Netskope
Cloud Threat Exchange

Organizations need timely threat intelligence to quickly protect a community across all defense layers.

51%

Threats today are file-less, shifting the threat landscape to a dynamic playing field for online web and cloud resources weaponized with malicious intent.

49%

File-based threats are polymorphic, selectively exposed, and unlikely to be seen multiple times with the same characteristics.

Overall, 44% of threats today are cloud-enabled

Endpoints have exceptional visibility for malicious files and segments written to disk for file-based IOCs. However, for cloud phishing that evades endpoint, email and web defenses, the IOCs are more likely to come from NG SWGs, which have the ability to decode API-based JSON cloud and web traffic. Overall, 44% of threats today are cloud-enabled with phishing being the leading method and SaaS the leading target. These challenges require multiple defenses with unique capabilities and focus points to share timely threat intelligence.

2020-02-The Dark Side of the Cloud-Site Tile-519x519-1x

Netskope Cloud
Threat Exchange
is the Solution

Netskope Cloud Threat Exchange (CTE) is a near real-time threat ingestion, curation, and sharing tool that enables Netskope customers and technology partners to bi-directionally exchange IOCs. Security teams can integrate up to the minute intelligence feeds that contain malicious URLs and file hashes into their security infrastructure products such as endpoints, firewalls, secure web-gateways, and cloud access security brokers. For workflow and playbook automation, CTE can also integrate with IR, SIEM, SOAR, MDR, or custom API-based tools.

Netskope
セキュリティクラウド

プラットフォームを見る→
Netskope                      
Security Cloud

比類のない可視性。リアルタイムのデータと脅威からの保護。

Netskopeセキュリティクラウドは、あらゆる場所のあらゆるデバイスからクラウドサービス、ウェブサイト、プライベートアプリにアクセスする際でも、比類なき可視性とリアルタイムデータ、脅威防御を提供します。Netskopeだけがクラウドを理解し、セキュリティチームがデジタルトランスフォーメーションをする際にセキュリティを確保するために必要な保護と速度を、適切なバランスで実現する「データ中心(Data Centric)」のアプローチを採用しています。

Netskope                      
Security Cloud

Key benefits of Cloud Threat Exchange

Automate threat updates

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

""

Increase threat coverage

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

Improve threat optics

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

Take quick action

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

×

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

×

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

×

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

×

Cloud Threat Exchange
use cases

01

Integrate third party feeds with Netskope

Use Cloud Threat Exchange to build custom URL lists within the Netskope Next Gen Secure Web Gateway in order to automate management of allow and blocked domains.

02

Increase data protection coverage

Share filehashes of policy violations from on-premise, endpoint, or email based data leakage prevention solutions for additional DLP identification triggers inside Netskope.

03

Consistently manage threat feeds

Use your preferred threat management system or apply your custom scripts to automate curation and enriching shared IoCs with contextually relevant information.

それは今日のクラウドとモバイルを利用する世界であり、脅威の伝播の観点からそれについて考えていなければ、ブラインド・スポットを増やすことになります。CASBプロジェクトの中心は、クラウド使用に取り組む際のこの側面を解決することでしたが、Netskopeはその力を提供します。

—CISO 、大手ハイテク企業

Cloud Threat Exchange partners

リソース

境界線を再構築しましょう