Customer Success Webinar: Securing AI Environments with Netskope One AI Guardrails
Education, Training, Certification, and Thought Leadership
Recently active
If DLP is not utilized in the right manner, the Admin is in for a nightmare with the number of alerts they would receive every single day. Netskope’s DLP has an extensive suite of offerings, with respect to detection of content and object types, to help eliminate this risk. Hear from our security team as they discuss how to use Netskope DLP to effectively allowlist and minimize false positives. Learn how to: Create effective DLP policies per your organization's situation Build processes to identify DLP exceptions within your organization Utilize different techniques to Allowlist the DLP exceptions Use Netskope’s Cloud Exchange for Allowlisting Check out our blog for more information!
Introduction In my previous post I introduced the Netskope Provider for Terraform and showed you how it can be used to deploy publishers and applications inside of a Netskope tenant. While I think this capability on it's own is extremely exciting, I know we can do better. When looking at creating automation for Netskope, our goal was always to ensure a new publisher including the underlying infrastructure could be managed in the same configuration. In fact this concept is one of the primary reasons that we choose to use Terraform as our initial entry into Infrastructure as Code(IaC). In this post I will expand upon what we introduced previously by walking you through how to use the Terraform Module for automating Netskope Publishers running in Amazon EC2. This should be fun! What is a module? For those that are new to Terraform let me start by explaining what a module is. The definition of a module is something along the lines of 1 or more .tf configuration files i
In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on protecting lost/stolen managed devices with Netskope Client can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Can a client be flagged as stolen via API?A: The client cannot be directly flagged as stolen via API, but you can use APIs to move users or devices between groups. This will have to be done within the Groups section and not with the client directly. Q: How to setup monitoring and tracking of stolen devices? Also, can we pinpoint the location of the lost/stolen device?A: If the device comes back online and connects back to the tenant, we can get all of the location data (wifi connected to, geographic location, etc.). Regarding how to setup monitoring and tracking, the presentation covers quite a few use
In this article, we will cover how to silent deploy the Netskope Client on Mac devices using IDP enrollment mode with Jumpcloud MDM. Prerequisite: SAML Forward Proxy integration with Jumpcloud as an IDP must be configured prior to deploying the Netskope Client. Configuration Steps 1 - Install Netskope CertificatesDownload both certificates from the Netskope Tenant on Settings > Manage > Certificates > Signing CA: Jumpcloud allows you to choose only one certificate per policy. Follow the steps off the link Create a Mac or iOS Install Certificate Policy and create two certificate policies on Jumpcloud. One for the Netskope Root Certificate and one for the Netskope Intermediate Certificate: Approve System Extension and Network ExtensionCreate a new Jumpcloud policy following the steps of the link Create Mac System Extension Policy to Approve the System Extension and use the following details on the policy:In the latest SO versions it is necessary to check the System extension
Hear from our Product Management and Product Adoption leads as they cover the latest platform updates from Release 118, 119, and 120. Key product updates:Site, User—App Synthetic Monitoring for Web Apps and Custom Web Applications E2E Encrypted App Inspection and AI generated insights for CCI attributes (CCI copilot) Enhanced risk profiling for 3rd party applications—Workday, Entra ID, and Google Workspace Expanded App Coverage for Box, Slack, ServiceNow, and Cisco Webex on a new NG CASB API platform Comprehensive categorization and classification insights for URLs, domains, and IPs using the URL lookup API for SWG Malware workflow for submitting false positive and allowlisting Reset UEBA UCI score to 1000 for use-cases such as role changes and test users Leverage MIP and Box Labels for DRM Integration for Classification Provide visibility into custom classifier performance, including insights into the training data Endpoint DLP Printer Content Control Support for AIP/MIP Sensitivi
This Azure Bicep template facilitates the automated deployment of Netskope Publisher instances in Azure environments. It's designed to streamline the deployment process for DevOps teams, enabling quick and consistent Publisher setups while following infrastructure-as-code best practices.This can be a key item on how to achieve ZTNA in PaaS environments: You can check out the files here: https://github.com/Mitsj0l/nskpub_azureSupported Functions ✨Azure Integration: Automated deployment of Netskope Publisher Marketplace VMs Integration ready for Azure Pipelines End-to-end deployment in 3-4 minutes Network Management: Support for existing networking components VNet, Subnet, and NSG integration Option to create new or use existing network components Security & Configuration: Secure parameter handling through dedicated parameter files API token and SSH key management Cloud-init based post-deployment setup Automated Publisher registration with Netskope tenant Project Structure
Elevate your network monitoring and user experience with the advanced capabilities of P-DEM Enterprise. Thierry Notermans, Product Management Director for Proactive Digital Experience Management (P-DEM), demonstrates the innovations introduced with P-DEM Enterprise using three key use cases. Learn how to: Monitor onramp, app performance, and user experience from sites connecting to Netskope via SD-WAN, SASE gateways or private connectivity Monitor any application, from over 80K predefined apps or any custom web-based application, including synthetic application monitoring for how apps are performing Streamline operations and deliver a cohesive, transformative monitoring experience with the integration of Real User Monitoring (RUM) and Synthetic Monitoring Get a consistent 360-degree view of digital experiences across the entire path from users to apps
Unveiling Netskope Proactive Digital Experience Management (P-DEM) Enterprise, a groundbreaking solution that delivers unmatched end-to-end insights and user experience monitoring within SASE and SD-WAN environments. Discover how P-DEM Enterprise eliminates blind spots, provides complete transparency across your entire network, and empowers you to optimize performance at every stage. Key Takeaways:Discover groundbreaking innovations like site-specific, user-specific, and app-specific monitoring that deliver a comprehensive 360-degree view of your digital experience. Learn how advanced contextual visibility and AI/ML-driven insights accelerate troubleshooting and reduce operational costs. Explore how this solution enhances workforce productivity, reduces operational friction, and delivers significant cost savings through proactive monitoring and remediation.
Overview Forward Proxy Authentication (FPA) ensures secure access to cloud applications by requiring SAML-based authentication via an intermediary server that allows organizations to enforce granular authentication policies. Netskope’s FPA allows integration of multiple Identity Providers (IdPs) based on criteria like access methods (IPsec, GRE, Cloud Explicit Proxy, NS Client Enrollment) and network location, enabling flexible and secure user authentication management. Organizations can maintain existing SAML setups while utilizing Netskope’s enhanced authentication features, supporting multiple concurrent IdPs to match specific conditions for robust security and control. Configuration in PingOne Login to the PingOne Admin Console. Navigate to Applications > Application Catalog. Search the Application Catalog for Netskope Client Enrollment and click + Add Instance. Enter temporary values into the ACS URL and Entity ID fields, like https://pingone.com and https://pingone.com
This article is going to cover how to leverage PingOne for SCIM Provisioning via PingOne. SCIM Provisioning Netskope supports provisioning of users and user groups authenticated via Ping Identity. The Netskope SCIM app supports the following: Push New Users: New users created through Ping Identity will also be created in NetskopePush Groups: Groups created through Ping Identity will also be created in NetskopePush Profile Updates: Updates made to the users profile through Ping Identity will also be pushed to NetskopePush User Deletion: Deleting a user in Ping Identity will also delete the user in Netskope.By default a user disabled in Ping Identity will be deleted in Netskope. Configuration Steps Configuration in Netskope Login into your Netskope Admin Console. Select Settings in the lower left. Select Tools > REST API v2. Ensure REST API Status is enabledSelect New Token and enter an appropriate name. Select a token expiry duration (To ensure the security and reliability of your
In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Automation of IOC Hunting and Continuous Monitoring using Cloud Threat Exchange can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Are new IOCs hunted against historic data? Or, only on new events after IOC is known?A: Yes, that's the beauty of this workflow is that it's not just updating tools with new IOCs but it's looking to determine whether we've seen that IOC before. Once we know that it is an indicator of compromise, it looks back to see if anything has happened and alerts an analyst immediately as soon as it finds something. Q: Can you integrate Cortex XDR with Netskope? If so, how?A: Yes, via Cloud Exchange. Check out this doc for more information. Q: Do you have SentinelOne Integration?A: Absolutely!
Hear from our security team as they discuss how Cloud Threat Exchange is implemented within Netskope to streamline the automated integration of IOCs with a ticketing system and perform continuous monitoring. Key topics covered:Cloud Threat Exchange Integration with multiple security tools and technologies such as Netskope, SIEM, EDR, etc. Automation of IOC ingestion from ticketing platforms such as Jira into Github repo The plugin to Ingest IOC's from Github to Cloud Exchange And real-time monitoring of these IOCs (continuous monitoring)
Recently I stumbled upon an interesting campaign carried out by a threat actor dubbed Dark Pink and characterized by the exploitation of a legitimate cloud service, GitHub, to host the malicious payload. GitHub is a well-known service, categorized as "Development Tools" and "Technology" within the Next Gen SWG, and for which a dedicated connector allows to enforce granular security policies in terms of adaptive access control, DLP and threat protection. However, it is common for threat actors to abuse even less-known cloud services for malicious purposes such as malware distribution, command and control and data exfiltration, and the above campaign is no exception. As a matter of fact in the above mentioned case, the attackers exploited an additional less-known cloud service, textbin[.]net, to deliver the malicious payload. Netskope customers are protected out-of-the-box from the malicious exploitation of textbin[.]net as this service is already classified as "Secur
Netskope Client & Managed DevicesNetskope offers multiple steering mechanisms and the Netskope Client is the most recommended option due to its operating nature and the available feature list. The Netskope Client is a lightweight application which can be installed on a managed device and it can be used to steer traffic from the device to Netskope Security Cloud. It provides real-time visibility of the managed devices accessing the cloud and web from any location. The Client uses Forward Proxy Steering mechanism where the Client creates an SSL tunnel from the end device and terminates it at the Netskope forward proxy in the Cloud.So when the mode of steering is Netskope Client, all managed devices are expected to have the Netskope Client installed. In the context of this blog, a device is classified as managed if it has the Netskope Client installed. In this post, let us discuss the possible settings and changes which can be made in the Netskope tenant to accommodate a Lost/Stolen m
Check out the demo to get a sneak peek into the advanced capabilities launched with the Kadiska integration at the core of our Proactive DEM! Proactive Digital Experience Management (Proactive DEM) Enterprise offers a powerful site-centric view that when combined with user monitoring, helps pinpoint the source of user experience issues—whether at a specific site, connecting to the Netskope NewEdge POP, or the ISP. This ensures full performance visibility, empowering organizations to achieve unparalleled visibility, optimize performance, and elevate user experience across their network infrastructure.
We want to restrict user to upload any code to GitHub. They can only download the code from it.
In case you missed the latest webinar in our Inside Netskope series—where Netskope experts show you how we protect our users, applications, and data using our own cloud-based architecture—a recording and recap of our recent session on Effective Allowlisting with Netskope DLP can be found below. Feel free to comment and continue the discussion! 📽 Watch on-demand 🍿 Q: Is advanced DLP techniques a new licensing?A: Exact Data Match and Fingerprinting are both included in the Advanced DLP license, so you only need ADLP to use these features. Q: Can you share some of the most prevalent DLP use cases that you've encountered? This will help us close any gaps that we may have overlooked.A: DLP policies are rarely a "set and forget". It's always a continuous learning and adjusting as our technology adjusts, as document formatting changes, etc. The only consistent is change, so we always go back and tune them as needed. Common use cases for Inline DLP include:1.) Block encrypted zip files with
Background Q. How do you enforce Netskope Client adherence without impacting SAML flows after authentication?A. Netskope Client Enforcement. Netskope Client Enforcement is used to “enforce” the compliance of having a Netskope client enabled and connected to a tenant for accessing SaaS applications using Identity Providers (IdP) such as Okta. This includes IdP or Service Provider initiated connections, i.e. logging into Okta to access a SaaS application or logging into the SaaS application directly. Netskope Client Enforcement should be differentiated from other methods of steering real-time traffic to the Netskope tenant for the processing of policies; policies such as Next-Generation Software Web Gateway (NG-SWG), Data Loss Prevention (DLP), Netskope Private Access (NPA), User Enhanced Behavior Analytics (UEBA), Cloud FireWall (CFW), and so on, all of which are designed to protect an organization. Netskope Client Enforcement also enables end users to protect corporate resources th
This article is going to cover how to leverage Onelogin for Netskope Client Authentication via SAML, as well as how to use SCIM Provisioning with Onelogin. SCIM Provisioning Netskope supports provisioning of users and user groups authenticated via OneLogin. The Netskope SCIM app supports the following:Push New Users: New users created through Onelogin will also be created in Netskope Push Groups: Groups created through Onelogin will also be created in Netskope Push Profile Updates: Updates made to the users profile through Onelogin will also be pushed to Netskope Push User Deletion: Deleting a user in Onelogin will also delete the user in Netskope Push User Suspension: By default a user suspended in Onelogin will be deleted in Netskope, If the provisioning configuration in the Netskope Onelogin App is set to Suspend. If you would like suspended users to continue to exist in Netskope, set the provisioning configuration in the Netskope Onelogin app to Do Nothing. Netskope Configuratio
A best practices recommendation guide from Netskope’s Customer Zero teamIt brings the Customer Zero team great joy in connecting with the security community with some best practices of how we do what we do at Netskope to protect critical applications and data. In this blog post, let us look at how we have achieved to bring the security posture score of some SaaS apps to an excellent level with regard to Netskope’s Security Posture Management product offering. SSPM performs continuous evaluation of connected SaaS applications for security posture, and ensures that these applications are configured securely and in compliance with regulatory requirements such as GDPR, ISO, NIST, CSA and so on. Step 1 - Set up the SSPM policiesThe Netskope Security administrators can set up policies under Security Posture based on the configurations and settings to assess. The product comes with a predefined set of policies which can be used as a baseline to start the process as well. Step 2: Establish co
I just passed my Netskope NSK101 exam; however, I don't know where to download my certificate or which page I need to link my partner account with Pearson VUE to obtain my certificate. Can someone please help me with this issue?
Hear from our Product Management and Product Adoption leads as they cover the latest platform updates from Release 115, 116, and 117. Key product updates:Local Broker for On-Premises ZTNA - How to enforce policies locally instead of routing traffic through Netskope Cloud Device Classification (DC) - Additional device classification labels/profiles that can be associated with real-time policies Remote Browser Isolation (RBI) - Added 42 more web categories in extended RBI to support isolation of more user traffic. Configuration options are expanded with fallback action configuration and browser source criteria Data Protection - Enhanced protection by adding Bluetooth support for Windows Endpoint DLP and improving unicode support and image text OCR classification Threat Protection - Now scans cloud emails with API connectors to add an additional layer of protection against phishing Secure Web Gateway - Enhanced policy management and filtering and introduced an API for URL category looku
OverviewThis article encompasses a detailed step by step guide for configuring and deploying Netskopes Borderless SD WAN in Azure and achieving High Availability and Load Sharing with the Azure Route Server. Use CaseThe use case for this scenario is having always-on connectivity for your Azure Workloads to Netskopes Next GEN Secure Web Gateway for workstation internet access. With this use case, workstations deployed within a single VNET or across multiple VNETs can have secure connectivity to the Netskope platform. BGP is utilized to provide resiliency, symmetry and load sharing across Netskope Borderless WAN Gateways in the Azure cloud. ArchitectureIn the above architecture I have 2 Network Virtual Appliances that are the Netskope SASE Gateways. Each Gateway VM is performing an EBGP peering relationship with the Azure Route Server. The Netskope Gateways are each advertising a default route that will later be used to perform ECMP and High Availability for the workloads inside your V
Already have an account? Login
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.