Introducing Netskope SSPM’s Next Generation Capabilities

Growth of SaaS Apps

The market for Software-as-a-Service (SaaS) applications, or apps, was valued at $186B in 2022, and expected to grow to $700B by 2030, a CAGR of 18%. As organizations adopt more SaaS apps for business-critical operations, they expose sensitive data across an ever larger and more diversified variety of egress points in the cloud. And as attackers tend to follow the data, they are targeting SaaS apps like never before.

Organizations that rely on SaaS apps for critical operations require a cloud-based security solution that helps them maintain compliance with industry regulations and protect against potential threats and risks. To stay safe, the first line of defense is to secure the weakest link, which in the case of SaaS apps is their security posture.

What’s New

To help organizations counter these challenges, Netskope is excited to announce the general availability of next generation capabilities for our SaaS Security Posture Management (SSPM) solution. This new release is packed with a lot of capabilities and usability improvements that will help organizations strengthen the security posture of their SaaS apps and protect sensitive data.

Here are some of the core capabilities available in this new SSPM release:

Graph-based engine:

Netskope SSPM’s graph-powered engine helps security analysts investigate root causes and identify patterns for all kinds of security misconfigurations. It also analyzes context from across SaaS apps to help detect advanced risks. Check out this blog for additional context and details.

Unified SaaS posture dashboard:

A summary of all inventory and posture findings is displayed in a single, unified console. This view allows practitioners to easily drill into findings for more details that can help jump start investigations and triage.

SaaS app Inventory:

As visibility is the first step of security, Netskope’s inventory view allows practitioners to see all instances and resources associated with SaaS apps configured for SSPM. Search and filter functions make it easy to find resources that warrant close monitoring and SSPM clearly displays all information associated with each resource to reveal the complete context.

Additional out-of-the-box/predefined detections:

Predefined rules help you keep pace with newly available features and configurations of SaaS apps. Misconfigured SaaS apps can create additional security risks, so in this release we have added more than one hundred new out-of-the-box rules for Salesforce, Microsoft Exchange, and Microsoft 365 SharePoint, several of the widely used SaaS apps that Netskope SSPM supports.

New low-code/no-code query language:

One of the best ways to leverage the power of Netskope SSPM’s next generation capabilities is using Netskope Governance Language (NGL) for querying the vast amount of data that SSPM retrieves about each configured SaaS app. NGL replaces Domain Specific Language (DSL), the query language used in prior versions of SSPM. NGL is built as a low-code/no-code framework with recommended syntax auto-complete that flattens the learning curve. Here are links to blogs that show how to use NGL for Azure AD and Salesforce.

REST APIs:

Netskope uses an “API first” approach to automate, integrate, and orchestrate SSPM into your existing security workflows and systems. The REST APIs enable you to programmatically perform all actions found in the SSPM UI, and are extensively documented in the Swagger framework which also lets you test drive the APIs.

For additional compliance checks we have added support for the Center for Internet Security (CIS) Benchmark for Microsoft 365 v1.5.0. Netskope SSPM users will also benefit from scale and performance improvements, visibility into third-party connected apps, and simplified policy management.

SSPM is a fundamental security control designed to monitor compliance with industry rules and regulations and minimize cloud-based risks. It dramatically reduces the attack surface across multiple SaaS applications and provides invaluable risk context for a complete cloud-based zero trust strategy.

We look forward to helping you onboard Netskope SSPM’s next generation capabilities to arm your SaaS security team with the tools they need to help secure your organization’s critical data, apps, and users.

Netskope SSPM is Part of Netskope Intelligent SSE

Netskope SSPM is part of the Netskope Intelligent SSE platform, providing a comprehensive, integrated approach to securing SaaS apps that combines cloud access security broker (CASB), data loss prevention (DLP), and modern SSPM. It consolidates these fundamental security technologies, and much more, into a market-leading Security Service Edge platform.

Stay tuned for more details about the current set of capabilities that the SSPM team is building, including integrations with CASB and third-party applications risk management.

If you are new to SSPM, please check out the following resources or contact Netskope to learn more: