Netskope for Microsoft Azure

Identify and protect data at rest stored in Azure blobs as well as monitor and control data in motion between Azure and third-party cloud services – enhancing visibility into cloud native audit logs, Virtual Network flow logs and other data sources.

• Protects your data at rest and data in motion
• Offers predefined regulatory and best practices compliance templates
• Uses 3000+ language-independent data identifiers to inspect 1400+ file types
• Identifies and blocks any attempts by users to upload data to unmanaged Azure blobs, whether via the Azure portal or executing a programmatic copy and sync in the CLI
• Feeds API-based insights into Netskope Security Cloud policies for inline enforcement
• Provides ongoing and retro scanning of data in Azure blobs – supporting incident response as well as tracking changes in sensitive data due to addition or deletion
• Includes file and binary fingerprinting as well as Optical Character Recognition (OCR)
• Provides exact data matching for structured content
• Uses machine learning based document and image classification for high efficiency

Monitor and protect your Azure resources in real time using granular controls that identify and restrict access between managed and unmanaged “shadow IaaS” services.

• Enhances visibility into Azure blob activity using a combination of both real-time and API-enabled controls
• Decodes activities in real-time using Netskope One Zero Trust Engine and places activity-level restrictions for users, groups, and OUs across a wide range of Azure services
• Provides visibility and control of actions performed via the Azure portal and CLI

Detect and stop threats and data loss from malicious insiders accessing Azure blobs using a unique combination of API-enabled and inline controls.

Detect and stop insider threats in Azure:

• Uses UEBA to defend against insider threats such as data exfiltration, compromised credentials and malware
• Identifies and prevents malicious activity and anomalies like bulk downloads or copies of data – whether using the the Azure portal, CLI or third-party app

Utilize multi-layer threat detection including anti-virus, anti-malware, user and entity behavior analytics (UEBA), heuristic analysis, sandboxing and more, to uncover elusive and advanced attacks within Azure.

Detect and stop threats in the cloud:

• Provides automated policies and workflows for real-time response to stop or reverse the effects of cloud threats
• Conducts real-time, full file inspection to detect and block malware
• Provides rich metadata for SOC investigations and threat hunting
• Utilizes machine learning anomaly detection to expedite and simplify threat response
• Uses 40+ threat intelligence feeds, plus custom IOC hash and URL feeds
• Offers an open API for EDR, SIEM, SOAR, and 3rd party integrations

Protect and secure access to private applications within Azure using zero trust network access (ZTNA) capabilities to mitigate public exposure of private applications while avoiding the need to inefficiently “hairpin” access back through a corporate data center.

Netskope One Private Access secures access to applications in Azure:

• Provides secure connectivity between remote users’ devices and private applications using end-to-end TLS (v1.3) encrypted tunnels
• Supports multiple application access methods including browser-based (e.g. HTTP/HTTPS) and non-web / thick applications (e.g. SSH, RDP).
• Ensures only authenticated and authorized users can gain access to applications in Azure
• Integrates with Microsoft Active Directory and Single Sign-On (SSO) providers to understand users, groups and organizational units.
• Ensures that only corporate, managed devices meeting a specific security posture can access private applications in Azure.
• Provides inline, granular policies for restricting or allowing access to private applications based on criteria including User, Group or Organizational Unit (OU); Device Classification; or Operating System.
• Offers optimal routing through Netskope NewEdge – a low-latency, high-capacity, scalable global network infrastructure.