It’s no secret that Amazon Web Services (AWS) continues to grow by leaps and bounds as organizations modernize their IT infrastructure by migrating apps and workloads to the cloud. And due to the AWS shared responsibility model of cloud security, a deep and broad ecosystem of security vendors has also grown up alongside AWS. In an effort to provide organizations with confidence in a given vendor’s ability to integrate tightly with their environment and provide reliable services, AWS introduced their Competency Program, with Security Competency as one of the specializations.
The Security Competency designation is reserved for vendors who demonstrate deep technical expertise with security in AWS and proven success securing customer cloud journeys. Netskope is one of only 18 Amazon Partner Network (APN) vendors to have achieved competency in the area of Infrastructure Security, which encompasses “solutions including zero trust network access (ZTNA), secure web gateway (SWG), and cloud access security broker (CASB) to detect and protect your workloads from malicious traffic.”
Protection for AWS Environments
Netskope provides the above protections and much, much more. Here are some of the important use cases that Netskope solves for AWS customers:
- Secure remote access to private applications – Remote and hybrid workers need to access business-critical applications from anywhere. Netskope Private Access (NPA), Netskope’s zero trust network access (ZTNA) solution, provides secure, granular access based on adaptive trust principles. This helps organizations reduce and improve security in several ways:
- Users can only access the applications and resources they need when they need them.
- NPA improves security by replacing outdated VPN gateways and concentrators that expose their IP addresses to the public internet.
- Private resources are not visible on the public internet and are shielded from attackers.
- Discover shadow IT and block data exfiltration and threats – Netskope has multiple technologies that act in real-time to block movement of sensitive data, threats, unauthorized users, and access to rogue accounts.
- Netskope Inline CASB monitors traffic to and from AWS resources and applications to expose suspicious or malicious activity.
- Netskope’s Zero Trust Engine decodes activities in real-time to place activity-level restrictions on users, groups, and organizational units across more than 270 AWS services.
- Netskope’s Next Generation Secure Web Gateway (SWG) blocks malware, detects advanced threats, and controls cloud apps and services for users located anywhere, using any device.
- Discover sensitive data and malware in cloud storage repositories – Netskope CASB API for Public Cloud scans Amazon S3 buckets to identify sensitive data and protect it from misuse. It also discovers malware and generates alerts to help prevent threats from spreading.
Integration with AWS Services
Netskope also integrates with a wide variety of AWS services via APIs and Netskope Cloud Exchange to provide context, visibility, and information sharing across both cloud and hybrid environments.
AWS service integrations and information sharing benefits include:
- AWS CloudTrail – Netskope consumes AWS event logs via API to provide additional context for detection, analysis, and response to anomalies, suspicious behaviors, and suspected threats. Security admins gain visibility into sanctioned AWS resources and can detect shadow IT (unsanctioned use) of AWS resources.
- AWS CloudTrail Lake – Netskope exports AWS-related customer logs to AWS CloudTrail Lake via the Netskope Cloud Exchange Cloud Log Shipper (CLS) plugin. This provides useful information from outside of the AWS cloud, adding valuable context to a data lake of CloudTrail logs. Security admins can surface over 300 granular activities and findings for sanctioned and unsanctioned AWS resources.
- Amazon Security Lake – Netskope exports all customer logs to Security Lake via the Cloud Exchange CLS plugin in the Open Cybersecurity Schema Framework (OCSF) format. This integration enables AWS and Netskope customers to export AWS-related logs plus additional useful information from outside of the AWS cloud into an OCSF data lake. Security Lake allows integration with a variety of third-party analysis tools to surface and present all Netskope activities and findings in a modern normalized format.
- Amazon S3 – Netskope can scan S3 for sensitive data, DLP violations, and malware, and export all customer logs to AWS via Cloud Exchange CLS plugin. This allows customers to decrease risk by ensuring that sensitive data is not publicly exposed or accessible by unauthorized users, and also prevents malware from spreading to users and other cloud services.
- AWS Control Tower – AWS customers can use Control Tower to automate deployment of Netskope CSPM and S3 scanning solutions in a multi-account environment, helping AWS customers to ensure consistent security across all AWS accounts.
- Amazon GuardDuty – Netskope consumes threat information (file hashes) via the Cloud Threat Exchange (CTE) plugin for Netskope Cloud Exchange. Netskope can then leverage GuardDuty malware findings for enhanced threat protection and risk reduction.
- AWS AppFabric – Netskope helps to protect AWS AppFabric environments by scanning S3 buckets that AppFabric uses to store logs and other sensitive data. This helps to prevent data breaches and the spread of malware.
In conclusion, achieving AWS Security Competency in the Infrastructure Protection category, along with a growing ecosystem of AWS integrations, provides AWS customers with assurance that Netskope is committed to helping organizations provide secure access to applications and resources, protect data, and reduce risk in the cloud. AWS customers who have benefitted from Netskope security solutions for AWS environments include Ather Energy, Cloudrise, and Crest Data Systems.