Introducing Netskope Active Threat Protection

By now, many IT professionals recognize that a lot of business data are being uploaded to the cloud. We’re not talking about photos of soccer games or the company holiday schedule, we’re talking about business data, and IT professionals have estimated this number to be around 30%. IT sees the data going to cloud (SaaS) apps they’ve sanctioned and they know it’s also going to shadow apps that they’ve not had visibility over. It is well established now that latter — the shadow IT apps — represent 90% of the 900+ cloud apps in use in the average enterprise. Aside from the alarm that this lack of control brings, there’s something that has loomed even bigger in the minds of IT — the fact that their enterprises are largely unprotected from threats that originate from the cloud. Per a recent survey commissioned by Netskope and conducted by Enterprise Strategy Group, 85% of security professionals surveyed stated that they are concerned about cloud apps as a means of distributing malware.¹ What complicates this is that the cloud, by its very nature, is designed as the ultimate dissemination vehicle. Whether it’s through a sync client, mobile app, or share button, the cloud creates a “fan-out” effect for malware through its well-woven tapestry of cloud-connecting endpoints. This exponential increase in complexity of cloud security due to the threat landscape and frequency of attacks has also led to an unprecedented shortage of skills and cognitive overload for IT security professionals.

With this in mind, we are proud to announce our next major product release, the industry’s first cloud threat protection solution that addresses threats that may originate from — or be further propagated by — cloud apps. We start from a strategic vantage point of cloud app usage. Put simply, Netskope is the only CASB that can see all cloud app traffic and correlate that traffic against users, activity and contextual information, all in one central dashboard. We combine that vantage point with industry-first prioritized threat protection that provides deep contextual-based insights from threat intelligence, static and dynamic analysis and anomaly detection, to detect, analyze, and quarantine the latest viruses, advanced persistent threats (APTs), spyware, adware, trojans, ransomware, and other malware. Finally, Netskope Active Threat Protection leverages the Netskope policy enforcement capabilities along with cloud-specific integrations with endpoint detection and response (EDR), sandbox and security information and event management (SIEM) vendors, so that the time required for forensics is reduced from hours to minutes.

Along with the organic innovation that’s gone into Netskope Active Threat Protection, we can’t say enough about the value of the partner integrations in this solution. Threat intelligence feed aggregation and sharing, zero-day threat intelligence, sandboxing, and endpoint intelligence and incident response all have been integrated to take advantage of these industry-leading capabilities and help customers take advantage of existing investments. The partners who joined in this announcement include Carbon Black, Cyphort and FireEye. We couldn’t be happier to have them as integration partners.

If you’d like to read more information about this announcement or the Netskope Active Threat Protection product, check out our press release, this Web page or this data sheet.

¹Source: ESG Research, Cloud Security Survey, January 2016