Leading cloud security company unveils new capabilities and integrations with industry-leading tools to offer defense-in-depth solution targeted at cloud threats
Netskope, the leading cloud access security broker, today announced the availability of Netskope Active Threat Protection, a first-of-its-kind threat protection solution for the cloud access security broker (CASB) industry. With a comprehensive vantage point over cloud app usage, Netskope Active Threat Protection combines threat intelligence, static and dynamic analysis, and machine-learning based anomaly detection to enable real-time detection, prioritized analysis, and remediation of threats that may originate from — or be further propagated by — cloud apps. These new Netskope capabilities integrate with industry-leading tools to create a defense-in-depth solution that reduces the time required for cloud threat detection and forensic analysis from hours to minutes.
With 4.1% of enterprises’ sanctioned cloud apps laced with malware and total cloud app usage — including unsanctioned or “shadow IT” apps — extending into the thousands per enterprise, organizations have been largely unprotected by traditional perimeter security providers. The increasing complexity of the threat landscape and frequency of attacks has also led to an unprecedented shortage of skills and cognitive overload for IT security professionals.
Netskope Active Threat Protection addresses the lack of cloud visibility with a 360-degree view into sanctioned and unsanctioned cloud app usage, even if the user is accessing the app remotely or from a mobile device. This vantage point over the cloud vector goes beyond other CASB solutions that fail to see all app usage and data movement. Netskope Active Threat Protection goes even further by understanding the context of the usage, such as who is uploading, downloading and sharing data — information that may prove critical when thwarting an attack or limiting its blast radius.
To help IT address the complexity of the threat landscape and skills shortage, Netskope Active Threat Protection is designed to prioritize potential threat dangers during scanning without sacrificing the comprehensiveness of the scans performed. This is done at high-speed and in real-time before surfacing forensic analysis in a single Netskope dashboard or via a customer’s security information and event management (SIEM) solution. To expedite or automate remediation efforts, Netskope Active Threat Protection comes with a granular policy enforcement engine and can trigger workflows such as quarantining, or a customer can integrate with their existing remediation toolset.
Key features of Netskope Active Threat Protection include:
Netskope Active Threat Protection also integrates with leading IT security vendors to provide best-of-breed capabilities and extend existing enterprise investments:
Quotes from Netskope leadership, industry analysts and partners about the news:
“With the constantly evolving landscape of malware, ransomware and other threats to the enterprise, IT need not only ‘rip the blindfold off’ when it comes to shadow IT, but to be able to react immediately to ensure the safety and security of sensitive data,” said Sanjay Beri, co-founder and CEO, Netskope. “With Netskope Active Threat Protection, customers can now take advantage of the Netskope deep cloud app visibility and granular policy enforcement capabilities in tandem with the benefits of a complete threat protection suite. We have collaborated with a number of leading enterprise security companies to offer this service to our customers and ensure that we are one step closer to safer enterprise cloud app usage.”
“All organizations leveraging the tremendous agility of cloud computing for competitive advantage need to do so safely with purpose-built security solutions. Securing the use of the cloud includes awareness of bad actor use of SaaS applications as an attack vector to plant and disseminate malware,” said Doug Cahill, senior analyst for ESG Research. “With its breadth and depth of visibility and policy enforcement for both sanctioned and unsanctioned cloud apps, Netskope is in the right spot to address this problem. Now, through a combination of organic innovation and tight integrations with leading security controls, Netskope has introduced a smart approach that helps organizations detect and thwart threats emanating from the cloud. An example of thoughtful design is how the Netskope Active Threat Protection product prioritizes threat analysis to reduce the time to remediation for operational efficiency and thus allowing IT to focus on enabling their organization’s use of the cloud.”
“Netskope offers the most comprehensive real-time visibility and policy enforcement for enterprise cloud app usage in the industry. When integrated with the FireEye platform, enterprises unlock a greater security vantage point through the intelligence, technology, and services capabilities in the industry,” said Ed Barry, VP, Cyber Security Coalition, FireEye. “As a new member of the FireEye Cyber Security Coalition, we are excited to have Netskope work with us and other CSC members to enable better protection of joint customers against advanced threats.”
“The widespread usage of cloud apps has had a compounding impact on the complexity of the threat landscape. The Cyphort and Netskope integration takes this attack vector head on by combining Netskope’s uncompromised visibility and real-time control of cloud apps with Cyphort’s unique sandbox environment that combines machine learning and behavior analysis. This is great news for enterprises who have ventured into the cloud and want to detect and remediate threats,” said Anthony James, Vice President of Product and Marketing, Cyphort.
“Information sharing and a united defense are critical components of effective cyber security. With Carbon Black’s real-time visibility and continuous recording of endpoint activity, and Netskope’s real-time visibility of the cloud, this integration makes great sense for our companies and our joint customers. Now, whether enterprises are addressing threats in the cloud or on the endpoint, they can benefit from the bi-directional exchange of threat intelligence and risk information provided by each solution, combined with the outstanding detection and response capabilities of Carbon Black,” said Tom Barsi, senior vice president of business development for Carbon Black.
To learn more about Netskope Active Threat Protection, download this data sheet.
Netskope™, the leading cloud access security broker (CASB), helps enterprises find, understand and secure sanctioned and unsanctioned cloud apps. Through contextual awareness and a multi-mode architecture, Netskope sees the cloud differently. This results in the deepest visibility and control, the most advanced threat protection and data loss prevention and an unmatched breadth of security policies and workflows. The world’s largest companies choose Netskope, the only CASB that ensures compliant use of cloud apps in real-time, whether accessed on the corporate network, remotely or from a mobile device. With Netskope, enterprises move fast, with confidence. To learn more, visit our website.