Netskope
Cloud Threat Exchange

Organizations need timely threat intelligence to quickly protect a community across all defense layers.

51%

Threats today are file-less, shifting the threat landscape to a dynamic playing field for online web and cloud resources weaponized with malicious intent.

49%

File-based threats are polymorphic, selectively exposed, and unlikely to be seen multiple times with the same characteristics.

Overall, 44% of threats today are cloud-enabled

Endpoints have exceptional visibility for malicious files and segments written to disk for file-based IOCs. However, for cloud phishing that evades endpoint, email and web defenses, the IOCs are more likely to come from NG SWGs, which have the ability to decode API-based JSON cloud and web traffic. Overall, 44% of threats today are cloud-enabled with phishing being the leading method and SaaS the leading target. These challenges require multiple defenses with unique capabilities and focus points to share timely threat intelligence.

2020-02-The Dark Side of the Cloud-Site Tile-519x519-1x

Netskope Cloud
Threat Exchange
is the Solution

Netskope Cloud Threat Exchange (CTE) is a near real-time threat ingestion, curation, and sharing tool that enables Netskope customers and technology partners to bi-directionally exchange IOCs. Security teams can integrate up to the minute intelligence feeds that contain malicious URLs and file hashes into their security infrastructure products such as endpoints, firewalls, secure web-gateways, and cloud access security brokers. For workflow and playbook automation, CTE can also integrate with IR, SIEM, SOAR, MDR, or custom API-based tools.

Netskope
Security Cloud

Découvrez notre plateforme →
Netskope Security Cloud

Une visibilité inégalée. Détection des menaces et protection des données en temps réel.

Netskope Security Cloud offre en temps réel et de manière inégalée, visibilité, détection des menaces et protection des données où que vous soyez et depuis n'importe quel périphérique. Seul Netskope comprend le cloud et adopte une approche centrée sur les données qui fournit aux équipes de sécurité le parfait équilibre de protection et rapidité dont elles ont besoin pour sécuriser leur parcours de transformation numérique.

Netskope Security Cloud

Key benefits of Cloud Threat Exchange

Automate threat updates

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

«  »

Increase threat coverage

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

Improve threat optics

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

Take quick action

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

×

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

×

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

×

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

×

Cloud Threat Exchange
use cases

01

Integrate third party feeds with Netskope

Use Cloud Threat Exchange to build custom URL lists within the Netskope Next Gen Secure Web Gateway in order to automate management of allow and blocked domains.

02

Increase data protection coverage

Share filehashes of policy violations from on-premise, endpoint, or email based data leakage prevention solutions for additional DLP identification triggers inside Netskope.

03

Consistently manage threat feeds

Use your preferred threat management system or apply your custom scripts to automate curation and enriching shared IoCs with contextually relevant information.

Le cloud et le mobile occupent aujourd'hui une place prépondérante, et ne pas tenir compte du risque de propagation des menaces revient à foncer tête baissée. La mise en œuvre de notre projet CASB nécessitait que nous orientions notre infrastructure vers le cloud, ce que Netskope nous a permis de faire.

– RSSI, grande entreprise de haute technologie

Cloud Threat Exchange partners

Ressources

Redéfinissez votre périmètre.