Detect anomalies that can signal risky behavior or even breach

Advanced, multi-dimensional analysis of cloud and web usage

Machine learning and anomaly detection

The use of cloud and web services is increasing rapidly in organizations everywhere. More importantly, many of these cloud services are becoming mission critical, supporting your core business processes and housing your sensitive business data. With the growing importance of the cloud, it is critical to guard against threats to your cloud services.

The Netskope Security Cloud uses machine learning algorithms and an advanced rule engine to detect anomalies that could indicate unauthorized access, credential abuse, data exfiltration, and more. Netskope adaptive machine learning continuously analyzes user behavior and detects deviations that could indicate malicious activities. Netskope also analyzes cloud and web usage against an extensive set of predefined conditions. You can prioritize anomalies by risk level, filter down to what matters most, and drill down into forensic details for a detected anomaly so you can take the appropriate action.

Principales fonctions

Machine learning

Netskope adaptive machine learning continuously analyzes multiple dimensions of user behavior to create a baseline of normal user behavior. This baseline is automatically and continuously adjusted based on the changing usage of your cloud and web services. When deviations from the baseline are detected, alerts are generated to trigger further investigation and corrective action.

  • ­Analyze multiple dimensions of user behavior, including time, day, location, device, service, activity and object
  • Unsupervised, adaptive machine learning engine is self-training and self-adjusting
Data anomalies

With more of your sensitive data moving to the cloud and web, it is vital to understand how your data is moving in and out. Netskope identifies data movement anomalies such as bulk downloads, uploads, and deletions as well as the movement of sensitive data between cloud services that could indicate a data exfiltration attempt.

  • Bulk file uploads, downloads, and deletions
  • Data exfiltration to unsanctioned cloud services
Location anomalies

The anytime, anywhere nature of the cloud and web provides clear productivity benefits to your organization, but unfettered cloud access opens up your organization to unnecessary risks. Netskope helps you reduce the attack surface by analyzing the geographic locations associated with your cloud and web usage and detecting location-based anomalies that could indicate malicious activity.

  • Multiple access attempts from users in different, distant locations
  • Access from known risky countries
Credential anomalies

With visibility into activity-level usage across cloud and web, as well as threat intelligence feeds that allow you to associate your users with known external credential breaches, Netskope provides the ability to detect potential credential misuse and remediate the risk of unauthorized access to your cloud services and websites.

  • Compromised credentials
  • Shared credentials
  • Login failures

Les plus grandes entreprises lui font confiance

Principaux scénarios d'utilisation

Insider threats

Use Netskope machine learning and user behavioral analytics to detect unusual data patterns, such as bulk downloads, that could indicate that an employee is amassing sensitive information in advance of leaving the organization. Use Netskope DLP to understand which content is being collected, and use this information to drive further investigation and take appropriate action.

Compromised users

Many people reuse their usernames and passwords, so it is important to know if any of your users have been affected by an external credential breach. You can use this information to raise awareness with your users, or leverage Netskope integrations with single sign-on (SSO) solutions to require a password change or stepped up authentication for any affected users.

Risky locations

Anomalous locations could be another indication of unauthorized access attempts. Use Netskope machine learning and user behavioral analytics to baseline the normal locations from which your users access your cloud services and websites. Reduce the attack surface by detecting access attempts from risky or improbable locations and use this information to inform your security policies.

Netskope Security Cloud — data sheet

Découvrez toutes les fonctionnalités de la solution Netskope Security Cloud, ainsi que la façon dont elle protège les modèles IaaS et SaaS de votre entreprise, ainsi que votre utilisation d'Internet.

En savoir plus

Netskope Advanced Threat Protect — data sheet

Learn how Netskope Advance Threat Protect performs deep analysis to detect and prevent evasive, zero-day threats from the cloud and web.

En savoir plus

Vous voulez voir Netskope en action ?

Demander une démo