Since Netskope and Sift Security joined forces earlier this year, we have been heads down integrating Sift’s capabilities into the Netskope for IaaS product line and building out the roadmap. Before jumping into the new features, I thought it would be helpful to share some background on the significant investments Netskope has made in cloud infrastructure security.
Prior to the Sift acquisition, the robust Netskope for IaaS capabilities included:
- Continuous Security Assessment (CSA) to ensure organizations cloud configuration is in compliance with policies and best practices;
- Cloud Storage Data Protection (CSDP) to monitor cloud storage buckets for sensitive data and malware;
- Real-time Visibility & Control for both managed and unmanaged cloud infrastructure.
Combining Sift with Netskope helped accelerate the Netskope roadmap and added unique Breach Detection & Response capabilities like behavioral analytics to identify and prioritize active threats specific to cloud infrastructure, intuitive graph visualization to accelerate investigations and threat hunting, and automated response to facilitate remediation.
With that context, I am very excited to announce the first phase of Sift integration and some truly unique cloud infrastructure security capabilities that sit at the intersection of cloud security posture management (CSPM) and CASB.
Many security executives we speak with are worried about both inadvertent data exposure/loss as well as malicious data exfiltration. With today’s release (an industry first), Netskope for IaaS is now uniquely able to identify and block any attempts by users to upload data to an unmanaged storage bucket, whether via the AWS GUI or via programmatic copy and sync activities executed in the CLI. This solution combines Netskope’s inline proxy capabilities, Cloud XD insights into the traffic, real-time DLP activity controls, and visibility into the cloud inventory.
With these capabilities, Netskope offers the most comprehensive security for S3 buckets, which are the most prevalent source of cloud infrastructure breaches. Our customers use Netskope to ensure their buckets are configured according to best practices and policies; scan those buckets to identify sensitive data and malware or other threats, and real-time blocking of insider threats and data exfiltration.
We are also launching some major improvements to the Netskope Continuous Security Assessment:
- Cloud Inventory, which enables our customers to see all of their cloud infrastructure assets and resources from a single dashboard. You can view inventory and manage risk of cloud resources across your CSPs, drilling down into details with an asset-oriented view of your cloud risks;
- Enhanced dashboards and reporting to simplify security for large, multi-cloud environments. The new user interface, powered by our unique “One Cloud” architecture, provides admins with an overview of the application spread across multiple clouds, summarized view of all their cloud infrastructure, and enables users to drill down by filtering on CSP, Account, Tags, and more; thereby removing the need for “swivel-chair administration” by logging into multiple consoles.
- Expanded configuration checks: Configuration drift can occur due to one-time changes or deployment script changes. With today’s release, these changes can now be identified easily with more than 40 out-of-the-box configuration checks, including correlation configuration checks that look at multiple layers of controls to find misconfigurations that expose resources in your environment.
You can read more about these features in our press release or by watching some of our demo videos. Stay tuned for updates on support for GCP, expanded support for Azure, and updates on the integration and release of Breach Detection & Response capabilities in early 2019.