Netskope named a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge. Get the Report.

  • Products

    Netskope products are built on the Netskope Security Cloud.

  • Platform

    Unrivaled visibility and real-time data and threat protection on the world's largest security private cloud.

Netskope Named a Leader in the 2022 Gartner Magic Quadrant™ for SSE Report

Get the report Go to Products Overview
Netskope gartner mq 2022 sse leader

Netskope delivers a modern cloud security stack, with unified capabilities for data and threat protection, plus secure private access.

Explore our platform
Birds eye view metropolitan city

Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn more
Lighted highway through mountainside switchbacks

Prevent threats that often evade other security solutions using a single-pass SSE framework.

Learn more
Lighting storm over metropolitan area

Zero trust solutions for SSE and SASE deployments

Learn more
Boat driving through open sea

Netskope enables a safe, cloud-smart, and fast journey to adopt cloud services, apps, and public cloud infrastructure.

Learn more
Wind turbines along cliffside
  • Customer Success

    Secure your digital transformation journey and make the most of your cloud, web, and private applications.

  • Customer Support

    Proactive support and engagement to optimize your Netskope environment and accelerate your success.

  • Training and Certification

    Netskope training will help you become a cloud security expert.

Trust Netskope to help you address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Learn more
Woman smiling with glasses looking out window

We have qualified engineers worldwide, with diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ready to give you timely, high-quality technical assistance.

Learn more
Bearded man wearing headset working on computer

Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn more
Group of young professionals working
  • Resources

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog

    Learn how Netskope enables security and networking transformation through security service edge (SSE).

  • Events & Workshops

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

Bonus Episode: The Importance of Security Service Edge (SSE)

Play the podcast
Black man sitting in conference meeting

Read the latest on how Netskope can enable the Zero Trust and SASE journey through security service edge (SSE) capabilities.

Read the blog
Sunrise and cloudy sky

SASE Week

Netskope is positioned to help you begin your journey and discover where Security, Networking, and Zero Trust fit in the SASE world.

Learn more
SASE Week

What is Security Service Edge?

Explore the security side of SASE, the future of network and protection in the cloud.

Learn more
Four-way roundabout
  • Company

    We help you stay ahead of cloud, data, and network security challenges.

  • Why Netskope

    Cloud transformation and work from anywhere have changed how security needs to work.

  • Leadership

    Our leadership team is fiercely committed to doing everything it takes to make our customers successful.

  • Partners

    We partner with security leaders to help you secure your journey to the cloud.

Netskope enables the future of work.

Find out more
Curvy road through wooded area

Netskope is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

Learn more
Switchback road atop a cliffside

Thinkers, builders, dreamers, innovators. Together, we deliver cutting-edge cloud security solutions to help our customers protect their data and people.

Meet our team
Group of hikers scaling a snowy mountain

Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn more
Group of diverse young professionals smiling
Blog Full Skope, Security Service Edge Enhancing Security with AI/ML
Aug 25 2022

Enhancing Security with AI/ML

Digital transformation has driven the rapid adoption of cloud-delivered services like SaaS/IaaS/PaaS in enterprises. This, in turn, has resulted in the migration of digital assets (aka data) from the confines of enterprise data centers to the cloud data centers that are not under the control of the enterprises. Additionally, the onset of the COVID-19 pandemic has resulted in remote work becoming the norm. These trends have, in turn, forced a security transformation from the traditional stack of security appliances deployed in an enterprise data center to cloud-delivered security. Gartner has coined the term security service edge (SSE) to represent this new platform where security services like secure web gateway, cloud access security broker, zero trust network access, egress firewall, etc. are delivered in the cloud to safely enable users to perform their work and to reduce the risk of getting compromised and losing data.

There are a few key capabilities that are critical to SSE solutions:

  • Zero Trust Data Access – SSE solutions enforce security policies for accessing data based on contextual information like user, device, application, application risk, user activity, user risk, etc. This contextual information becomes the virtual badge that allows/denies/coaches a user’s access to an enterprise’s digital assets
  • Insider Threat Detection – Enterprise users (employees, contractors) are entrusted with access to business-sensitive data to carry out their work. Security controls are needed to ensure these insiders do not inadvertently or maliciously exfiltrate the sensitive data thereby putting the business at risk.
  • External Threat Detection – Every enterprise is under attack from external bad actors looking to compromise the coveted data for monetary or strategic control purposes. These actors can be individual hackers and organized cybercrime groups, as well as nation-states. The attacks can be phishing, malware, ransomware, or even sophisticated APT attacks. SSE solutions provide effective threat detection, prevention, and remediation services as an added layer of defense to enterprises to protect their data.

The role of AI/ML in SSE solutions

The key underpinning of a powerful SSE solution is the ability to extract very rich contextual information when processing network traffic and enforce the zero trust data access policies. Some of the inputs needed for making the data access decision are the sensitivity of the data leaving an enterprise as well as indicators of threat in data coming from external sources. These are areas where artificial intelligence (AI) and machine learning (ML) have proven to be invaluable in enhancing the fidelity of detections. Let’s look at this in more detail:

Sensitive data classification

Legacy data security solutions use a combination of regular expressions, keywords, and dictionaries to identify sensitive data. This is very error-prone and leads to excessive false positives and in turn, adds a burden to security analysts to sift through mounds of alerts to identify the real violations.

Machine learning-driven data classification can significantly reduce this burden and provide high fidelity classification verdicts. Natural language processing (NLP) algorithms are very conducive to solving this problem. NLP models have been developed by Netskope to classify common business documents like tax forms, paychecks, business contracts, non-disclosure agreements, etc. By using these pre-built models, security admins do not have to create cumbersome and error-prone regular expressions and other patterns to identify which of these types of documents contain sensitive information that needs to be protected from compromise.

In the Netskope Security Cloud, 20% of documents being scanned are images, like JPG and PNG files. Additionally, many business documents have embedded images. The most common way of classifying images is to run them through an optical character recognition (OCR) engine. It is well known that the efficacy of OCR engines is marginal for the commonly seen image content. This is another area where AI/ML can be leveraged to yield outstanding results. There are a number of deep learning algorithms that are suitable for classifying image data. Examples of image detection AI/ML models deployed in the Netskope Security Cloud include passports, drivers’ licenses, other photo identification, computer screenshots, whiteboard images, etc. Given the rise of privacy regulations around the world like CCPA, GDPR, LGPD, etc., it becomes very important for enterprises in possession of images that contain PII data to protect it from being compromised by insiders and external actors.

Threat detection

Insider threat continues to be one of the biggest issues facing enterprises these days. Departing employees tend to take the sensitive information like design documents and code that they contributed to while working in the company. Malicious insiders also steal company data and share it externally. The Netskope Intelligent SSE solution keeps a log of all user activities and applies AI/ML algorithms to detect anomalous behavior. In addition to alerting the admins about the anomalous behavior, the solution also maintains a risk score for every user similar to the credit score that each of us has. The risk score is then fed into the zero trust data access policies as a matching criterion. For example, a user with a poor user risk score can be denied access to sensitive data.

A very common way in which threats like malware and ransomware are detected is using vulnerability and exploit signatures. Indicators of compromise like bad file hashes and malicious URLs are also other techniques used to detect threats. These techniques are good at detecting known vulnerabilities but what about the unknown or what is commonly referred to as zero-day threats. This is where AI/ML comes to the rescue. By training AI/ML models with the vast number of known vulnerabilities and exploits, the trained models are able to detect yet to-be-discovered attacks. Netskope has successfully developed AI/ML models to detect threats in executable files (referred to as PE files) as well as common document formats like PDF and Microsoft Office documents.

In the Netskope Next Gen Secure Web Gateway, AI/ML models are used to classify URLs as well as the web content belonging to phishing sites that tend to steal user credentials. AI/ML is also used to categorize websites and help block inappropriate content from being viewed by enterprise users. 

Conclusion

In this blog, we have seen that AI/ML algorithms can help solve a variety of problems that are commonly seen in enterprises. When it comes to SSE solutions, it has to be noted that these AI/ML algorithms have to be optimized to run and return a verdict in real time to be effective. Over time, there are going to be many more challenging use cases that AI/ML can be used to solve effectively.

author image
About the author
Krishna Narayanaswamy, Netskope's Founder and CTO, is a highly regarded researcher in deep packet inspection, security, and behavioral anomaly detection with over 25 years of industry experience. He leads Netskope's research efforts in data and threat protection and is a frequent presenter on security thought leadership topics in leading conferences. Previously he founded Top Layer Networks and served as a distinguished engineer at Juniper Networks where he delivered successful products to the market. He holds over 50 patents that range from security to accelerated packet processing to data classification.
Krishna Narayanaswamy, Netskope's Founder and CTO, is a highly regarded researcher in deep packet inspection, security, and behavioral anomaly detection with over 25 years of industry experience. He leads Netskope's research efforts in data and threat protection and is a frequent presenter on security thought leadership topics in leading conferences.…