Netskope named a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge. Get the Report.

  • Platform

    Unrivaled visibility and real-time data and threat protection on the world's largest security private cloud.

  • Products

    Netskope products are built on the Netskope Security Cloud.

Netskope delivers a modern cloud security stack, with unified capabilities for data and threat protection, plus secure private access.

Explore our platform
Birds eye view metropolitan city

Netskope Named a Leader in the 2022 Gartner Magic Quadrant™ for SSE Report

Get the report Go to Products Overview
Netskope gartner mq 2022 sse leader

Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn more
Lighted highway through mountainside switchbacks

Prevent threats that often evade other security solutions using a single-pass SSE framework.

Learn more
Lighting storm over metropolitan area

Zero trust solutions for SSE and SASE deployments

Learn more
Boat driving through open sea

Netskope enables a safe, cloud-smart, and fast journey to adopt cloud services, apps, and public cloud infrastructure.

Learn more
Wind turbines along cliffside
  • Customer Success

    Secure your digital transformation journey and make the most of your cloud, web, and private applications.

  • Customer Support

    Proactive support and engagement to optimize your Netskope environment and accelerate your success.

  • Training and Certification

    Netskope training will help you become a cloud security expert.

Trust Netskope to help you address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Learn more
Woman smiling with glasses looking out window

We have qualified engineers worldwide, with diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ready to give you timely, high-quality technical assistance.

Learn more
Bearded man wearing headset working on computer

Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn more
Group of young professionals working
  • Resources

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog

    Learn how Netskope enables security and networking transformation through security service edge (SSE).

  • Events & Workshops

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

Bonus Episode: The Importance of Security Service Edge (SSE)

Play the podcast
Black man sitting in conference meeting

Read the latest on how Netskope can enable the Zero Trust and SASE journey through security service edge (SSE) capabilities.

Read the blog
Sunrise and cloudy sky

Netskope CSO speaking events

Meet the Netskope CSO team at one of our upcoming events.

Find an event
Netskope CSO Team

What is Security Service Edge?

Explore the security side of SASE, the future of network and protection in the cloud.

Learn more
Four-way roundabout
  • Company

    We help you stay ahead of cloud, data, and network security challenges.

  • Why Netskope

    Cloud transformation and work from anywhere have changed how security needs to work.

  • Leadership

    Our leadership team is fiercely committed to doing everything it takes to make our customers successful.

  • Partners

    We partner with security leaders to help you secure your journey to the cloud.

Netskope enables the future of work.

Find out more
Curvy road through wooded area

Netskope is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

Learn more
Switchback road atop a cliffside

Thinkers, builders, dreamers, innovators. Together, we deliver cutting-edge cloud security solutions to help our customers protect their data and people.

Meet our team
Group of hikers scaling a snowy mountain

Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn more
Group of diverse young professionals smiling
Blog Uncategorized Three Practical Scenarios for Netskope’s Cloud Security Patent
Mar 22 2016

Three Practical Scenarios for Netskope’s Cloud Security Patent

Today we announced that Netskope has been issued United States Patent 9,270,765 for security for network delivered devices. The patent, which is the most comprehensive awarded to any Cloud Access Security Broker (CASB) vendor, recognizes our ability to offer real-time visibility and policy control for enterprise users across both sanctioned and unsanctioned cloud apps, regardless of a user’s location or device type.

It is now very common for enterprises to use cloud apps for a number of corporate functions, with the most recent Netskope Cloud Report finding an average of 917 cloud apps in use per enterprise. Most of those are shadow IT. While this is a boon for employee productivity, it presents myriad cloud data protection issues for the enterprise.

Consider an organization seeking to protect its data in today’s work environment with hundreds of cloud apps. The organization may be using Salesforce.com for CRM, Expensify for expenses, Taleo for talent management, Dropbox for file sharing, Evernote for note-taking, Slack for team communications, Marketo for marketing automation, Google Apps for document collaboration, and more. Even though the organization is able to monitor some on-premises usage of those cloud apps with their existing security tools, once the user is off of the corporate network or using a cellular network, the usage is not trackable. The bring your own device (BYOD) trend increases the likelihood of enterprise cloud traffic bypassing the corporate network completely, making it impossible for IT to see that traffic, or enforce policy on it.

Essentially, this patent covers Netskope’s unique ability to enable visibility and control for all modern cloud access patterns, and to associate the user’s enterprise identity with that cloud traffic. Let’s look at three scenarios where this capability is important:

The first is remote cloud access. Let’s say an organization’s finance department is using several cloud apps, one for online payroll, another for accounting, yet another for payment authorizations, and one to pull it all together in an analytics and reporting package. In fact, the average organization has 34 cloud finance apps in use. Like nearly all modern workers, some finance professionals work from home, from the train, or while sipping a latte at their local Starbucks. The organization’s IT department knows that these apps contain some of its most critical information and needs to make sure that users are following proper procedures. For example, are unauthorized users accessing the apps? Are they downloading significant amounts of data from them? The ability to see this traffic and enforce policy on that usage can mean the difference between being compliant with Sarbanes-Oxley or not, or identifying the exfiltration of sensitive business data or not.

The second is native or sync cloud app clients. Whether on-premises or remote, many users access the cloud via native or sync cloud app clients. This allows them to work more conveniently and efficiently in an app on their local machine (versus relying on the browser for every activity) or take advantage of the app when they’re off network, and then have their data or files synced to the cloud upon regaining connectivity. Users of Cloud Storage apps like Box, Microsoft OneDrive, and Google Drive will opt for this method as it is fast and easy. The capabilities outlined in this patent enable IT to gain visibility and control over this cloud traffic. Moreover, because Netskope allows the user identity to be tied to this traffic, IT can enforce policy by user or user attributes such as enterprise directory group or organizational unit. For example, if IT wants to enforce a different policy for sync client users who happen to be in the group “corporate insiders,” it can do so, which can mean all the difference for keeping proprietary financial performance data close at hand during a company’s quiet period.

The third is a variation of the scenario above, in which cloud threat protection relies on having native or sync cloud app client visibility. For example, in a recent blog we describe the cloud malware attack fan-out effect and show how malware (or the effect of it, in the case of encrypted files syncing across users and clouds as a result of ransomware) can propagate via cloud apps. Without visibility and control for native apps and sync clients, IT wouldn’t be able to detect malware traveling via a sync client until it’s too late and users are infected.

This patent recognizes a critically important component of cloud protection. Accessing cloud apps remotely, off-network, via native and sync clients (in addition to traditional browser-based access) is simply how we work today, and giving IT the visibility, policy enforcement, and ability to detect and remediate cloud-based threats across all of these access methods is the way CASBs should work.

As a final note, I want to take this opportunity to thank my patent co-holders, Sanjay Beri, Lebin Cheng and Ravi Ithal, for their hard work on these capabilities.

author image
About the author
Krishna Narayanaswamy, Netskope's Founder and CTO, is a highly regarded researcher in deep packet inspection, security, and behavioral anomaly detection with over 25 years of industry experience. He leads Netskope's research efforts in data and threat protection and is a frequent presenter on security thought leadership topics in leading conferences. Previously he founded Top Layer Networks and served as a distinguished engineer at Juniper Networks where he delivered successful products to the market. He holds over 50 patents that range from security to accelerated packet processing to data classification.
Krishna Narayanaswamy, Netskope's Founder and CTO, is a highly regarded researcher in deep packet inspection, security, and behavioral anomaly detection with over 25 years of industry experience. He leads Netskope's research efforts in data and threat protection and is a frequent presenter on security thought leadership topics in leading conferences.…