Docy

SaaS Security Posture Management

SaaS Security Posture Management

As enterprises move workloads and sensitive data into the cloud at a rapid pace, SaaS Security Posture Management (SSPM) is a mechanism to look at a cloud infrastructure and service and identify issues, risks, vulnerabilities, and exposures. SSPM allows a user (individual or an enterprise) of a cloud environment to monitor, assess, and act on security, permission, and access related issues in that environment. Netskope gives organizations the visibility, compliance, and protection for critical workloads needed to combat these challenges. With Netskope, get an understanding of your risk exposure, detect misconfigurations, inventory assets, enforce compliance standards, and protect against insider threats and malware.

The SaaS Security Posture Management solution would, on being granted requisite access to a cloud environment, do the following:

  • Scan the cloud environment and list resources specific to that environment.
  • Look at relationships between those resources to identify security related issues in the cloud environment.
  • Generate alerts for the identified issues, based on customer configuration.

SaaS Security Posture Management is the new generation platform for Security Posture Management designed to provide the following benefits:

  • Unified inventory that provides visibility into all your SaaS apps.
  • Enhanced policies management page that makes setting up rules, compliance standard, and policies easier.
  • A new Netskope Governance Language which makes it is easy to build, check, and deploy sophisticated custom rules.
  • Improvements in compliance page with-respect-to performance, enhanced filtering capabilities, and richer context around compliance findings.
  • Ability to build rules spanning across heterogeneous SaaS apps using graph based schema which also helps co-relate relationships between apps.
  • Extendable set of REST APIs now available for SaaS Security Posture Management that can help to automate and orchestrate SSPM capabilities. For additional information, refer the Swagger documentation available within the Netskope tenant. Navigate to Settings > Tools > REST API v2 > API DOCUMENTATION. Search for the following string /api/v2/spm.
  • Visibility into connected apps now available using Netskope Governance Language.

Netskope has extended its SaaS Security Posture Management capabilities to GitHub, Microsoft 365 (including Azure AD, Exchange, and SharePoint), Salesforce, ServiceNow, Workday, and Zoom. New cloud services and applications will be rolled out in due course.

SaaS Security Posture Management Support Matrix

SaaS Security Posture Management supports the following critical capabilities:

  • Audit event: Netskope retrieves audit events for any change made in the SaaS app (upload, download, delete, and more). You can view the audit logs/events on the Skope IT > EVENTS > Application Events page of the Netskope UI. For more information, see Skope IT.
  • UEBA: Standard User and Entity Behavior Analytics. Enable rule-based and ML-based policies to review user and entity behavior on the Policies > Behavior Analytics page of the Netskope UI. For more information, see Behavior Analytics Policies.
  • Compliance: Security configuration rules and policies that map to industry compliance standards. For more information, see SaaS Security Posture Management Policy Wizard and SaaS Security Posture Management Dashboard.
  • Graph-powered rule: Make graph queries with Netskope Governance Language (NGL) and create graph-powered detections to correlate security risk across SaaS apps. For more information, see Custom Rules Using Netskope Governance Language.
Table 16. SSPM Support Matrix
SaaS AppAudit eventUEBAComplianceGraph-powered ruleDocumentation link
Atlassian ConfluenceYesSaaS Security Posture Management for Atlassian Confluence Cloud
Atlassian JiraYesSaaS Security Posture Management for Atlassian Jira Cloud
BoxYesYesAPI Data Protection for Box
Citrix ShareFileYesYesNext Generation API Data Protection for Citrix ShareFile
DropboxYesYesAPI Data Protection for Dropbox
EgnyteYesYesAPI Data Protection for Egnyte
GitHubYesYesYes
Google DriveYes
Google WorkspaceYesSaaS Security Posture Management for Google Workspace
Microsoft Azure ADYesYesSaaS Security Posture Management for Microsoft 365
Microsoft 365 SuiteYesYesSaaS Security Posture Management for Microsoft 365
Microsoft Office 365 OneDriveYesYesAPI Data Protection for Microsoft Office 365 OneDrive
Microsoft Office 365 OneDrive GCC HighYesYesNext Generation API Data Protection for Microsoft 365 OneDrive
Microsoft Office 365 SharePointYesYesYesYes
Microsoft Office 365 SharePoint GCC HighYesYesNext Generation API Data Protection for Microsoft 365 SharePoint
Microsoft Office 365 TeamsYesYesAPI Data Protection for Microsoft Office 365 Teams
Microsoft Office 365 Teams GCC HighYesYesNext Generation API Data Protection for Microsoft 365 Teams GCC High
Microsoft Office 365 YammerYesNext Generation API Data Protection for Microsoft 365 Yammer
OktaYesNext Generation API Data Protection for Okta
SalesforceYesYesYesYes
ServiceNowYesSaaS Security Posture Management for ServiceNow
Slack for EnterpriseYesYesAPI Data Protection for Slack for Enterprise
WorkdayYesYes
Workplace by FacebookYesYesAPI Data Protection for Workplace by Facebook
ZendeskYesNext Generation API Data Protection for Zendesk
ZoomYesYes


Articles

Share this Doc
In this topic ...