ブログ セキュリティ変革 How Netskope Can Help with Your 10 Critical Security Projects – Nos. 5-6
Jan 06 2021

How Netskope Can Help with Your 10 Critical Security Projects – Nos. 5-6

The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. 

Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help. 

But don’t just take our word for it. We are addressing all of these security vectors in our latest Prove It challenge. Find out how Netskope will grant you the visibility and granular control you need to secure your organization in today’s cloud-first environment.

No. 5: Simplify cloud access controls

As Gartner notes, “Cloud access controls typically are done through a CASB. They offer real-time enforcement through an in-line proxy that can provide policy enforcement and active blocking. CASBs also offer flexibility by, for example, starting out in monitoring mode to better ensure fidelity of traffic and understand security access.”

Netskope understands CASB better than any other vendor. One side, CASB API-mode, covers managed apps and data-at-rest, which is likely the majority of your data, but less than 2% of the apps and cloud services your company utilizes. The other side is inline CASB for thousands of unmanaged apps, where data is obscured in motion from legacy web gateways. For a single-pass solution, Netskope has united secure web gateway (SWG) and inline CASB into a Next Gen SWG solution for web, managed SaaS, unmanaged SaaS, public cloud services, and custom app user traffic analysis for data and threat protection with the data context required for SASE architecture. Netskope simplifies cloud access using one cloud platform, one service, one console, one policy engine, and one client for remote users, or IPsec/GRE tunnels for offices, plus the option of Zero Trust Network Access (ZTNA) fully integrated.

No. 6: DMARC

As Gartner notes, “Organizations use email as the single source of verification, and users struggle to determine real messages from fakes. DMARC, or domain-based message authentication, reporting and conformance, is an email authentication policy. DMARC is not a total solution for email security and should be one piece of a holistic security approach. However, it can offer an additional layer of trust and verification with the sender’s domain. DMARC can help domain spoofing but will not address all email security issues.”

Netskope researches and understands cloud-enabled threats, including cloud phishing. SaaS apps provide trusted domains, valid certificates, and in some cases may bypass inline defenses by design or DNS reputation checks. A common cloud phishing modus operandi begins with a personal webmail with a link to cloud storage, often OneDrive, Box, or G Drive where the file is opened to expose a form requesting login credentials for Microsoft Office 365, the most impersonated brand in phishing attacks. 

These fake logins compromise credentials of company and personal app instances for users and evade endpoint defenses, plus legacy web and email defenses. Netskope protects by knowing approved app instances from rogue ones, when credentials are put into forms via cloud DLP, activities, and assessing any downloads for threats having access to app content and context. 

Any cloud-enabled threats exposed provide IOCs that the Netskope Cloud Threat Exchange (CTE) can automatically share with other defenses including endpoints, firewalls, SIEMs, SOAR, and IR solutions within a customer’s security stack. CTE is also bi-directional to share IOCs including file hashes and malicious URLs from other defenses with a customer’s environment.

Want all 10 recommendations in one handy document? Read our roundup covering each of Gartner’s 10 projects and how Netskope provides value for each.

Our technology provides the confidence and clarity businesses need to comfortably operate in the cloud and we’re ready to prove it to everyone.

We’re launching a battery of seven real-world challenges on our Next Gen SWG and we want you to be a part of this benchmark-setting occasion. The Prove It Challenge is an opportunity for you to witness Netskope address the major cloud challenges facing businesses today in a practical environment. Ready to take a test drive and let Netskope prove it? Sign up here.

author image
About the author
Tom Clare is a senior product marketing manager, his focus at Netskope centers on product strategy with marketing experience in web/cloud proxies, data and threat protection, behavior analytics, network traffic analysis, endpoint protection, endpoint detection and response, deception, and firewalls.
Tom Clare is a senior product marketing manager, his focus at Netskope centers on product strategy with marketing experience in web/cloud proxies, data and threat protection, behavior analytics, network traffic analysis, endpoint protection, endpoint detection and response, deception, and firewalls.