Skip to main content

- - Articles Overview
Learn
Product Release Notes
Groups
Events
Support

EN

Total Economic Impact Study: The Business Impact of Netskope SSE

2 days ago

Home
Learn

Learn

Education, Training, Certification, and Thought Leadership

190 Topics

Recently active

Most replies Most views Newest first

ematcheyNetskope Employee

posted in Video Library

Dimensions & Measures

"Dimensions" and "measures" are two fundamental elements of Advanced Analytics. While "dimensions" represent characteristics and attributes of the data, "measures" are anything you can quantify, or as the name implies, anything you can measure. This video will show you how to use dimensions and measures in Advanced Analytics dashboards.

ematcheyNetskope Employee

posted in Video Library

Copy Dashboards & Widgets

Pre-defined dashboards and widgets are located in Netskope Library, and cannot be edited until you save them to your own folders. This video will show you how to copy and save dashboards and widgets from the library to your personal and group folders for further customizations.

ematcheyNetskope Employee

posted in Video Library

Migrating Reports

During the trial period, users are able to switch between the classic report platform and the Advanced Analytics platform. This video will show you how to migrate existing classic reports to you Advanced Analytics folder.

rbutlerNetskope Employee

posted in Inside Netskope

Remote Browser Isolation on Demand for the SOC

As a company, we have deployed and continue to utilize Remote Browser Isolation to browse unknown or questionable sites based on web categories in a ‘safely allow’ posture instead of an outright block. When one of our analysts requested the purchase of a remote browser service to conduct investigations into sites that didn't fall into the web categories that we already send to RBI, we decided to develop a process to isolate any desired sites using our existing product, incurring no additional cost for the company.   The security team is often asked to investigate suspicious web sites, whether they are phishing, malvertising, or others. Netskope uses our Remote Browser Isolation solution for uncategorized, no content, parked domains, proxies and anonymizers, and known threat websites. For sites outside of those categories that require a safe way to investigate a web site we have created a solution for this.   How to set it up  Step 1 The approach we took was to create a c

Lokesh_BalajiNetskope Employee

posted in Inside Netskope

Automating URL List Management for Remote Browser Isolation (RBI)

Welcome to a project aimed at enhancing the ease of an analyst's experience. In this venture, I've taken automation to the forefront by simplifying how we add URLs to RBI_url list. This list is specifically meant for Remote Browser Isolation (RBI), ensuring that some questionable/suspicious sites can be accessed securely for investigation purposes.   At the heart of this effort is a Slack bot I've designed. This bot comes with the right permissions and a simple command. With this command, users can mention the URLs to be included in the RBI URL list. This whole process starts when the bot communicates with the Tines platform, where the real magic happens.   Using the Tines platform, we have simplified this process through automation by which these URLs are added to the RBI URL list seamlessly and securely. This automation eliminates the need to manually navigate to the tenant to upload URLs, streamlining and expediting the task.   Requirements: Slack app (to get urls fr

ukrishnaNetskope Employee

posted in Inside Netskope

Onboarding Multiple Subscriptions for Azure CSPM

What is CSPM and Why CSPM?   CSPM stands for Cloud Security Posture Management, it is a process to monitor cloud resources that belong to an organization for any potential security misconfigurations or risks which can lead to financial or data loss. The CSPM process scans the public cloud infrastructure continuously to check for violations against a set of predefined rules. The rules are tuned/muted by each organization as per their compliance and security needs. Netskope CSPM also offers a set of comprehensive rules which can be used by customers to improve their compliance and security posture of public cloud. Netskope offers CSPM solutions for Microsoft Azure, Google Cloud Platform and Amazon Web Services at the time of writing this post. Storage scans can also help with DLP and Malware violations. This post explains in an efficient and expeditious method on how to onboard multiple Azure subscriptions into Netskope CSPM.    Making use of Azure Management Groups  

jramirezNetskope Employee

posted in Inside Netskope

Netskope & Okta Can Help With Tracking Compliance Training

Security awareness compliance training refers to a specific training initiative created to educate employees, contractors, and other involved parties within a company regarding the significance of adhering to security measures, guidelines, and mandates. The fundamental aim of this training is to foster a mindset of security awareness and adherence across the entire organization. By doing so, it guarantees that all individuals comprehend their obligations in upholding the confidentiality of delicate data and countering security risks. However, not all users fulfill their training requirements punctually. At Netskope, over the past few years, we have persistently dispatched regular emails to users, urging them to finalize their training. Presently, we are exploring innovative and effective strategies to ensure timely completion of training by users.   Using Netskope, Okta, an LMS with an API, and a SOAR solution, we have created a solution to track users with missing security traini

stevanNetskope Employee

posted in Inside Netskope

Bypassing Zoom Traffic for Stability

Multiple users have reported issues with the stability of Zoom, as well as the performance of the application itself. Common complaints or issues relating to audio dropping, audio quality, and screen redraws or slowness painting the screen. Due to these issues, as seen traversing a proxy, it is recommended that Zoom traffic be bypassed and go directly to the destination, at least for real-time traffic.  We do recommend using our Next Generation API Data Protection for Zoom. With its current release, audit events, standard user behavior analytics alerts in Skope IT, and DLP alerts may be seen in the tenant. Future improvements to API data protection includes, threat protection, inventory and dashboard remediation actions, and retroscan. Instructions The following instruction set allows you to bypass Zoom traffic using the Netskope Client’s  real-time traffic steering method. Go to https://support.zoom.us/hc/en-us/articles/201362683-Zoom-network-firewall-or-proxy-server-setti

stevanNetskope Employee

posted in Inside Netskope

Real-time Policy Recommendations

Steer It And You Can See It   It goes without saying that if you cannot see data exfiltration then you cannot stop it from happening.  CASB applications need to be steered in order to be seen, including SSL certificate pinned applications, destination locations, applications (CFW and CASB custom applications), and a few other bypass exceptions.   For reference SSL certificate pinning is when a desktop or mobile application validates if the proposed server certificates match the hardcoded ones in the application. It's a security technique used to prevent man-in-the-middle attacks (MITM).   We recognize some vendor ssl certificate pinned applications by default which need to be bypassed, Amazon Drive for example.  So, in order for end users to use the application without errors resulting, we need to bypass the application traffic and allow it to go directly to the destination.  In order for that to occur, we define the application and the hosts or domains to

madhurasridharNetskope Employee

posted in Inside Netskope

Endpoint DLP - Netskope Customer Zero Best Practices

Netskope Endpoint Data Loss Prevention (Endpoint DLP) provides data protection at the endpoint by utilizing Netskope cloud DLP capabilities. You can use Endpoint DLP to monitor and govern USB storage devices connected to your endpoint. Endpoint DLP is an optional add-on capability to the Netskope Client and does not require deploying and managing a separate client or agent on the endpoint.   With Endpoint DLP, you can create Device Control and Content Control policies. Device Control policies enable granular control over which devices are allowed and which users can access them. Whereas, Content Control policies enable the full use of  Netskope DLP profiles and rules to inspect and control data movement between an endpoint and a USB mass storage device. To avoid user interaction during deployment, please ensure that full disk access is enabled for all Mac OS systems for which the endpoint DLP service would be deployed.    Within the Customer Zero team, we have

borisgekhtmanNetskope Employee

posted in Blogs

Netskope for Mobile - Rollout Approach

There are many things that characterize good security hygiene. One obvious aspect is clearly defined trust boundaries and secure connectivity requirements. Allowing an unmanaged and untrusted device to be directly plugged into a trusted network would significantly violate one of the core tenets of the Zero Trust principle.   The truth is, enabling secure connectivity on mobile devices cannot be done in an ad-hoc manner, it must follow a best practice approach in order to be successful. While many internet security and remote access solutions offer a self-service workflow (e.g., go to the App/Play Store, download the client, authenticate, and connect), this can lead to potential risks. Sensitive data could end up on an untrusted and unmanaged device, which could get lost, stolen, or be used for unauthorized access and data exfiltration. This poses a real risk for both internal and SAAS applications, and it raises doubts about the effectiveness of the data protection perimeter. &nbs

Rohit_BhaskarNetskope Employee

posted in Video Library

Migrating Reports to Advanced Analytics

aplazaNetskope Employee

published in Video Library

Quarterly Product Release Webinar - July 2023

In this session, you’ll hear about key use cases to implement protections that stop threats, protect data and identify sources of risk. Our Product Management and Product Adoption Leads will cover the latest platform updates from Release 103, 104, and 105. Key product updates:Generative AI Web Filtering Category ChatGPT App Connector Now Available Efficacy improvements in the DLP ML models New Inline Phishing ML model Printer Device Control for Endpoint DLP UEBA - Rest API integration for UCI scores Advanced Analytics - New SSL Inspection Dashboard Next Gen SSPM & CCI (V2) Next Gen API for Jira & Confluence

mitchellNetskope Employee

posted in Blogs

Using the Netskope Client on Android with certificate pinned applications

Overview This is a short write-up on different approaches and nuances of Netskope Android client (NSClient) deployments, as it differs from, for example, the deployment of the Netskope iOS Client.This post will cover a rather easy and common deployment of steering and protecting certain app traffic to Netskope. This is similar to how iOS enables per-app VPN deployment. If you are interested is the high-level overview of our mobile capabilities, you might want to check out the following blog post:  Netskope's capabilities on mobile platforms - The Netskope Community The mentioned functionalities and configuration of the Netskope Android client are described in the documentation center: https://docs.netskope.com/en/netskope-client-supported-os-and-platform.html.   When you start deploying the NSClient with a Mobile Device Management (MDM) solution such as VMware Workspace and Microsoft Intune, the NSClient will be installed under the work profile. This is a neat feature in And

KmaheshwariNetskope Employee

posted in Blogs

Netskope Private Access and Cloud Exchange running in Azure

Netskope Private Access and Cloud Exchange running in Azure Overview Using Netskope’s Private Access (NPA) can help secure workloads in Azure like deploying Netskope’s Cloud Exchange there. In this solutions guide NPA is used to front end a Cloud Exchange server that doesn’t have direct inbound internet access.    Requirements Netskope tenant with a NPA license Azure account Setup Steps Netskope  Configure a Netskope Publisher in your Tenant   Azure Deploy Virtual Machine Netskope Publisher   Cloud Exchange Setting up Cloud Exchange in Azure Deploy Virtual Machine Ubuntu Server Add Access to Cloud Exchange via NPA Setup Cloud Exchange on Ubuntu Server   Verify Netskope Tenant sees your publisher Check your client for the NPA tunnel Try to access cloud exchange on your private IP Configure a Netskope Publisher in your Tenant Go to your Netskope Tenant > Settings > Security Cloud Platform > Publishers Click New Publisher    

stevanNetskope Employee

posted in Inside Netskope

Google Workspace RProxy as a Service

Welcome to the world of Reverse Proxy! Today, I will be your guide on creating a Reverse Proxy as a Service (RPaaS) in Google Workspace. We’ll then apply contextual awareness to “guide” employees to steer traffic to Netskope using RPaaS if they are not originating from a Netskope IP address. This is similar to what we do with Microsoft Azure AD RPaaS and conditional access policies; the contextual awareness is Google’s implementation of conditional access.   There are requirements needed for licensing as well as caveats which warrant mentioning. You will need to be licensed for Protect your business with Context-Aware Access - Google Workspace Admin Help . There are a limited number of applications at this point which context awareness works with or for, see pic below.   For SAML apps, policy evaluation occurs on sign-in to the app. Third party SAML apps that use Google as the identity provider. A third party identity provider (IdP) can also be used (third party IdP federat

borisgekhtmanNetskope Employee

posted in Blogs

Netskope's Capabilities on Mobile Platforms

I am excited to start a series of posts covering Netskope for Mobile. This kick-off note will provide an overview of Netskope's capabilities on mobile platforms. In the upcoming posts, I will delve into greater detail on enabling Netskope for both corporate and BYOD devices, enforcing data perimeter on mobile, navigating SSL Inspection and certificate pinning challenges, and many other topics.   Why Netskope on Mobile? While there are significant differences in capabilities, user experience, ownership models, and even weight and portability, mobile devices are similar to desktops in that they can be used to browse the internet, access personal and corporate applications, and move data around. Consequently, our information security policies, tools, and procedures are expected to cover both desktop and mobile use cases. Based on my observations, many organizations have significant gaps in their security posture between corporate desktops and mobile platforms, and Netskope can defini

stevanNetskope Employee

posted in Inside Netskope

Netskope Tools Directory Importer to SCIM Migration Process

Users are provisioned in three different methods within the tenant-manually adding them, Netskope Tools Directory Importer, or via System for Cross-domain Identity Management (SCIM).  SCIM is an open standard designed to manage user identity information.  It is possible to use all three methods to provision users to the tenant.  However, it is recommended that only one method be used to avoid confusion.   As more and more resources migrate to the cloud, it makes sense to use an Identity Provider (IDP) which resides in the cloud as well.  SCIM provides a defined schema for representing users and groups, and a RESTful API to run CRUD operations on those user and group resources.   This guide provides administrators the ability to migrate from the Netskope Tools Director Importer to SCIM, regardless of the service provider such as Okta or Ping.   Netskope Tools Directory Importer Netskope Tools Directory Importer is installed, running, and on the latest

qyostExplorer III

asked in Inside Netskope

IPS Signatures - Detailed Descriptions?

I hope this will just be a pointer to the resource...Is there a repository with more details about what the signatures are.  Or a way to see what caused the match?   Some of the descriptions are quite vague, and it's hard to determine if an exception should be created.eg: Sig 20019  "MALWARE-CNC User-Agent known malicious user agent - test"

ukrishnaNetskope Employee

posted in Inside Netskope

Using API for SSPM V2 Alerts

How do you feed the Netskope SSPM Alerts to SaaS Application Administrators?   The Netskope Cloud provides a wide range of innovative and competitive products, among which one of the most important offerings should be Netskope SSPM. SSPM stands for SaaS Security Posture Management and is used to continuously monitor cloud-delivered Software-as-a-Service applications. This service monitors the SaaS applications' configuration to ensure that they are configured securely and in compliance with regulations. Security administrators can set policies and receive alerts for SaaS application instances that do not adhere to the required policy.   Typically, SaaS application administrators are not part of the company's core security team. Instead, the security team receives the SSPM alerts for all the SaaS applications. These alerts must be forwarded to the respective SaaS application owners so that they can work on remediation. In some cases, the security team might be hesitant to gran

mfergusonNew Member

posted in Blogs

Netskope Administration for Departing Users

Netskope Administration for Departing Users   When a user announces their departure from the organization, it's crucial to implement stringent controls and checks to protect corporate data and resources. The user's account should immediately be placed into a "Leaving Users" group within their Identity Provider or Directory Services. This move should trigger a set of pre-configured policies for these accounts.   Critical Policies to be Enabled Restricted Activities: This policy limits certain user activities to prevent potential loss of data: Unable to Delete Files: Prevents the user from unintentionally or maliciously deleting crucial company information. Unable to Share Files to Any Non-Corporate User: Ensures sensitive company data isn't shared externally. Unable to Download from Salesforce: Ensure customer and prospect data from being downloaded. Restricted Instances: This policy confines the user's interaction with certain instances: Unable to Upload any files to Non-

mfergusonNew Member

posted in Blogs

Netskope Administration for Contractors & Third Parties

Netskope Administration for Contractors & Third Parties   Contractors and third parties often require access to company resources to fulfill their tasks, yet they exist outside the organization's direct control and may not be fully aligned with the company's security culture or protocols. The necessity for elevated or different security protocols for contractors and third parties stems from the unique risks these roles introduce.  This document will outline some approaches within Netskope to protect business assets from contractors and third parties.   Deployment Modes   Forward Proxy (Netskope Client Installed)   For contractors or third parties given a managed corporate device with a Netskope Client installed, we recommend using Netskope's Forward Proxy Mode. This mode offers granular control over web traffic and cloud app usage, ensuring secure access and data protection.   Pros: Large Scope Access Control: Forward proxies can be used to limit acce

mfergusonNew Member

posted in Blogs

Netskope Administration for Developers

Netskope Administration for Developers   While it is necessary to provide adequate security measures in your environment, it's important to be aware of the unique needs of your developers and coders. Their work often involves accessing and interacting with various applications like GitHub, which may lead to issues if proxy services interfere with their work. Here are some recommendations:   Bypass SSL Inspection for Specific Applications   While not generally recommended, it may be beneficial to bypass SSL Inspection for applications such as GitHub, which developers frequently use. This ensures that developers' traffic is not interfered with during their code creation. Instead, opt to utilize Netskope's API-enabled protection to provide visibility and partial control over the data inside GitHub. Remember that GitHub traffic would be inspected if accessed by anyone outside of the Developers User Group.   Deployment Modes   To cater to developers' needs, you have

aplazaNetskope Employee

posted in Video Library

Introduction to Netskope Cloud Firewall

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

scarlileNetskope Employee

Enabling Multi-Factor-Authentication for Netskope Admins - How to set up Microsoft Authenticator

Securing administrative access to the Netskope tenant is an important security control.  When Single Sign-On (SSO) is not an appropriate choice for some administrators, Multi-Factor Authentication (MFA) should be used.   Docs.netskope.com describes the process for enabling MFA for local Netskope admins who are not managed via SSO.  The default authenticator is Google Authenticator, but other ones can be used.   https://docs.netskope.com/en/multi-factor-authentication-for-netskope-admins.html   This article describes how to set up Microsoft Authenticator.   1) Enable MFA on tenant     2) Next time the tenant admin logs into Netskope tenant   3) Tenant admin presented with authenticator setup (note Google Authenticator default)   4) Admin opens Microsoft Authenticator app on device   5) Add Work or school account   6) Scan QR code from Microsoft Authenticator   7) Use Authenticator code when prompted to login to Netsk

1
2
3
4
5
6
7
8

Page 5 / 8

Badge winners

Rohit_Bhaskarhas earned the badge Simplified Cocial Chamption
Rohit_Bhaskarhas earned the badge Simplified Engagement Enthusiast
Rohit_Bhaskarhas earned the badge Simplified Collaborator
mkoyfmanhas earned the badge Retired Alumni
Saif-Chaudhryhas earned the badge Retired Alumni

Show all badges

Powered by Gainsight

Terms & Conditions Cookie settings

Sign up

Already have an account? Login

Login with SSO

Employee Partner

or

Username *

E-mail address *

I am a... *

First Name *

Last Name *

Company Name *

Job Title *

Country Name *

State/Province *

Topics of Interest… *

Password *

I accept the terms & conditions

loginBox.register.email_repeat

Login to the community

If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account

Login with SSO

Employee Partner

or

Username or Email

Password

Remember me

Forgot password?

Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.

Enter your e-mail address

Back to overview

Scanning file for viruses.

Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.

OK

This file cannot be downloaded

Sorry, our virus scanner detected that this file isn't safe to download.

OK

Explore

Why Netskope
Products
Solutions
What is SASE?
What is SSE?
What is Zero Trust?
What is a Next Gen SWG?
What is a CASB?

Resources

Blog
Netskope Community
Resource Library
Security Defined
Technical Support
Threat Labs
Trust Portal
URL Lookup

Company

About Netskope
Careers
Events
Executive Briefing Program
Newsroom
Our Customers
Partners
Partner portal

Contact

Contact Us
1-800-979-6988
2445 Augustine Dr. 3rd floor, Santa Clara, CA 95054

Privacy Policy
Vulnerability Disclosure Policy
Terms of Use
CCPA Compliance Statement

© 2024, All rights reserved.