fechar
fechar
Sua Rede do Amanhã
Sua Rede do Amanhã
Planeje seu caminho rumo a uma rede mais rápida, segura e resiliente projetada para os aplicativos e usuários aos quais você oferece suporte.
          Experimente a Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            A Netskope estreia como líder no Quadrante Mágico™ do Gartner® para Single-Vendor SASE
              Protegendo a IA generativa para leigos
              Protegendo a IA generativa para leigos
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Prevenção Contra Perda de Dados (DLP) Moderna para Leigos
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Livro SD-WAN moderno para SASE Dummies
                  Modern SD-WAN for SASE Dummies
                  Pare de brincar com sua arquitetura de rede
                    Compreendendo onde estão os riscos
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                            Netskope GovCloud
                            Netskope obtém alta autorização do FedRAMP
                            Escolha o Netskope GovCloud para acelerar a transformação de sua agência.
                              Let's Do Great Things Together
                              A estratégia de comercialização da Netskope, focada em Parcerias, permite que nossos Parceiros maximizem seu crescimento e lucratividade enquanto transformam a segurança corporativa.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Suporte Técnico Netskope
                                  Suporte Técnico Netskope
                                  Nossos engenheiros de suporte qualificados estão localizados em todo o mundo e têm diversas experiências em segurança de nuvem, rede, virtualização, fornecimento de conteúdo e desenvolvimento de software, garantindo assistência técnica de qualidade e em tempo hábil.
                                    Vídeo da Netskope
                                    Treinamento Netskope
                                    Os treinamentos da Netskope vão ajudar você a ser um especialista em segurança na nuvem. Conte conosco para ajudá-lo a proteger a sua jornada de transformação digital e aproveitar ao máximo as suas aplicações na nuvem, na web e privadas.

                                      Why Risk Doesn’t Need to Be a Four Letter Word

                                      Apr 20 2023

                                      Risk used to be a word thrown around as if it could be defined generally and, once defined, consistently applied to all business and technology use cases. This didn’t work out so well for customers, CISO’s, or vendors. Risk was a “four-letter-word” and it fell out of common use. 

                                      Happily, the technology that underpinned quantifying cybersecurity risk has come a long way. Now many vendors take advantage of machine learning algorithms to understand normal versus abnormal behavior. This has led to more reliable, actionable indicators than another thousand alerts and has set the stage for bringing quantified risk back into the limelight. More importantly, the underlying assumption of ONE definition for risk has also evolved—risk context, we increasingly say, is king. 

                                      Tools like Netskope Cloud Risk Exchange (CRE) have given practitioners the means to leverage many signals to create a customizable set of rules around individual, combination, or normalized aggregate risk levels associated with users, devices, and applications. Even better, frameworks like Shared Signals and Events by OpenID and its associated Continuous Authentication Evaluation Protocol give vendors means for passing the context of their risk scores. Without that, each vendor only knows why a score changed through its own lens—but with multiple context sources, ISVs can start making decisions to change their own scores based on OTHER systems’ findings.

                                      So now the identity provider detecting a bad guy attempt to brute force login to OneDrive can tell the endpoint security vendor that the user is suspect and why, the endpoint vendor can tell the cloud vendor that the problem appears to be associated with a high risk (compromised device), and the cloud vendor can tell both that the user and device started acting strangely during the last full moon and hasn’t changed since. Additionally observing the user has started using a number of other high-risk, privacy unfriendly applications in the interim. Rather than sorting through thousands of alerts or millions of signals, the vendors can leverage all the processing power each has brought to bear to share the findings and then the customer can take action as appropriate. Then every participating IT/security vendor can support creating or invoking dynamic rules to change user and/or device access or authentication requirements in response to the big picture of risk, as customized for each organization’s risk management practices. 

                                      Nearly every Netskope technology partner has some way to change policy or move users in response to indicators, to correlate and trigger that change. 

                                      Consider a group of insurance companies sharing risk information about an often impaired driver operating a poorly maintained car. They know that driver and car combination is dangerous, it is just a matter of time before there is a collision, so they raise their rates to reduce their risk. The downside of this model is that they don’t have visibility into whether the driver is impaired right now or if they’re currently in a car with faulty brakes.

                                      So vendors are moving towards a continuous validation of risk in real time. As it is being implemented, this form of check-in “is the driver impaired RIGHT now?” or “is the device trusted RIGHT now?” is being performed before access is granted. Netskope’s adaptive risk engine can facilitate this—even going so far as to pause the session to validate risk before allowing the user to resume engaging in a potentially risky Internet activity. These controls dial risk to be commensurate with trust without waiting for a timer to catch-up to the danger. 

                                      By using tools like Cloud Risk Exchange users are able to leverage both kinds of risk, lagging risk and real-time risk calculations, context, and policy responses, to make the modern workplace safer for all according to the business needs of each. All while exchanging risk insights with partners like Crowdstrike, Mimecast, SecurityScorecard, BitSight, Okta, and ServiceNow. Risk no longer can be used as a four letter word, but as a word that can have quantifiable insights and action thanks to CRE.

                                      To learn more about CRE, its parent platform Cloud Exchange, and Netskope and its adaptive risk controls—or about any of our other “risk-aware” partners—come join us at booth #S842 at RSA 2023 in San Francisco on April 24-27, 2023.

                                      author image
                                      James Robinson
                                      James Robinson is a seasoned professional with over 20 years of experience in security engineering, architecture, and strategy.
                                      James Robinson is a seasoned professional with over 20 years of experience in security engineering, architecture, and strategy.
                                      author image
                                      David Willis
                                      David is an experienced business, security, and technology leader with over 20 years across telecommunications, financial services, and software industry verticals.
                                      David is an experienced business, security, and technology leader with over 20 years across telecommunications, financial services, and software industry verticals.

                                      Mantenha-se informado!

                                      Assine para receber as últimas novidades do Blog da Netskope