Netskope introduces first complete threat protection and remediation solution for enterprise cloud apps

Netskope, has announced the availability of Netskope Active Threat Protection (NATP), a first-of-its-kind threat protection solution for the cloud access security broker (CASB) industry. With a comprehensive vantage point over cloud app usage, NATP combines threat intelligence, static and dynamic analysis, and machine-learning based anomaly detection to enable real-time detection, prioritised analysis and remediation of threats that may originate from — or be further propagated by — cloud apps. These new Netskope capabilities integrate with industry-leading tools to create a defence-in-depth solution that reduces the time required for cloud threat detection and forensic analysis from hours to minutes.

[easy-tweet tweet=”#CloudNews: @Netskope introduces complete threat protection and remediation solution for #enterprise #apps”]

With 4.1 percent of enterprises’ sanctioned cloud apps laced with malware and total cloud app usage — including unsanctioned or “shadow IT” apps — extending into the thousands per enterprise, organisations have been largely unprotected by traditional perimeter security providers. The increasing complexity of the threat landscape and frequency of attacks has also led to an unprecedented shortage of skills and cognitive overload for IT security professionals.

NATP addresses the lack of cloud visibility with a 360-degree view into sanctioned and unsanctioned cloud app usage, even if the user is accessing the app remotely or from a mobile device. This vantage point over the cloud vector goes beyond other CASB solutions that fail to see all app usage and data movement. NATP goes even further by understanding the context of the usage, such as who is uploading, downloading and sharing data — information that may prove critical when thwarting an attack or limiting its blast radius.

To help IT address the complexity of the threat landscape and skills shortage, NATP is designed to prioritise potential threat dangers during scanning without sacrificing the comprehensiveness of the scans performed. This is done at high speed and in real time before surfacing forensic analysis in a single Netskope dashboard or via a customer’s security information and event management (SIEM) solution. To expedite or automate remediation efforts, NATP comes with a granular policy enforcement engine and can trigger workflows such as quarantining, or a customer can integrate with their existing remediation toolset.

Key features of Netskope Active Threat Protection include:

  • 360-degree cloud vantage point: NATP offers a 360-degree view into sanctioned and unsanctioned apps, distilled into users, activity and context, all in one central dashboard.
  • Prioritised threat protection: Industry-first prioritised threat protection provides deep contextual-based insights from threat intelligence, static and dynamic analysis and anomaly detection, to detect, analyse and quarantine the latest viruses, advanced persistent threats (APTs), spyware, adware, worms, ransomware and other malware.
  • Remediation built for the cloud: NATP leverages the Netskope policy enforcement capabilities along with cloud-specific integrations with endpoint detection and response (EDR), sandbox and SIEM vendors so that the time required for forensics is reduced from hours to minutes.

[quote_box_center]“With the constantly evolving landscape of malware, ransomware and other threats to the enterprise, IT need not only ‘rip the blindfold off’ when it comes to shadow IT, but must be able to react immediately to ensure the safety and security of sensitive data,” said Sanjay Beri, co-founder and CEO, Netskope. “With Netskope Active Threat Protection, customers can now take advantage of the Netskope deep cloud app visibility and granular policy enforcement capabilities in tandem with the benefits of a complete threat protection suite. We have collaborated with a number of leading enterprise security companies to offer this service to our customers and ensure that we are one step closer to safer enterprise cloud app usage.”[/quote_box_center]

NATP also integrates with leading IT security vendors to provide best-of-breed capabilities and extend existing enterprise investments:

  • Threat intelligence feed aggregation and sharing: NATP automatically aggregates and normalises threat intelligence feeds to increase threat detection. In addition, as a participant in the FireEye Cyber Security Coalition, Netskope integrates with the FireEye platform to share intelligence. Finally, Netskope Active Threat Protection communicates using STIX/TAXII or OpenIOC standards to exchange threat context and detection information and Netskope customers can easily leverage existing threat intelligence aggregations that they have built over time.
  • Zero-day threat intelligence: Zero-day intelligence feeds from FireEye ensure NATP detects and protects against the latest threats.
  • Sandboxing: NATP provides certified integrations with FireEye and Cyphort. Additional sandboxing providers can be leveraged through pre-built integrations.
  • Endpoint intelligence and incident response: NATP integrates out-of-the-box with the Carbon Black EDR solution. The integration is bi-directional; endpoint behavioural data is pulled into the Netskope platform, where it is analysed against user, activity and content data. Netskope cloud app policies can also be pushed to the EDR for seamless remediation.
+ posts

Meet Stella


Related articles

Why is integration in Smart Lockers important?

With careful consideration and planning, smart locker integration can be a valuable investment that can enhance operational efficiency and improve the overall experience for end-users.

5 Barriers to Cloud Modernisation

Migrating IT from on-premises systems to the cloud offers a range of benefits, including lower IT maintenance costs, greater scalability, or flexibility, quicker time to value, and the ability to enable business continuity amidst industry disruption.

How AI can streamline procurement and supply chains

AI can power smarter, data-driven decision making, creating more agile supply chains that can react faster to volatility and protect business continuity.

The perfect time to invest in cloud technologies

the current economic climate presents a prime opportunity for businesses to invest in cloud technologies.

Why a ‘cloud strategy’ alone can’t stave off your competition

There is no doubt: the cloud is an unparalleled tool for boosting productivity. But clouds themselves can also be accelerated using the right connectivity.

Subscribe to our Newsletter