Observe Cloud App Activities (OPLP) and Risk Insights

Observe Cloud App Activities (OPLP) and Risk Insights

Netskope Risk Insights gives you an ongoing view of the cloud and web use at your organization and uses the Netskope Cloud Confidence Index (CCI) to assess the enterprise readiness of cloud services based on a set of objective criteria. This serves as a guidepost to mitigate risk, influence usage and reduce costs for the cloud services in your organization.

As a general methodology, Risk Insights is the process by which enterprises can routinely assess the risk associated with any cloud traffic, developing specific reports, queries, and dashboards to allow enterprises to monitor potential cloud threats in their environment and adjust their security posture appropriately.

Netskope delivers granular detail about cloud and web usage down to the activity and user level when available, which provides additional context to inform your security policies. Netskope even allows you to run ad hoc queries and dynamic reports in real time for custom reporting needs. You can also identify anomalies such as data exfiltration or compromised credentials.

Understanding Risk Insights

An event is the most fundamental element of information that is displayed in the Netskope tenant, tracking the details associated with an individual occurrence of a connection to a particular application. Events are separated into three distinct types: page, application, and alert events. 

Shown below is  a summary of the events:

CategoryPage EventsApplication EventsAlert Events
General DescriptionProvides byte traffic informationProvides context around user activitiesHighlights potential risk through threat or policy engines
OPLP/CLSDetail of events depends on granularity of the log sourceUsually only block events from proxy/firewall via policy or HTTP error codesUsually only anomalies or malicious sites/malware
API-enabled ProtectionNot applicablePolled audit logs and scan activities for users in API-integrated appsAlerts on policy for DLP, quarantine, legal hold, etc. + anomalies, malware, compromised creds
Real-time ProtectionUsers generate events with username and byte traffic directionReal-time audit logs of user activities for all steered cloud appsAlerts on policy for DLP, quarantine, legal hold, etc. + anomalies, malware, compromised creds

Users of Risk Insights:

  • Cloud Governance Team
  • Risk Management Team
  • Security Analyst
  • Netskope Admin

Here are some widely used real world use cases that will address your organization’s visibility and reporting needs.

Use cases:

Share this Doc

Observe Cloud App Activities (OPLP) and Risk Insights

Or copy link

In this topic ...