Skip to main content
  • EN

Learn

Education, Training, Certification, and Thought Leadership

187 Topics
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Unleashing the Power of Proactive DEM Enterprise

Check out the demo to get a sneak peek into the advanced capabilities launched with the Kadiska integration at the core of our Proactive DEM!  Proactive Digital Experience Management (Proactive DEM) Enterprise offers a powerful site-centric view that when combined with user monitoring, helps pinpoint the source of user experience issues—whether at a specific site, connecting to the Netskope NewEdge POP, or the ISP. This ensures full performance visibility, empowering organizations to achieve unparalleled visibility, optimize performance, and elevate user experience across their network infrastructure.   

390
aplaza
Netskope Employee
4 months ago
J
javachhaniNew Member
posted in Netskope Academy / Training Discussions
How to block user to upload code on GitHub

We want to restrict user to upload any code to GitHub. They can only download the code from it.  

1351
zywong
Netskope Partner
4 months ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Inside Netskope: Session 06 Recap - Effective Allowlisting with Netskope DLPInside Netskope

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Effective Allowlisting with Netskope DLP can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Is advanced DLP techniques a new licensing?A: Exact Data Match and Fingerprinting are both included in the Advanced DLP license, so you only need ADLP to use these features. Q: Can you share some of the most prevalent DLP use cases that you've encountered? This will help us close any gaps that we may have overlooked.A: DLP policies are rarely a "set and forget". It's always a continuous learning and adjusting as our technology adjusts, as document formatting changes, etc. The only consistent is change, so we always go back and tune them as needed. Common use cases for Inline DLP include:1.) Block encrypted zip files with

1860
ukrishna
Netskope Employee
4 months ago
S
Netskope Employee
stevanNetskope Employee
posted in Inside Netskope
Netskope Client Enforcement: A Security Practitioner's Perspective

Background Q. How do you enforce Netskope Client adherence without impacting SAML flows after authentication?A. Netskope Client Enforcement. Netskope Client Enforcement is used to “enforce” the compliance of having a Netskope client enabled and connected to a tenant for accessing SaaS applications using Identity Providers (IdP) such as Okta. This includes IdP or Service Provider initiated connections, i.e. logging into Okta to access a SaaS application or logging into the SaaS application directly. Netskope Client Enforcement should be differentiated from other methods of steering real-time traffic to the Netskope tenant for the processing of policies; policies such as Next-Generation Software Web Gateway (NG-SWG), Data Loss Prevention (DLP), Netskope Private Access (NPA), User Enhanced Behavior Analytics (UEBA), Cloud FireWall (CFW), and so on, all of which are designed to protect an organization. Netskope Client Enforcement also enables end users to protect corporate resources th

6453
S
Netskope Employee
4 months ago
T
Netskope Employee
twillisNetskope Employee
posted in Blogs
Netskope Client Integration with OneLogin

This article is going to cover how to leverage Onelogin for Netskope Client Authentication via SAML, as well as how to use SCIM Provisioning with Onelogin. SCIM Provisioning Netskope supports provisioning of users and user groups authenticated via OneLogin. The Netskope SCIM app supports the following:Push New Users: New users created through Onelogin will also be created in Netskope Push Groups: Groups created through Onelogin will also be created in Netskope Push Profile Updates: Updates made to the users profile through Onelogin will also be pushed to Netskope Push User Deletion: Deleting a user in Onelogin will also delete the user in Netskope Push User Suspension: By default a user suspended in Onelogin will be deleted in Netskope, If the provisioning configuration in the Netskope Onelogin App is set to Suspend. If you would like suspended users to continue to exist in Netskope, set the provisioning configuration in the Netskope Onelogin app to Do Nothing.  Netskope Configuratio

3070
T
Netskope Employee
5 months ago
M
Netskope Employee
madhurasridharNetskope Employee
published in Inside Netskope
Best Practices for password protection using Netskope DLPBlog

The Data Loss Prevention product at Netskope offers a wide variety of options to customize and deploy rules that can be used in Realtime, API protection, SMTP proxy and Endpoint policies. The granular level of detailing helps information security engineers to fine tune the rule as much as possible to avoid false positives and false negatives. The same approach applies for password protection too. Passwords act as the first line of defense against unauthorized access. Strong password protection is essential for safeguarding company data, maintaining compliance, and preventing unauthorized access. In the customer zero program at Netskope, our team has been extensively working on training the DLP rules, analyzing the false positive incidents, ensuring that the DLP rules cover different types of passwords (common, contextual, secure and so on) by actively collaborating with the relevant product teams. After some intensive training and testing, here’s the recommended DLP rule for password p

8052
M
Netskope Employee
5 months ago
M
Netskope Employee
madhurasridharNetskope Employee
published in Inside Netskope
How to get to an excellent posture score for a SaaS app with Netskope Security Posture ManagementBlog

A best practices recommendation guide from Netskope’s Customer Zero teamIt brings the Customer Zero team great joy in connecting with the security community with some best practices of how we do what we do at Netskope to protect critical applications and data. In this blog post, let us look at how we have achieved to bring the security posture score of some SaaS apps to an excellent level with regard to Netskope’s Security Posture Management product offering. SSPM performs continuous evaluation of connected SaaS applications for security posture, and ensures that these applications are configured securely and in compliance with regulatory requirements such as GDPR, ISO, NIST, CSA and so on. Step 1 - Set up the SSPM policiesThe Netskope Security administrators can set up policies under Security Posture based on the configurations and settings to assess. The product comes with a predefined set of policies which can be used as a baseline to start the process as well.  Step 2: Establish co

1540
M
Netskope Employee
5 months ago
C
Carlos21New Member
asked in Netskope Academy / Training Discussions
¿ How i can get my NSK101 Certificate ?

I just passed my Netskope NSK101 exam; however, I don't know where to download my certificate or which page I need to link my partner account with Pearson VUE to obtain my certificate. Can someone please help me with this issue?

1691
psibalde
Netskope Employee
5 months ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Quarterly Product Release Webinar - July 2024

Hear from our Product Management and Product Adoption leads as they cover the latest platform updates from Release 115, 116, and 117.  Key product updates:Local Broker for On-Premises ZTNA - How to enforce policies locally instead of routing traffic through Netskope Cloud Device Classification (DC) - Additional device classification labels/profiles that can be associated with real-time policies Remote Browser Isolation (RBI) - Added 42 more web categories in extended RBI to support isolation of more user traffic. Configuration options are expanded with fallback action configuration and browser source criteria Data Protection - Enhanced protection by adding Bluetooth support for Windows Endpoint DLP and improving unicode support and image text OCR classification Threat Protection - Now scans cloud emails with API connectors to add an additional layer of protection against phishing  Secure Web Gateway - Enhanced policy management and filtering and introduced an API for URL category looku

3440
aplaza
Netskope Employee
5 months ago
M
Netskope Employee
mgulledgeNetskope Employee
posted in Blogs
Achieving High Availability for Azure Workloads using Netskope Borderless WAN and BGP

OverviewThis article encompasses a detailed step by step guide for configuring and deploying Netskopes Borderless SD WAN in Azure and achieving High Availability and Load Sharing with the Azure Route Server.  Use CaseThe use case for this scenario is having always-on connectivity for your Azure Workloads to Netskopes Next GEN Secure Web Gateway for workstation internet access.  With this use case, workstations deployed within a single VNET or across multiple VNETs can have secure connectivity to the Netskope platform. BGP is utilized to provide resiliency, symmetry and load sharing across Netskope Borderless WAN Gateways in the Azure cloud. ArchitectureIn the above architecture I have 2 Network Virtual Appliances that are the Netskope SASE Gateways. Each Gateway VM is performing an EBGP peering relationship with the Azure Route Server. The Netskope Gateways are each advertising a default route that will later be used to perform ECMP and High Availability for the workloads inside your V

2420
M
Netskope Employee
6 months ago
M
Netskope Employee
mgulledgeNetskope Employee
asked in Blogs
Achieving High Availability for Azure Workloads using Netskope Borderless WAN and BGP

OverviewThis article encompasses a detailed step by step guide for configuring and deploying Netskopes Borderless SD WAN in Azure and achieving High Availability and Load Sharing with the Azure Route Server.  Use CaseThe use case for this scenario is having always-on connectivity for your Azure Workloads to Netskopes Next GEN Secure Web Gateway for workstation internet access.  With this use case, workstations deployed within a single VNET or across multiple VNETs can have secure connectivity to the Netskope platform. BGP is utilized to provide resiliency, symmetry and load sharing across Netskope Borderless WAN Gateways in the Azure cloud. ArchitectureIn the above architecture I have 2 Network Virtual Appliances that are the Netskope SASE Gateways. Each Gateway VM is performing an EBGP peering relationship with the Azure Route Server. The Netskope Gateways are each advertising a default route that will later be used to perform ECMP and High Availability for the workloads inside your V

1040
M
Netskope Employee
6 months ago
Ccapali
Netskope Partner
CcapaliNetskope Partner
asked in Netskope Academy / Training Discussions
¿ How i can get my NSK101 Certificate ?

I just passed my Netskope NSK101 exam; however, I don't know where to download my certificate or which page I need to link my partner account with Pearson VUE to obtain my certificate. Can someone please help me with this issue?

1343
Rohit_Bhaskar
Netskope Employee
6 months ago
M
Netskope Employee
madhurasridharNetskope Employee
published in Inside Netskope
Inside Netskope: Session 05 Recap - Using Layered Protections for SaaS Applications

In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Using Layered Protections for SaaS Applications can be found below. Feel free to comment and continue the discussion!  📽 Watch on-demand 🍿 Q: Do you have any book or links for reading materials needed to perform at my duties professionally?A: In relation to this topic specifically, we have a corresponding Community post for the three products we discussed during the presentation that talk about how we use layered protections for SaaS Applications as well as recommendations.Security posture for Workday application at Netskope Security posture for Github application at Netskope Security posture for Salesforce application at NetskopeDocs.Netskope is also a great place to get additional information and use cases. Q: Can Netskope be applied together with SI

860
M
Netskope Employee
6 months ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Inside Netskope 05: Using Layered Protections for SaaS ApplicationsInside Netskope

Hear from our security engineers on how they use different Netskope products to holistically secure SaaS apps to improve the security coverage and posture of an organization. Layered Protection for SaaS apps [Salesforce, Github, Workday] at Netskope:Client Enforcement - Access to Salesforce allowed only when connecting with a Netskope client that is registered with the production Netskope tenant Realtime and API protection policies for confidential data [PII, PCI, passwords, API security keys] Security Posture Management - Compliance standards and rules are checked against the configurations of Salesforce, so that any vulnerabilities and threats are remediated by Salesforce admins Endpoint DLP Protection - File origin policy to block movement of data downloaded from Salesforce to unsanctioned external storage devices User Behavior Analytics - Bulk downloads, failed logins, access from risky countries, suspicious download, and delete are some of the alerts we monitor and investigate Che

1320
aplaza
Netskope Employee
6 months ago
M
Netskope Employee
madhurasridharNetskope Employee
posted in Inside Netskope
Security posture for Github application at Netskope

GitHub is a web-based platform that provides hosting for software development projects utilizing the Git version control system. It serves as a collaborative platform for developers to work together on code, track changes, manage projects, and host their code repositories. GitHub allows developers to create and maintain repositories, which are containers for code and related resources. These repositories can be either public, allowing anyone to view and contribute to the code, or private, restricting access to a selected group of individuals or organizations.   There are some security challenges that we as the Customer Zero team are trying to address for Github. The premise behind the security posture is considering sensitive data movement, malicious repositories, code injection and leakage, ensuring appropriate access controls and permissions. We are currently monitoring and securing access to Github internally with a breadth of products that are developed and maintained by the d

4765
T
6 months ago
S
Netskope Employee
stevanNetskope Employee
published in Inside Netskope
Salesforce Reverse Proxy Using Okta as the IDP

A Security Practitioner's PerspectiveThis article will walk you through the setting up of Reverse Proxy(RProxy) for Salesforce (SFDC) using Okta as the Identity Provider (IDP). There are RProxy limitations which should be noted as it will greatly affect its use within the organization and subsequent effective use within Real-Time Policies (RTP). For example, RProxy might appear to function correctly but activities with desktop applications might be restricted or bypass RProxy altogether.Since RProxy is meant to provide another real time steering method for machines or devices which do not have the Netskope client enabled, it is imperative to understand its limitations and plan accordingly.Additionally, RProxy should be implemented as the last method of deploying other real time access methods since it sits between the IDP and the application. The exception to this is implementing RProxy as a Service (RPaaS). RPaaS is an application that sits in an SaaS service that also has a built in

2830
S
Netskope Employee
6 months ago
R
Netskope Employee
ruthreshmNetskope Employee
posted in Blogs
Borderless WAN Hub Deployment & Configuration

Borderless WAN Hub Deployment & Configuration [Note] : The below setup is suitable with Meraki/Juniper Infrastructure BWAN Orchestrator tenant creation requires request to be opened with respective account representative (this document contains reference images from the test tenant portal)  Step1: BWAN Hub Deployment [with Model: NSG-1500] This device needs two ports configured on a Network - GE1 and GE2  GE1 port will be uplink to Meraki/Direct ISP and Wired connectivity Public IP: The public IP of the WAN interface must be explicitly configured in the Hub. This is the IP to which the Client will initiate the tunnel.  GE2 port will be Wireless connectivity GE1 - Port Configuration 1. Login to BWAN Orchestrator Portal  Login to BWAN Orchestrator Portal GE2 port will be Wireless connectivity GE1 - Port Configuration GE1 - Port Configuration : Activation Steps1. Login to BWAN Orchestrator Portal  2. Go to Dashboard > Manage and click (+)plus: sign to create Gateways 3. Select the

3910
R
Netskope Employee
6 months ago
E
erwingdavidNew Member
asked in Inside Netskope
syslogs on fowarder

can i send syslog to a forwarder who is on premise?

991
Rohit_Bhaskar
Netskope Employee
7 months ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Making Netskope Cloud Exchange Highly AvailableBlog

The Netskope Cloud ExchangeNetskope offers an interesting solution to solve this use case and that is the Netskope Cloud Exchange (also referred to as Netskope CE). It is a free offering from Netskope with which organizations can share their IoC information between their security tools using the Threat Exchange, use the Log Shipper to import transaction logs from Netskope, use the Ticket Orchestrator to relay alerts to ticketing services and use the Risk Exchange to exchange risk scores between multiple sources. It can be installed and run in a Linux Docker environment by each customer on their own. You can read more about Netskope Cloud Exchange here. As mentioned above, there are four main modules offered with the Netskope Cloud Exchange: the Log Shipper, Ticket Orchestration, Threat Exchange, and Risk Exchange. All the modules are hosted and run in a single docker environment. Make sure you go through the system requirements once before you provision your infrastructure for the Clou

2430
ukrishna
Netskope Employee
7 months ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Access Control based on OS & Browser Versions using HTTP HeadersBlog

Why control access based on versions?In recent times, it’s well known that there are multiple vulnerabilities cropping up every single day for different applications and operating systems. Applications and operating systems creators are trying their best continuously to patch these vulnerabilities with newer and updated versions of their softwares. In an enterprise defensive setup, making sure that all applications and operating systems are up to date has become more important than ever. The two main entities which need to be monitored for updates aggressively should be Browsers and Operating Systems as a lot of internet access for users traverses via Browsers and every user would be on a machine which has to run an Operating System. There are several tools which help an organization to force-update their browsers and operating systems within a specific time & date. The forced-update method is an effective solution but is kind of an aggressive route as it might lead to unintentiona

9153
ukrishna
Netskope Employee
7 months ago
ukrishna
Netskope Employee
ukrishnaNetskope Employee
published in Inside Netskope
Inside Netskope: Session 04 Recap - Using the Netskope Client to Enforce Browser Updates

In case you missed the fourth webinar of our new Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Using the Netskope Client to Enforce Browser Updates can be found below. Feel free to comment and continue the discussion!  📽 Watch on-demand 🍿 Q: What about other browsers such as brave or duckduckgo? Do you guys lay down the law and block those for your org?A: There's a sizable list of supported browsers. If you hit your real-time policy and select "criteria" > select browers, you can see all the browsers that are currently supported.  Q: Is this a subscription service?A: If you are a Netskope customer and utilize SWG with real-time policies, there's no additional fees for this.  Q: Can you make it any website, not just specific GitHub or something?A: Yes, we can do this for any website.  Q: Would it be possible to add enterprise browsers like

1830
ukrishna
Netskope Employee
7 months ago
aplaza
Netskope Employee
aplazaNetskope Employee
published in Video Library
Inside Netskope 04: Using the Netskope Client to Enforce Browser UpdatesInside Netskope

Hear from our Security Engineers on how a Netskope Admin can use the Netskope Client to “enforce” users to update their browsers to the latest version and help improve the overall security posture of an organization. Learn how to:Understand HTTP Headers Define device and browser posture with HTTP Headers Create HTTP Header Profiles Create Real-time policies to passively remind users based on device posture Check out our blog for more information!

2330
aplaza
Netskope Employee
7 months ago
W
walterpiersonNew Member
posted in Netskope Academy / Training Discussions
NSK200 Exam - Suggestion Required

Currently, I am preparing for my Netskope Cloud Security Certification Program NSK200 exam. I joined online forums and communities and got knowledge from experts. I took the Netskope Cloud Security Certification Program NSK200 practice test and it was helpful. By taking this practice material I noticed a huge improvement in my concepts related to the final test. Now I feel that after practicing with this practice test material I can perform better in the final exam. Does anyone want to share other resources regarding NSK200 exam preparation? 

2663
jenhenry
Netskope Partner
8 months ago
MetgatzNK
Netskope Partner
MetgatzNKNetskope Partner
posted in Netskope Academy / Training Discussions
NSK200 - Integrator Exam Recommendations

NSK200 - Integrator Exam Recommendations Hello community, I hope you are doing well. I am about to take my NSK200 exam and I wanted to know if you have any tips, recommendations, advice, etc. I have already taken the official courses, path, roapmap, read the documentation, taken the sample exam, validated the blueprint, etc, all the official stuff, links, docs, bluepints, etc. I am still reviewing the Self paced E learning courses again and also reviewing the guides. Do you have any recommendations for the exam that you can and are valid to share. Thank you for your time and cooperation, I remain attentive. Regards

1873
jenhenry
Netskope Partner
8 months ago
D
dana89New Member
asked in Netskope Academy / Training Discussions
Integration netskope with dynobird online database design

Hi i want to create integration Public Cloud Security netskope with our  database design tool online  at dynobird.comCan any one give me advice what can must i start to learn ?

150
D
8 months ago

Badge winners

Show all badges
Terms & ConditionsCookie settings