The adoption of cloud services, hybrid workforces, the rapid emergence and use of generative AI (genAI) along with the evolving regulatory environment are forcing security and risk management (SRM) leaders to enhance their SRM spending. Gartner forecasts global SRM spending to grow 14% in 2024. Moreover, worldwide end-user spending on SRM is projected to total $215 billion in 2024, an increase of 14.3% from 2023, according to a new forecast from Gartner, Inc. At the same time, organizations are focused on adopting technical capabilities and processes to provide far greater visibility, agility, and responsiveness across the organization’s entire digital ecosystem without compromising security.
The evolution of meaningful integrations at Netskope is rooted in driving zero trust-oriented business outcomes. That’s why context matters when realizing the full potential of a risk exchange ecosystem to enhance overall data protection. Today, Netskope is making great strides in the automation and normalization of our risk exchange ecosystem with the latest version of the Netskope Cloud Risk Exchange (CRE) module, Cloud Exchange (CE) platform.
The latest CRE announcements are geared towards customers who want to maximize their risk containment investments while enabling zero trust principles. The current fleet of enhanced and net-new integrations with Technology Alliances partners, such as CrowdStrike, Microsoft, Okta, Wiz, and more, enable customers to create a consolidated business rule framework based on third-party telemetry that maps to the Netskope Zero Trust Engine, our adaptive risk framework.
The latest innovations support every part of the Netskope inline policy enforcement. Customers now have the ability to:
- Fetch and inform Netskope’s Cloud Confidence Index (CCI)
- Influence User Confidence Index (UCI) scores
- Tag private app instances based on third-party inventories, and create and update private apps based on key telemetry from strategic partner integrations
CRE-enabled customers can now automatically aggregate and normalize risk scores and labels based on a customer’s unique take on what constitutes risk. Netskope aims to deliver integrations by consolidating additional context across the corporate digital estate involving identity (users, device, apps, workload, instance, data), location, activity, behavior. Let’s expand on what we mean across the following risk signal pillars:
- Activity Trust is a key pillar and Netskope differentiator with its unique insights into user actions, not yet informed by third-parties
- App Trust is when Netskope learns about workloads from Wiz, CrowdStrike, or Illumio and we update the Netskope ZTNA configuration to reflect updates. This information is further used to coach, limit, or block access and activities when an app is reported as a risk. Third-party app risk assessment solutions like Bitsight, CrowdStrike CNAPP, Wiz, or ServiceNow may have insights into breaches or overall activity that increase risk to users. Identity providers (IdPs) like Okta and Microsoft can tell Netskope which apps have been federated for single sign-on. SaaS spend partners like Zylo and Productiv can tell Netskope when app subscriptions have been contractually approved. IT service management (ITSM) partners like ServiceNow can tell us which apps have been fully onboarded.
- Behavior Trust can be surfaced by advanced IdP and companies with ML engines to discern normal from abnormal persona behavior. Integrations, such as with KnowBe4, identify poorly educated employees; Cyberark shares high risk administrators; Mimecast shares high risk spear phishing victims; SailPoint shares ungoverned users; and Okta with its identity threat protection
- Data Trust partners surface key findings, starting with persistent labels, around risky data, such as our integration with Microsoft Purview and Fortra.
- Device Trust looks at whether hosts are safe or are compliant, vulnerability-free, non-compromised, and/or cooperate with solutions from Microsoft Defender for Endpoints.
- Identity Trust incorporates findings from multiple partners for multiple use cases. These include compromised user or compromised private workloads from IdP partners like Okta, Microsoft Entra ID, CrowdStrike Falcon Identity Protect, Mimecast, and microsegmentation partners like Illumio who inform Netskope of sanctioned workloads or if those app workloads should be quarantined, or CNAPP partners like CrowdStrike and Wiz that also surface and differentiate safe and known from the high risk public cloud workloads.
- Instance Trust (Risk) is when we learn that there is an inline and publicly reachable service that is explicitly known and identified by a third party, and particularly for cloud hyperscalers, are key findings of CNAPP partners like CrowdStrike and Wiz. Netskope can enforce appropriate access (or not) to these unsanctioned or high risk services until they are compliant.
All Netskope risk signal pillars to come together, continuously and automatically, to drive zero trust access for the right users and devices to the right destinations and outcomes.
Download the Netskope Cloud Risk Exchange data sheet.
Learn more about the other exciting features from Netskope’s recent platform announcement, including: