Application Risk Exchange Plugin

Application Risk Exchange Plugin

This document explains how to configure the Netskope integration with the Application Risk Exchange workflow of the Netskope Cloud Exchange platform.

Prerequisites

To complete this configuration, you need a Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.

CE Version Compatibility

This plugin is compatible with all the supported Netskope CE Versions.

Application Risk Exchange Plug Support

This plugin is used to pull Applications from the Netskope Tenant.

Type of data pulledApplications
Mappings

Mappings for Pull (Netskope CE field – Netskope API fields)

Netskope CE FieldsNetskope API Field
applicationIdapp.id
applicationNameapplication_event.app
vendorapp.organisation
cciapp.cci
cclapp.ccl
categorynameapp.category_name
discoveryDomainsapp.discovery_domains
steeringDomainsapp.steering_domains
Permissions

Access to the required permissions provided here for the v2 REST API scopes.

API Details
List of APIs Used
API EndpointMethodUse Case
/api/v2/services/cci/domainGETFind the application domain related details.
/api/v2/services/cci/tagsGETFind Tags related details for particular applications
/api/v2/services/cci/appGETFind application details
Find the Application Domain-related Details.

API Endpoint: /api/v2/services/cci/domain

Method: GET

Parameters:

appname: <name of application separated from ;>

Headers:

Netskope-Api-Token: <V2_Token>

Accept: application/json

Content-Type: application/json

Sample API Response:

To access the API Response view, log in to your Netskope tenant and go to Settings > Tools > REST API v2, and then click API Documentation.
From there, you will be able to request the API mentioned above and obtain the desired API response.

API Endpoint: api/v2/services/cci/tags

Method: GET

Parameters:

apps: <name of apps separated from ;>

Headers:

Netskope-Api-Token: <V2_Token>

Accept: application/json

Content-Type: application/json

Sample API Response:

To access the API Response view, log in to your Netskope tenant and go to Settings > Tools > REST API v2, and then click API Documentation.
From there, you will be able to request the API mentioned above and obtain the desired API response.

Find Application Details

API Endpoint: /api/v2/services/cci/app

Method: GET

Parameters:

apps: <name of apps separated from ;>

Headers:

Netskope-Api-Token: <V2_Token>

Accept: application/json

Content-Type: application/json

Sample API Response:

To access the API Response view, log in to your Netskope tenant and go to Settings > Tools > REST API v2, and then click API Documentation.
From there, you will be able to request the API mentioned above and obtain the desired API response.

User Agent

The user-agent added in this plugin is in the following format:

netskope-ce-<ce_version>

For example:

netskope-ce-5.0.1

Configure the Netskope Plugin for Application Risk Exchange

  1. In Cloud Exchange, go to Settings and enable the Application Risk Exchange Module.
  2. Go to Application Risk Exchange and click Plugins > Configure New Plugin.
  3. Select the Netskope ARE Plugin.
  4. Select the Netskope (ARE) box to open the plugin creation pages. Field descriptions are provided below.

    Enter and select the Basic Information:

    • Configuration Name: Enter a name appropriate for your integration.Initial Range: Enter the number of hours to pull the data for the initial run.Tenant: Select a Tenant from the dropdown.
  5. Click Save in the top right. Go to Application Risk Exchange > Plugins to see your new Netskope plugin.

Add a Business Rule for Application Risk Exchange

  1. In Application Risk Exchange,  go to Business Rules.
  2. By default, there’s a business rule that filters all CCLs. If you want to filter out any specific types of CCLs, click Create New Rule and configure a new business rule by adding the rule name and filter.
  3. Click Save.

Configure Sharing for Application Risk Exchange

Before you can configure sharing here, you need to create a 3rd-party plugin to share with. Refer to the documentation for steps to configure a 3rd-party plugin. After you have created a 3rd-party plugin, use these steps to configure actions.

  1. In Application Risk Exchange, go to Sharing and click Add Sharing Configuration.
  2. Select the Source plugin (Netskope ARE), Destination plugin (3rd-party plugin), and select a business rule.
  3. Click Save.

After Sharing is configured, the applications will start getting pushed from the Application Risk Exchange to the 3rd-party platform.

Validate the Application Risk Exchange Netskope Plugin

Validate the Pull

Validation on Netskope CE

Pulled Applications will be listed on the Applications page.

To verify pulled logs on Cloud Exchange, go to Logging and search logs (“Enter your Netskope ARE Plugin name”).

Validate the Applications on the Netskope Tenant

To validate Applications are present from the Netskope Tenant.

  1. Log in to the Netskope Tenant.
  2. Click Skope IT.
  3. Click Application Events.
  4. Filter by CCL according to your needs.

Validate the Push

To validate the push in Cloud Exchange, go to Logging and filter shared logs for the Application Risk Exchange 3rd-party plugin.

Share this Doc

Application Risk Exchange Plugin

Or copy link

In this topic ...