01Visibility into multi-cloud inventory
Collects and summarizes key information about the resources in and across your AWS, Azure and GCP deployments to simplify your understanding of your overall public cloud footprint.
Read more Visibility into multi-cloud inventory
Provides a detailed inventory page for each resource, where you can see how many alerts have been generated by each resource, as well as the detailed configuration details for each resource. Collects and summarizes information such as the number of:
- Accounts
- Subscriptions
- Projects
- Compute Instances
- Storage Buckets
- Databases
- VPCs
- Security Groups
- Users and Roles
02Visibility into multi-cloud configurations and compliance
Provides visibility into the configuration of various cloud resources and services, as well as your compliance with benchmarks, such as NIST, CIS, PCI, and even your own custom security controls.
Read more Visibility into multi-cloud configurations and compliance
- Provides visibility into the configuration of various cloud resources and services.
- Offers guidance on how to enable the appropriate workflows that allow security teams to integrate with the infrastructure teams to resolve misconfigurations.
- Automatically disseminates configuration scan results, with granular filters and least privilege, so that the owner of the infrastructure only gets the data they need
- Utilizes a large and growing library of Restful APIs to support key use cases, such as the bulk setup of accounts and subscriptions and the integration into the CI/CD pipeline via API scans.
03Visibility into data at rest
Extends the benefits of data loss prevention (DLP) profiles used for SaaS applications to your public clouds and scans storage buckets in AWS (S3) and Azure (blob container) to identify sensitive data and malware.
Read more Visibility into data at rest
- Extends the benefits of DLP profiles used for SaaS applications to your public clouds
- Offers Netskope DLP policies that cover data residing in fields of cloud services, such as Salesforce and ServiceNow
- Uses Netskope DLP’s unique ability to inspect content in thousands of cloud services.
- Uniquely extends support for DLP policies to unmanaged cloud services, such as social media posts, subject lines in webmail, and collaboration messages in application, such as Jive, Yammer, and Chatter
- Offers comprehensive malware prevention and detection capabilities. Netskope Threat Protection is not restricted to just executables. It includes proprietary engines to parse through PDFs, DOC files, etc.
04Visibility & control over unmanaged IaaS activity
Uses inline visibility and controls, powered by Cloud XD, to enhance native cloud controls and uncover admin and CLI activity taking place across unmanaged instances of AWS, Azure, and GCP (Shadow IT).
Read more Visibility & control over unmanaged IaaS activity
- Provides real-time inline visibility and control
- Alerts when a user logs into a personal AWS account (using a personal email)
- Alerts or blocks attempts to download malware from an S3 bucket
- Blocks attempts to upload sensitive data to Azure Blob Storage
05Visibility and control over insider threats
Uniquely provides enhanced inline controls that extend beyond typical API-based CSP management capabilities.
Read more Visibility and control over insider threats
- Pulls the S3 inventory to create a “whitelist” of known managed S3 buckets. This whitelist is fed into an inline policy, which allows you to block attempts to exfiltrate data from managed to unmanaged buckets.
- Enables policies to be established to provide inline security controls, like DLP and ATP of traffic to/from public clouds.
- Detects and blocks insider threats, stopping the exfiltration of data from a corporate, managed storage bucket/blob to a personal, unmanaged storage bucket/blob.
- Allows you to add custom bucket lists by uploading a CSV file or via API integration.