powered applications Partner with business stakeholders to securely accelerate SaaS and GenAI initiativesFor more information, check out our blog post. View past events in this series! Check out some customer questions below, or feel free to comment and continue the discussion! Q: Can you share best practices for GenAI apps control in RTP policy structure given new app connectors and capabilities?A: Discover
This document outlines the integration of Netskope Web Transaction Logs with Microsoft Sentinel on Azure US Government cloud using the Codeless Connector Framework (CCF). Separate templates are provided for comma-delimited and space-delimited blob data. This native integration provides near real-time visibility for effective threat hunting and incident management. To configure Netskope Log Streaming to send logs to your Blob storage please go through the article: https://docs.netskope.com/en/stream-logs-to-azure-blob ⚠️ Important: You can't restrict network access to your Azure Blob Storage account as per the official guidance from Microsoft.🏗️ Integration Architecture OverviewThe integration leverages several Azure services to ensure reliable and scalable log delivery: Netskope to Azure Storage Blob: Netskope pushes Web Transaction Logs into a customer-owned Azure Storage Blob Container (as gzipped CSV files). Event Grid Notification: Every time a new file (blob) is written, an auto
Anthropic’s Claude has gone from "the AI tool a few teams were experimenting with" to mission-critical infrastructure: Developers ship code with Claude Code. Analysts build entire workflows on Claude Projects. Platform teams run inference at scale through the Claude Platform. But here's the uncomfortable question: Do you have the same security governance over Claude that you have over Slack, Google Workspace, or Salesforce? If the answer is "not yet" — this post is for you.Netskope has built an integration with the Claude Compliance API, giving security and compliance teams visibility into Claude usage directly within the Netskope One Platform. This brings Claude Enterprise and Claude Platform activity under the same security umbrella as every other application in your stack.No new tools. No separate dashboards. The same console your team already uses. Let me walk you through what this looks like — and more importantly, why it matters.The Problem: AI Apps Are the New Shadow IT When
Author: Stevan PierceDate: May 8, 2026Modern security teams are stuck in an old debate.The business wants ChatGPT, Copilot, Cursor, Gemini, and the next AI assistant your CEO sees demoed at a conference. The security team sees prompts full of source code and customer PII heading to a third-party model, an MCP server nobody vetted suddenly connecting to your data lake, and an "AI Overviews" toggle that quietly turned a sanctioned search engine into a generative assistant overnight.The instinct is to block. Block the domain. Block the category. Send a stern email.It doesn't work. Blocking a sanctioned AI assistant doesn't make the data exfiltration risk go away. It just pushes the user to a personal account on their phone, where you have zero visibility. And the embedded AI in apps you've already approved? You can't block that without breaking the app.At Netskope, we faced this exact problem in our own environment. As Customer Zero, our security team not only secures Netskope but also p
In this 2 minute Ask SME Anything video you’ll discover how data lineage provides a visual roadmap of your data’s journey—revealing exactly how it moves, mutates, and who touches it along the way.Hear from Product Marketing Director, Ankur Chadda, as he explains how pairing lineage with your DLP strategy creates a powerhouse toolkit that ensures no data movement goes unnoticed.
It is early 2026, and the intersection of AI and security has moved past the "hype" phase into a high-stakes arms race. We are currently seeing a massive shift from simple chatbots to "Agentic AI"—autonomous systems that can take actions on your behalf—which has created entirely new categories of risk. There are different types of AI agents based on reasoning complexity, functional role, system architecture and maturity level. 1. Categorization by Reasoning StrategyThis defines the "cognitive" depth of the agent—how it processes information and makes decisions.Reflexive Agents: The simplest "Trigger-Action" bots. They follow "if-then" rules (e.g., a thermostat or a basic auto-responder). Chain-of-Thought (CoT) Agents: Use LLMs to break down a prompt into a linear sequence of steps before acting. Reasoning-First Agents (ReAct/Tree-of-Thought): These agents "think" before and during execution. They use patterns like ReAct (Reason + Act) to observe the result of an action and adjust their
In this special edition of our Inside Netskope series, our internal leadership team will share our Fusion Team Framework. Hear how we integrated security architects into IT delivery cadences to resolve decision-right friction at Netskope, and the Metrics/Artifacts that validated our shift.Our CIO and CISO will cover: The Fusion Team Framework: An analysis of the shared charter and decision-rights model used to align CIO and CISO priorities Architectural Integration: A look at embedding security architects directly into IT delivery cadences to eliminate deployment friction Operational Metrics: A review of real-world data, including UAR cycle-time compression and SLA compliance for JML (Joiner/Mover/Leaver) processes Governance Artifacts: A deep dive into orphaned account remediation rates and the technical documentation powering the shift from theory to practice For more information, check out this article. View past events in this series!
Objective: Develop a comprehensive guide for configuring SAML-based Single Sign-On (SSO) between PingFederate and the Netskope Admin Console.Overview: This documentation will outline the methodology for enabling secure administrative access to Netskope using PingFederate as the Identity Provider (IdP).Prerequisites: Netskope Tenant: Local administrator privileges are required to modify SAML settings within the Netskope console. PingFederate: Administrative access to the PingFederate environment to configure the Service Provider (SP) connection. Workflow:Step 1 - Click on Application button in the top barStep 2 - Once the application page loads, click on SP Connections.Step 3 - In the SP Connections, Click on Create Connection. A SP (Service Provider) Connection is a configuration set that allows PingFederate (acting as the Identity Provider or IdP) to securely communicate and share identity data with an external application or service.Step 4 - Select Do not use a template for this co
Objective: Develop a comprehensive configuration guide for SCIM provisioning between PingFederate and Netskope.Scope: This guide will detail the end-to-end process for automating user provisioning via the SCIM protocol.Prerequisites: Netskope: Administrative access to the local tenant is required to configure SCIM settings. PingFederate: Administrative privileges within the PingFederate environment to manage application integration. Workflow:Step 1 - Login to your PingFederate Application using your login credentials.Step 2 - If it's your first time login then you will be asked to reset your password. Else, continue to the next step.Step 3 - Once you login successfully, you will see the home screen. In the home screen, you will find all the required actions items. Step 4 - Now, before enabling the SCIM integration, we need a service account for the PingFederate application to communicate with the netskope tenant. Login to your tenant which needs to be integrated for SSO / SCIM. URL w
In this guide, the Netskope Red Team outlines its strategic framework for identifying and mitigating vulnerabilities within AI/LLM ecosystems. Given the unique challenges and threat landscape associated with AI and LLM systems, a specialized methodology is essential to ensure the robustness, integrity, and confidentiality of our AI-driven features and services.Our methodology is designed to be comprehensive, covering the entire lifecycle of the AI/LLM application — from data ingestion and model training to deployment and continuous monitoring. 1. Phased Approach to AI Security TestingSecurity testing for AI applications is structured into four distinct phases, ensuring thorough coverage of all potential vulnerabilities. Phase Description Key Activities Phase 1: Design and Data Security Review Focuses on the foundational security elements before model development. Data Sanitization review, Data governance policy review, Threat Modeling for Produc
LLMs in enterprises have evolved extremely fast. What started as simple chatbots answering questions has now become AI agents that can perform real actions: like reading files, querying databases. or sending messages in Slack.But early GenAI integrations were messy. If a developer wanted an AI model to connect to PostgreSQL, Slack, and the local filesystem, they had to build three separate connectors, each with its own authentication logic, API handling, data formatting, and error management.As companies scaled, this created a major problem: AI apps + more tools = exponentially more integrations.This is the classic N × M integration problem, and it quickly becomes impossible to maintain securely. To solve this, Anthropic introduced the Model Context Protocol (MCP) in late 2024.MCP is often described as the “USB-C for AI applications.” Instead of building custom connectors for every system, MCP provides a standard way for AI hosts to connect to external tools and data sources through M
We have two major releases to announce for our ServiceNow ecosystem — the brand-new Netskope CMDB Integration app, now available on the ServiceNow Store, and version 3.0 of the Netskope SecOps (SIR) app, which brings significant new capabilities to security operations workflows.Whether you're an IT operations team looking to bridge your CMDB with Netskope's Zero Trust visibility, or a SOC team wanting richer incident response automation — there's something here for everyone. PART 1 — NEW APP Introducing the Netskope CMDB Integration AppThe Netskope CMDB Integration app is a first-of-its-kind release that connects Netskope's Security Service Edge (SSE) platform directly to ServiceNow's Configuration Management Database. This app is purpose-built for IT and security operations teams who want Netskope's asset, policy, and access data living natively within their ServiceNow CMDB — no custom scripts, no middleware, no manual exports. 1. Private App Bidirectional SyncThe CMDB app supports
Hear from our security engineers as they demonstrate how CE's three integration pillars of Cloud Threat Exchange (CTE), Cloud Ticket Orchestrator (CTO), and Cloud Risk Exchange (CRE) connect Netskope to the tools we already rely on, turning isolated signals into coordinated, automated action.Learn how to: Automatically ingest curated threat feeds and STIX-formatted IOCs from Feedly's AI-powered intelligence engine and any TAXII-compliant source Bidirectionally share email-borne threat indicators from Mimecast and endpoint-detected IOCs from CrowdStrike Falcon Propagate AWS infrastructure threat findings from GuardDuty and supply chain risk signals from GitHub directly into Netskope's threat intelligence pipeline Feed Mimecast email threat signals into Netskope's User Confidence Index (UCI), dynamically adjusting cloud access policies For more information, check out our blog post. View past events in this series! Check out some customer questions below, or feel free to comment
This is a demo covering how Netskope provides full visibility, control, and protection for genAI app usage. Learn more.
This is a demo of the Netskope One Agentic Broker, which provides unified visibility and real-time protection for the autonomous AI ecosystem by decoding and securing Model Context Protocol (MCP) traffic between AI agents and data sources. Learn more about Netskope One Agentic Broker.
Netskope One AI Guardrails provides real-time content moderation for every interaction, securing the enterprise against emerging AI-specific threats including prompt injection and jailbreak attempts, and unsafe use. Learn more.Netskope One AI Gateway secures the API traffic fueling your AI-powered applications. By centralizing authentication, traffic management, and content inspection between private apps and LLMs, we ensure autonomous agentic data flows remain governed and secure. Learn more.
Already have an account? Login
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.