Netskope productsNetskope platform capabilitiesNetskope Cloud Threat Exchange

Netskope
Cloud Threat Exchange

Organizations need timely threat intelligence to quickly protect a community across all defense layers.

51%

Threats today are file-less, shifting the threat landscape to a dynamic playing field for online web and cloud resources weaponized with malicious intent.

49%

File-based threats are polymorphic, selectively exposed, and unlikely to be seen multiple times with the same characteristics.

Overall, 44% of threats today are cloud-enabled

Endpoints have exceptional visibility for malicious files and segments written to disk for file-based IOCs. However, for cloud phishing that evades endpoint, email and web defenses, the IOCs are more likely to come from NG SWGs, which have the ability to decode API-based JSON cloud and web traffic. Overall, 44% of threats today are cloud-enabled with phishing being the leading method and SaaS the leading target. These challenges require multiple defenses with unique capabilities and focus points to share timely threat intelligence.

2020-02-The Dark Side of the Cloud-Site Tile-519x519-1x

Netskope Cloud
Threat Exchange
is the Solution

Netskope Cloud Threat Exchange (CTE) is a near real-time threat ingestion, curation, and sharing tool that enables Netskope customers and technology partners to bi-directionally exchange IOCs. Security teams can integrate up to the minute intelligence feeds that contain malicious URLs and file hashes into their security infrastructure products such as endpoints, firewalls, secure web-gateways, and cloud access security brokers. For workflow and playbook automation, CTE can also integrate with IR, SIEM, SOAR, MDR, or custom API-based tools.

The Netskope
Security Cloud

See our platform →
The Netskope Security Cloud

Unrivaled visibility. Real-time data and threat protection.

The Netskope Security Cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

The Netskope Security Cloud

Key benefits of Cloud Threat Exchange

Automate threat updates

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

""

Increase threat coverage

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

Improve threat optics

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

Take quick action

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

Leverage CTE to automate threat intelligence feeds and sharing with Netskope NG SWG, Threat Protection and third party security defenses.

×

Combine various sources of threat intelligence to improve coverage in different focus areas, such as cloud phishing, web drive-by downloads, or command and control.

×

Understand the frequency an IOC has been detected across different points of the attack surface. Netskope analyzes data-in-motion and at-rest using IOCs for threat detection.

×

Use CTE to IR workflows or orchestration playbooks to automate response steps, making security analysts more efficient across multiple security tools.

×

Cloud Threat Exchange
use cases

01

Integrate third party feeds with Netskope

Use Cloud Threat Exchange to build custom URL lists within the Netskope Next Gen Secure Web Gateway in order to automate management of allow and blocked domains.

02

Increase data protection coverage

Share filehashes of policy violations from on-premise, endpoint, or email based data leakage prevention solutions for additional DLP identification triggers inside Netskope.

03

Consistently manage threat feeds

Use your preferred threat management system or apply your custom scripts to automate curation and enriching shared IoCs with contextually relevant information.

It’s a cloud and mobile usage world today and if you’re not thinking about that from a threat propagation point of view, you’re flying blind. At the core of our CASB project was solving this side of the cloud enablement equation and Netskope gives us that power.

—CISO, Leading High Tech Company

Cloud Threat Exchange partners

Resources

Reimagine your perimeter.