Skip to main content

Netskope Help

Enabling Data Protection for Azure Blob Storage


Netskope supports DLP scanning on BlobStorage and general-purpose v2 storage accounts only. To upgrade to a general-purpose v2 storage account, refer the Azure documentation located here.

To configure an Azure subscription for Data Protection,

  1. Register the Microsoft Event Grid in Azure. To learn more: Step 1/4: Register Microsoft Event Grid in Azure for Data Protection.

  2. Configure an Azure Active Directory Application. To learn more: Step 2/4: Configure an Azure AD Application for Data Protection .


    You can configure multiple subscriptions for DLP Scan and Threat Protection (Malware Scan) with the same Azure Active Directory Application.

  3. Assign permissions to scan Blob storage. To learn more: Step 3/4: Assign Azure Permissions for Data Protection.

  4. Add the Azure Subscription to the Netskope tenant. To learn more: Step 4/4: Add the Azure Subscription to the Netskope Tenant for Data Protection.


Netskope normalizes the term "Account" to help with cross CSP summaries. Netskope normalized “Account” field maps to Azure Subscription.