Using Advanced Analytics

Using Advanced Analytics

To use Advanced Analytics for remediation of IaaS misconfigurations, follow the steps shown below:

  1. Navigate to Advanced Analytics > Netskope Library.
  2. Select one or many from IaaS CSA Dashboard, IaaS dashboard, IaaS Storage Scan Dashboard, Unsanctioned IaaS Dashboard and Multi Cloud CSA Dashboard. 
  3. Run the dashboard(s) for the required time period.
  4. Check the results of the dashboard(s) to identify key areas of remediation and perform remediation steps as described in Auto Remediation or Manual steps for remediation.

Type of information obtained from the dashboards is shown below:

IaaS CSA DashboardIaaS CSA DashboardIaaS Storage Scan DashboardMulti Cloud CSA DashboardUnsanctioned IaaS Dashboard
Get overall details of CSA alerts by severity, region, account:
  • IaaS CSA alerts by severity
  • Top Critical/High CSA rules triggered
  • Top Accounts & Objects with Critical CSA alerts
  • Regions generating alerts
This dashboard offers a view into IaaS account health by addressing the following topics and questions:
  • What are the top accounts that are out of compliance?
  • What are the top accounts out of compliance for AWS, GCP and Azure?
  • Why are these accounts out of compliance?
  • Is compliance improving over time?
Gives a high-level overview of Data Protection, Threat Protection and Security Assessment in IaaS apps/platforms. Including:
  • DLP profile distribution, the apps and buckets affected, DLP alert details
  • Malware detected and specific buckets
  • Public buckets detected
Get overall IaaS metrics across all accounts:
  • Trend of IaaS CSA Alerts
  • IaaS Alerts by CSP
  • IaaS CSA alerts by CSP & Account ID
Identity unsanctioned IaaS instances by instance id and users associated.

Get details of hits by users and alerts.

All the data  here is obtained from inline traffic.

Share this Doc

Using Advanced Analytics

Or copy link

In this topic ...