Accelerate your SSE journey. Join Netskope at RSA.

  • Security Service Edge Products

    Protect against advanced and cloud-enabled threats and safeguard data across all vectors.

  • Borderless SD-WAN

    Confidently provide secure, high-performance access to every remote user, device, site, and cloud.

  • Platform

    Unrivaled visibility and real-time data and threat protection on the world's largest security private cloud.

Netskope Named a Leader in the 2022 Gartner Magic Quadrant™ for SSE Report

Get the report Go to Products Overview
Netskope gartner mq 2022 sse leader
Gartner® Quick Answer: How Does Netskope’s Acquisition of Infiot Impact SD-WAN, SASE, and SSE Projects?

Get the report
Gartner quick answer
Netskope delivers a modern cloud security stack, with unified capabilities for data and threat protection, plus secure private access.

Explore our platform
Birds eye view metropolitan city
Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn more
Lighted highway through mountainside switchbacks
Prevent threats that often evade other security solutions using a single-pass SSE framework.

Learn more
Lighting storm over metropolitan area
Zero trust solutions for SSE and SASE deployments

Learn more
Boat driving through open sea
Netskope enables a safe, cloud-smart, and fast journey to adopt cloud services, apps, and public cloud infrastructure.

Learn more
Wind turbines along cliffside
  • Our Customers

    Netskope serves more than 2,000 customers worldwide including more than 25 of the Fortune 100

  • Customer Solutions

    We are here for you and with you every step of the way, ensuring your success with Netskope.

  • Training and Certification

    Netskope training will help you become a cloud security expert.

We help our customers to be Ready for Anything

See our Customers
Woman smiling with glasses looking out window
Netskope’s talented and experienced Professional Services team provides a prescriptive approach to your successful implementation.

Learn more
Netskope Professional Services
Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn more
Group of young professionals working
  • Resources

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog

    Learn how Netskope enables security and networking transformation through security service edge (SSE).

  • Events & Workshops

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

Episode 10: Building Security Relationships Through Transparency
In this episode, Mike and Andreas discuss aligning with works councils, forging business relationships through transparency, and embedding security into value streams.

Play the podcast
Building Security Relationships Through Transparency
Read the latest on how Netskope can enable the Zero Trust and SASE journey through security service edge (SSE) capabilities.

Read the blog
Sunrise and cloudy sky
Netskope at RSA

Join Netskope at RSA Conference this year and be part of the real conversations on SASE and Zero Trust. Stop by our booth in South Hall, chat with an expert, register for our speaking sessions, and unwind by joining us at one of our events!

Learn more
RSA logo
What is Security Service Edge?

Explore the security side of SASE, the future of network and protection in the cloud.

Learn more
Four-way roundabout
  • Company

    We help you stay ahead of cloud, data, and network security challenges.

  • Why Netskope

    Cloud transformation and work from anywhere have changed how security needs to work.

  • Leadership

    Our leadership team is fiercely committed to doing everything it takes to make our customers successful.

  • Partners

    We partner with security leaders to help you secure your journey to the cloud.

Netskope enables the future of work.

Find out more
Curvy road through wooded area
Netskope is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

Learn more
Switchback road atop a cliffside
Thinkers, builders, dreamers, innovators. Together, we deliver cutting-edge cloud security solutions to help our customers protect their data and people.

Meet our team
Group of hikers scaling a snowy mountain
Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn more
Group of diverse young professionals smiling

Realizing the True Power of Netskope Cloud Exchange

Mar 10 2023

When I talk to customers and partners about Cloud Threat Exchange (CTE), I immediately say, “I’m not in marketing, and didn’t see the future—so I misnamed the module. I should have named it Cloud Data Exchange.” Why do I say this? Because, as Netskope and Cloud Exchange have matured, the number of use cases the module can fulfill has naturally grown beyond the initial vision. How so?

In most customer deployments, Cloud Threat Exchange is enabled to facilitate the sharing of indicators of compromise, or IoCs. IoCs are information elements (IP addresses, CIDR blocks, URL, URI, domains, or file hashes) attributed to known attack elements. We originally built CTE to automate the sharing of this information among multiple, connected parties, including Netskope, because we believed that what one part of the security stack knows about an attack, all parts should know. Doing this via CTE reduces the operational strain of moving these IoC, making it a multilateral, automated push and pull versus a bilateral, manual push or pull. Once the “feed” of IoCs to be shared has been defined, the data movement becomes automatic. In many cases, we have heard customers tell us that the functionality is easy to enable and has resulted in attacks being discovered by other parts of the stack and then remediated by a different component—finding in the cloud, remediating on the endpoint; finding in the endpoint, remediating/blocking in the email solution; finding on the email, remediating/blocking in the cloud. All of this reduces dwell times for persistent, advanced threats and enhances the likelihood for comprehensively protecting against attacks.

As our ecosystem of partners continue to innovate, CTE has been expanded to go beyond exchanging IoC, and can move these data objects (IP addresses, CIDR blocks, URL, URI, domains, or file hashes) regardless of their original categorization. Systems like SecLytics surface indicators of behavior (IoB), which are warnings that an attack may be happening or about to happen. The same data objects can still be pushed into CTE plugged-in systems, but using the CTE feature of “labels”, each could be tagged by a string indicative of risk level provided with that object. 

In other words, labels add a rich, additional layer of context that can be used to make decisions about where the data is sent and how it is used. In the case of Netskope policy, this label could be used to take low severity IoC, and low risk IoB, and send each to a URL object used by an alerting rule, whereas medium severity IoC and high risk IoB could be sent to a URL object used to coach users away from engaging with those matching resources. Labels open up many use cases, including indicators of attack sharing, application access governance, URL filtering synchronization (see more below), SSL decryption rule population, SSL bypass rule population, and more.

Additionally, a year after CTE was launched, the Netskope platform expanded the DLP engine to support reading the file hash file object that CTE had previously been designed to use for inline threat prevention policies, the only policy function that could take advantage of custom file hashes at CTE inception. Now file hashes that CTE are able to extract from third-party systems can be used for exact data matches in DLP policy. We built the GitHub CTE plugin to take advantage of this enhancement. CTE could now pull file hashes related to all GitHub content in any given repository and push it into an object that the DLP policy refers to to enforce appropriate data sharing. In GitHub’s case, this enables customers to control sharing any code or content that exactly matches, with continuously automated refresh cycles. I’m looking forward to our planned expansion of how Cloud Exchange can work with innovative Netskope features and ecosystem data protections to make its use easier.

Finally, we see more customers using CTE to help migrate from legacy, premise-based URL filtering solutions to Netskope. In many cases, customers have spent years building custom URL lists. CTE can work with many solutions to extract those lists for use in Netskope, ensuring everyone can benefit from all of that work in the Security Cloud for direct to cloud use cases.

I’m proud of how Netskope has evolved, and how Cloud Threat Exchange, and its parent platform Cloud Exchange, continue to be able to take advantage of those features. If you have a use case that require you to move data between Netskope and IT/security solutions, please contact your Netskope account team and let’s talk. You can learn more about CTE here.

author image
David Willis
David is an experienced business, security, and technology leader with over 20 years of experience across telecommunications, financial services, and software industry verticals. David currently serves as Head of Technology Integrations for the Business Development Team, focused on addressing tactical and strategic security and IT solution integration needs at scale for Netskope customers. David also leads the building and expansion of new routes to market for Netskope.