Ask the community

Risky behavior detection

acceptableuse
New Contributor II

is there a way to create an alert to detect the movement of files that have a mismatched file extension?

i know Netskope will do its inspect of the file but i would like an alert on this as an indicator of risky behavior.

1 Solution
aramachandran
Netskope
Netskope

What is your concern here - unacceptable/shady behavior or data/malware risk ?
Sounds like the former.. but thought I'd ask - The one way I'm thinking is using NAA to regex the object name (to extract the extension from the object name) and compare against the file type that we detect - but that's manual.. 

View solution in original post

3 Replies 3
aramachandran
Netskope
Netskope

What is your concern here - unacceptable/shady behavior or data/malware risk ?
Sounds like the former.. but thought I'd ask - The one way I'm thinking is using NAA to regex the object name (to extract the extension from the object name) and compare against the file type that we detect - but that's manual.. 

acceptableuse
New Contributor II

yes thats correct, this is to track the shady behavior. 

its worth a shot. ill report back after a try

madhurasridhar
Netskope
Netskope

You can also try to create a realtime policy for certain categories or applications, and apply file type constraints for upload and download activities to identify risky file type uploads and downloads. 

Subscribe
Top Liked Authors

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In