Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG) e Private Access for ZTNA integrados nativamente em uma única solução para ajudar todas as empresas em sua jornada para o Secure Access Service Arquitetura de borda (SASE).

Netskope Borderless SD-WAN oferece uma arquitetura que converge princípios de confiança zero e desempenho de aplicativo garantido para fornecer conectividade segura e de alto desempenho sem precedentes para cada site, nuvem, usuário remoto e dispositivo IoT.

Read the article

Explore a nossa plataforma

Conheça a NewEdge

Saiba como protegemos o uso de IA generativa

Learn about Zero Trust

Learn about Industry Solutions

Bônus Episódio 2: O Quadrante Mágico para SSE e como acertar o SASE
Mike e Steve discutem o Gartner® Magic Quadrant™ para Security Service Edge (SSE), o posicionamento da Netskope e como o clima econômico atual afetará a jornada do SASE.

Reproduzir o podcast

Como a Netskope pode habilitar a jornada Zero Trust e SASE por meio dos recursos de borda de serviço de segurança (SSE).

Leia o Blog

A Netskope desenvolveu uma variedade de laboratórios práticos, workshops, webinars detalhados e demonstrações para educar e auxiliar os clientes da AWS no uso e implantação dos produtos Netskope.

Learn about AWS Immersion Day

Explore o lado de segurança de SASE, o futuro da rede e proteção na nuvem.

Learn about Security Service Edge

Saiba mais

A Netskope foi reconhecida como Líder no Magic Quadrant™ do Gartner® de 2023 para SSE.

Obtenha o Relatório

Conheça nossa equipe

Learn about Netskope Partners

Applying MITRE Att&ck

We previously announced how Netskope is helping to develop content about cloud threats and techniques in the MITRE Att&ck framework. Today, we’d like to discuss how you can apply Att&ck to improving defensive measures and introduce several case studies of how it can help in the detection and analysis of cloud threats.

Specifically, we want to look at how it can help:

Be a systematic checklist to reduce planning gaps/omissions and thereby reducing FNs, fill defensive gaps, red-team/test
More easily foresee and reduce FPs helping to reduce security ops inefficiencies
Analyze/categorize threats and solutions and determine the best defensive measures whether discrete detections/mitigations/prevention measures, anomaly detection, behavioral, or M/L approaches.

Getting Started

If this is the first time you’ve been introduced to Att&ck, starting with the Att&ck website and blog is the best approach.

Familiarize yourself with the taxonomy and terminology
Skim the content in the knowledge base in terms of tactics, techniques, and mitigations
Review the Analytics for more specifics regarding implementation of detections
Review the use cases in the blog posts (linked below) to understand how you can more prescriptively apply Att&ck

Use Cases

Att&ck was designed to help in 4 primary use cases:

https://miro.medium.com/max/736/1*DioJj9NQNtDXGBTEO_8-7w.png

Threat Intel: Inform defenses based on potential threats (sector-focused groups), prioritize techniques based on commonality among groups, and gap analysis of current defenses vs common threats.
Detection and Analytics: Data sources, OOB analytics, testing, custom analytics, and purple teaming
Adversary Emulation: Atomic technique tests, red-team varied behaviors, comms to blue team, and adversary emulation based on CTI
Assessments and Engineering: assess gaps, prioritize, modify defenses; single technique, fidelity across mult techniques, mitigations.

Applying Att&ck to the Cloud

At Netskope, we focus on the second use case; Detection and Analytics. Here are recent blog posts that go into detail on how you can benefit from mapping cloud threats to the Att&ck framework:

Jenko Hwong

Jenko has 15+ years of experience in research, product management, and engineering in cloud security, AV/AS, routers/appliances, threat intel, Windows security, vulnerability scanning and compliance. At Netskope, he researches new cloud attacks.

Mais informações