Netskope
Cloud Threat Exchange

Organizations need timely threat intelligence to quickly protect a community across all defense layers.

61%

of malware is cloud delivered

Source: Netskope Cloud and Threat Report, 2021

27%

of malware is malicious Office documents

Source: Netskope Cloud and Threat Report, 2021

Cloud and Threat Report: February 2021 Edition

Cloudy with a chance of malice

 

The February 2021 Edition of the Cloud and Threat Report signals a cyclone forecast of more cloud enabled threats. Key findings show that the majority of all malware is now delivered via cloud applications, underscoring how attackers increasingly abuse popular cloud services to evade legacy security defenses putting enterprise data increasingly at risk.

 

Understand the details why content and context for cloud and web traffic is required for threat and data protection.

Cloud and Threat Report - February 2021

Netskope Cloud
Threat Exchange

Netskope Cloud Threat Exchange (CTE) is a near real-time threat ingestion, curation, and sharing tool that enables Netskope customers and technology partners to bi-directionally exchange IOCs. Security teams can integrate up to the minute intelligence feeds that contain malicious URLs and file hashes into their security infrastructure products such as endpoints, firewalls, secure web-gateways, and cloud access security brokers. For workflow and playbook automation, CTE can also integrate with IR, SIEM, SOAR, MDR, or custom API-based tools.

The Netskope
Security Cloud

See our platform →
The Netskope Security Cloud

Unrivaled visibility. Real-time data and threat protection.

The Netskope Security Cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

The Netskope Security Cloud

Key benefits of Cloud Threat Exchange

Automate threat updates

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

protect anywhere protect anywhere

Increase threat coverage

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

visibility icon

Improve threat optics

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

Take quick action

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

×

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

×

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

×

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

×

Cloud Threat Exchange
use cases

01

Integrate third party feeds with Netskope

Use Cloud Threat Exchange to build custom URL lists within the Netskope Next Gen Secure Web Gateway in order to automate management of allow and blocked domains.

02

Increase data protection coverage

Share filehashes of policy violations from on-premise, endpoint, or email based data leakage prevention solutions for additional DLP identification triggers inside Netskope.

03

Consistently manage threat feeds

Use your preferred threat management system or apply your custom scripts to automate curation and enriching shared IoCs with contextually relevant information.

It’s a cloud and mobile usage world today and if you’re not thinking about that from a threat propagation point of view, you’re flying blind. At the core of our CASB project was solving this side of the cloud enablement equation and Netskope gives us that power.

—CISO, Leading High Tech Company

Cloud Threat Exchange partners

Netskope Technology Partner Cybereason

Netskope Technology Partner Microsoft

Netskope Technology Partner Mimecast

Netskope Technology Partner SentinelOne

Netskope Technology Partner servicenow

Netskope Technology Partner Threatquotient

Netskope Technology Partner VMware Carbon Black

Resources

Accelerate your security program with the SASE leader.