Does anyone have a Policy or Run book that utilizes Netskope to cut down Internet usage during a security incident such as ransomware? I am thinking that if there was an event, I would want to start individual assests- particularly remote could and could not do. In my mind:Prevent computers from accessing any sites that are not on a shortened approved list. Have an emergency steering config that has now Cert-Pinned Apps. Once an assets is determined to be infection free - or reimaged and having a certain identifier, use device classification to allow more sites.

Cybersecurity / Ransomeware isolation

Does anyone have a Policy or Run book that utilizes Netskope to cut down Internet usage during a security incident such as ransomware?

I am thinking that if there was an event, I would want to start individual assests- particularly remote could and could not do.

In my mind:

Prevent computers from accessing any sites that are not on a shortened approved list.
Have an emergency steering config that has now Cert-Pinned Apps.
Once an assets is determined to be infection free - or reimaged and having a certain identifier, use device classification to allow more sites.

Be the first to reply!