Improved Reporting on Malware Files in API Data Protection

Improved Reporting on Malware Files in API Data Protection

API Data Protection dashboard page now includes additional information about theMD5 checksum on malware as well as details if the malware was detected by Netskope or the SaaS application. Filtering capabilities on the newly available data is also added.

The current malware section on the API dashboard is now enhanced to provide more information about how Netskope calculates the malware count and provide more malware metadata such as MD5 checksum and Detection Type for files listed as malware on the dashboards’ file listing page.

As part of this enhancement, following changes are introduced:

Note

The following screenshots and enhancements are taken from a Google Drive app instance. However, these enhancements are applicable for all supported storage apps.

Log in to the Netskope UI tenant, click API-enabled Protection > SAAS on the left navigation pane. The panel displays a list of apps. Click the desired app to view the app-specific dashboard statistics.

  • Added a tooltip to explain how the malware count is calculated on the API-enabled Protection dashboard page.
    API-Data-Protection_Malware-Count-Tooltip.png

    How does Netskope calculate the malware file count on the API-enabled Protection dashboard?

    • The malware files count here only denotes the count of malware identified via API integrations to this specific SaaS application instance. Malware detected using other access methods are not included in this count.
    • For customers with threat protection enabled, the malware files count on the API-enabled Protection dashboard shows the combined malware files count from threats detected by the native SaaS app + threats detected by the Netskope threat engine.
    • For customers with no threat protection enabled, the malware files count on the API-enabled Protection dashboard shows the malware files count from threats detected by the native SaaS app only.
  • Renamed Malware File filter to Malicious. Added MD5 checksum and Detection Engine filters.

    Note

    The MD5 checksum and Detection Engine filters are available only when Malicious filter is set to Yes.

    API-Data-Protection_MD5-Detection_Engine-Filters.png

    The detection engine filter has the following sub-filters:

    • Native App
    • Netskope AV
    • Netskope Advanced Heuristic Analysis
    • Netskope Cloud Sandbox
    • Netskope Threat Intelligence
  • Added MD5 checksum of the identified malware file and Detection Engine fields in the file details page.
    API-Data-Protection_MD5-Detection_Engine.png

    You can click the magnifying glass icon to lookup the incident. The page redirect to Incidents > Malware.

  • Added a tooltip to explain how the malware count is calculated on the Incidents > Malware page.
    API-Data-Protection-Incident_Malware-Count-Tooltip.png
Share this Doc

Improved Reporting on Malware Files in API Data Protection

Or copy link

In this topic ...