Skip to main content

Netskope Help

Cloud Exchange Module Descriptions
Log Shipper

Log shipper regularly and persistently executes polls against the Netskope REST API gateway to extract raw JSON formatted event and alert logs and push a newly formatted version out to one or more receivers, configured as a plug-in. It does this using a sophisticated algorithm to use a multi-threaded query engine, working within rate limits (4 queries/second), and handling errored responses and datasets larger than its pagination limit (10,000 logs per response) in order to deliver all requested logs during initial seeding and near-real time activities.

Ticket Orchestrator

Ticket Orchestrator extracts alerts, and the fields in those alerts, generated by Netskope in response to user and system behaviors/discoveries, and creates tickets and/or notifications in 3rd-party ITSM/IR/collaboration systems to streamline incident response.

Threat Exchange

Threat Exchange is designed to streamline and automated the sharing of indicators found/blocked/sourced by one security or IT platform in defense of a specific customer to every other connected platform owned or used by the same customer that can leverage that data, to reduce the likelihood of success of attack.

Risk Exchange

Risk Exchange creates a single view into multiple connected systems’ risk values for individual users and devices. As scores are consumed into a database, they are mapped to a normalized value range and can be weighted as needed to create a single score per user, and a daily average across all users/devices. By leveraging business logic, you can match individual scores, score combinations, or weighted scores as nested, ordered triggers to send notifications via Ticket Orchestrator plugins, and/or trigger one or more pre-configured orchestrated actions as made available in individual plugins.