Get your copy of Security Service Edge (SSE) for Dummies. Get the eBook

Press Release
Los Altos, Calif.
Mar. 15, 2018

Netskope Expands Market-Leading IaaS Security Capabilities with Continuous Security Assessment and Monitoring Capabilities

Only CASB with single platform to protect sanctioned and unsanctioned SaaS, IaaS, and PaaS environments

 Netskope, the leader in cloud security, today announced the expansion of its Infrastructure-as-a-Service (IaaS) security capabilities with continuous security assessment and monitoring capabilities. The announcement builds on the company’s robust existing IaaS capabilities, including award-winning cloud data loss prevention (DLP) and threat protection for sanctioned and unsanctioned IaaS. These capabilities have grown steadily since the company delivered the cloud access security broker (CASB) industry’s first real-time, inline connectors for Amazon Web Services (AWS) and Microsoft Azure in 2014.

With today’s announcement, customers can now use Netskope for IaaS to continuously assess their IaaS & platform-as-a-service (PaaS) configuration in AWS, with Microsoft Azure to follow shortly. This includes infrastructure misconfigurations and vulnerabilities that lead to potential compromise. Netskope is the only CASB with a single platform to protect sanctioned and unsanctioned software-as-a-service (SaaS), PaaS, and IaaS environments.

According to Gartner, IaaS revenue is expected to reach $72 billion by 2020. IaaS adoption comes with a shared responsibility model for cloud security, where customers are responsible for securing data stored in the IaaS cloud. The dynamic nature of IaaS has complicated this, as services can be quickly provisioned, deprovisioned, or auto-scaled to meet the needs of the business. As a result, enterprises cannot easily perform continuous monitoring of their IaaS environments. Lack of visibility and control for unsanctioned –– or “rogue” –– IaaS instances, which are often provisioned outside of IT and house sensitive data, also hinders enterprises’ ability to prevent risky activities and data loss in IaaS.

Netskope is unique in its ability to identify all sanctioned and unsanctioned AWS, Microsoft Azure, and Google Cloud Platform (GCP) instances inside of an enterprise, identify the owner of the instance, audit all activities, and protect against deliberate or inadvertent exposure of sensitive data. Similarly, it can also prevent malware and ransomware in these instances. No other CASB provides this capability across the broad spectrum of enterprise IaaS use.

“The Netskope Cloud Security Platform was designed to provide visibility into and secure all cloud use, whether SaaS, IaaS, or PaaS. The exponential growth of IaaS in the enterprise has demanded the need for a platform architected to cover IaaS use whether formally sanctioned, business-unit-led, or end-user-led,” said Sanjay Beri, founder and CEO, Netskope. “We are excited to add to our market-leading visibility, policy, cloud DLP and threat protection capabilities for IaaS by providing our customers with integrated continuous security configuration and monitoring for these environments.”

With the addition of the continuous security assessment, customers can detect changes to configurations as they happen and alert an administrator for any violations, assure that the IaaS environment meets compliance standards such as CIS benchmarks and other regulatory standards and leverage incident response to identify and remediate risks with expert recommendations. Netskope for IaaS also provides customers with the following:

    • Real-time visibility and control of sanctioned and unsanctioned IaaS instances: Netskope processes 40 times more cloud transactions than any other CASB and is the only CASB to provide real-time visibility and control of activities being performed on both sanctioned and unsanctioned IaaS instances.
    • 360° Data Protection: Netskope for IaaS Identifies sensitive data present in IaaS using award-winning cloud data loss prevention (DLP).
    • Adaptive Access Control: Netskope is the only CASB that can enable safe and secure access control at a granular level, allowing users to be able to set granular policies with context based on their requirements.
    • Real-time Advanced Threat Protection: Netskope protects against malware en route to and from the cloud with multiple malware detection engines. Customers can scan files being uploaded to IaaS for malware and prevent it from proliferating in their enterprise.


    “Continuously monitoring cloud infrastructure security — in addition to leveraging Netskope’s market-leading cloud DLP and threat protection — will give us confidence in our security management practices,” said Sajawal Haider, chief information security officer, Oak Hill Advisors. “Netskope gives us the view we need into our IaaS environment to quickly identify any gaps.”

For more information about Netskope, visit


  • Read a blog post on today’s news from Netskope
  • Watch a demo video of the continuous security assessment for AWS
  • Register for the Netskope webinar “Securing IaaS: 5 Steps to Boost AWS Security”
  • Download the Netskope for AWS Solution Brief

About Netskope

Netskope is the leader in cloud security. Using patented technology, Netskope’s cloud-scale security platform provides context-aware governance of all cloud use in the enterprise in real time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope — security evolved. To learn more, visit our website.