CSPM security violation findings' Auto-Remediation for AWS
In this article we’ll demonstrate how you can implement automatic remediation for security posture violation findings discovered by Netskope Cloud Sec read more..
Automated remediation in Azure
In this article we show how to set up an automatic remediation workflow in Azure, leveraging the APIs available in Netskope’s Cloud Security Posture M read more..
AWS Best Practices: Real-World Data
We've continued our blog series on AWS Best Practices, and just published:https://www.netskope.com/blog/a-real-world-look-at-aws-best-practices-loggin read more..
Ensure Azure Active Directory donot have any stale users ( users who did not login in last 30 days)
Azure has the following logic to check Active Directory for stale users: refreshTokensValidFromDateTime > STSTokenLifetimePolicy MaxInactiveTime (d read more..
Ensure specific Azure Compute Instances do not have a public IP
Public IP addresses allow Internet resources to communicate inbound to Azure resources. Security posture Management can help with custom rules to ens read more..
Using custom rules for resource tag and label enforcement
Every company uses tagging and resource labeling in their own way. Among other uses, mature labeling practices are a great way to identify resources t read more..
Ensure Public buckets donot have a PII tag. (AWS / Azure / GCP)
Organizations have their own convention of tagging buckets containing PII objects . We can leverage Security Posture Management to create custom rules read more..
Ensure Object ACLs cant be turned public inside private S3 buckets.
Inside an AWS Private S3 bucket, a specific object can be made public by using any of the following steps: Update the object's access control list read more..
Custom Rules using Domain Specific Language
Build custom rules underPolicies > Security Assessmentusing Domain Specific Language (DSL) for Security Assessment of AWS, Azure, and Google Cloud read more..
Ensure no security groups / firewall rules allow ingress from 0.0.0.0/0 to port [ ]
Security groups (AWS, Azure) and firewall rules provide stateful filtering of ingress/egress network traffic to Cloud Provider resources. The AWS rule read more..
