Visibility into multi-cloud inventory

Provides a detailed inventory page for each resource, where you can see how many alerts have been generated by each resource, as well as the detailed configuration details for each resource. Collects and summarizes information such as the number of:

• Accounts
• Subscriptions
• Projects
• Compute Instances
• Storage Buckets
• Databases
• VPCs
• Security Groups
• Users and Roles

Visibility into multi-cloud configurations and compliance

• Provides visibility into the configuration of various cloud resources and services.
• Offers guidance on how to enable the appropriate workflows that allow security teams to integrate with the infrastructure teams to resolve misconfigurations.
• Automatically disseminates configuration scan results, with granular filters and least privilege, so that the owner of the infrastructure only gets the data they need
• Utilizes a large and growing library of Restful APIs to support key use cases, such as the bulk setup of accounts and subscriptions and the integration into the CI/CD pipeline via API scans.

Visibility into risky behavior

• Uses BDR functionality to identify and prioritize active threats in AWS, Azure, and GCP.
• Adds visibility into cloud-native audit logs and VPC flow logs.
• Detects known malicious behavior and suspicious activity with a combination of out-of-the-box and custom rules correlated with Netskope Cloud Threat Intelligence, Anomaly Detection, and Machine Learning.
• Detections are classified across security categories, including account compromise, privilege escalation, data exfiltration, crypto-mining, and many other cloud-native threats.

Visibility into data at rest

• Extends the benefits of DLP profiles used for SaaS applications to your public clouds
• Offers Netskope DLP policies that cover data residing in fields of cloud services, such as Salesforce and ServiceNow
• Uses Netskope DLP’s unique ability to inspect content in thousands of cloud services.
• Uniquely extends support for DLP policies to unmanaged cloud services, such as social media posts, subject lines in webmail, and collaboration messages in application, such as Jive, Yammer, and Chatter
• Offers comprehensive malware prevention and detection capabilities. Netskope Threat Protection is not restricted to just executables. It includes proprietary engines to parse through PDFs, DOC files, etc.

Visibility & control over unmanaged IaaS activity

• Provides real-time inline visibility and control
• Alerts when a user logs into a personal AWS account (using a personal email)
• Alerts or blocks attempts to download malware from an S3 bucket
• Blocks attempts to upload sensitive data to Azure Blob Storage

Visibility and control over insider threats

• Pulls the S3 inventory to create a “whitelist” of known managed S3 buckets. This whitelist is fed into an inline policy, which allows you to block attempts to exfiltrate data from managed to unmanaged buckets.
• Enables policies to be established to provide inline security controls, like DLP and ATP of traffic to/from public clouds.
• Detects and blocks insider threats, stopping the exfiltration of data from a corporate, managed storage bucket/blob to a personal, unmanaged storage bucket/blob.
• Allows you to add custom bucket lists by uploading a CSV file or via API integration.