Netskope Public Cloud Security
Netskope Public Cloud Security
As enterprises move workloads and sensitive data into public cloud infrastructure at a rapid pace, the risk of exposure, sensitive data loss, non-compliance, and threats like malware remain significant challenges. Netskope gives organizations the visibility, compliance, and protection for critical workloads needed to combat these challenges. With Netskope, you can get an understanding of your risk exposure, detect misconfigurations, inventory assets, enforce compliance standards, and protect against insider threats and malware.
Features and Benefits
Netskope provides a wide range of security capabilities to protect your cloud infrastructure services.
- Cloud Security Posture Management (CSPM) helps you assess the security risk and manage the security posture of your public cloud resources. This feature is available for AWS, Azure, and GCP. To learn more: Cloud Security Posture Management.
- Storage Scan gives you visibility into DLP violations and malware threats. This feature is available for AWS, Azure, and GCP. To learn more: Data Protection for Public Cloud.
- Forensics allows you to capture DLP incident metadata in a location of your choice to aid with security investigations. This feature is available for AWS, Azure and GCP. To learn more: Forensics for Public Cloud.
You can further secure your public cloud infrastructure using API controls. To learn more: Public Cloud API Endpoints for REST API v1.
Benefits
Netskope provides you with the following benefits.
- Detect and secure your sensitive content en route to or from your public cloud with award-winning cloud DLP.
- Gain granular visibility and control of activities being performed on both sanctioned and unsanctioned public cloud instances. Know what’s going on with individual instances and place activity-level restrictions across a wide range of services within your public cloud.
- Monitor and prevent network configuration changes, like checking if SSH access is enabled. And with the granular visibility over your instances, you can place contextual policies on access and activities performed by users.
- Block various strains of malware like ransomware going to and from public cloud storage. Netskope Threat Protect provides comprehensive threat defense with real-time, multi-layered threat detection and remediation.
Supported Regions
Netskope Public Cloud Security features are supported on all the default regions of AWS, Azure, and GCP. Additionally, for:
Important
It is important to note that Netksope does not allow you to create a government (AWS GovCloud/Azure for Government) and commercial instances on the same Netskope tenant though they are different instances.
- AWS: CSPM and Storage Scan features can also function in manually enabled regions such as Hong Kong (ap-east-01) and Bahrain (me-south-1). For a complete list of AWS regions that are enabled by default, refer to AWS documentation.
- Azure: CSPM, Storage Scan, and Forensics features are supported on all regions under AZURE_PUBLIC_CLOUD. CSPM is also supported on AZURE_US_GOV_CLOUD.
- Cloud Security Posture Management
- Data Protection for Public Cloud
- Forensics for Public Cloud
- Netskope Public Cloud Security Dashboards
- Implementation guide to set up AWS accounts in Netskope
- Updating AWS Instances Post Setup
- Deleting AWS Instances in the Netskope Tenant
- Enabling and Disabling Netskope Services for AWS
- Migrating Existing Google Cloud Platform Instances
Articles
- Cloud Security Posture Management
- Data Protection for Public Cloud
- Getting Started with Data Protection for Public Cloud
- Enabling Data Protection for AWS S3
- Enabling Data Protection for Azure Blob Storage
- Step 1/4: Register Microsoft Event Grid in Azure for Data Protection
- Step 2/4: Configure a Microsoft Entra ID Application for Data Protection
- Step 3/4: Assign Azure Permissions for Data Protection
- Step 4/4: Add the Azure Subscription to the Netskope Tenant for Data Protection
- What Triggers a Scan and Billing of Azure Blob Storage?
- Enabling Data Protection for Google Cloud Storage
- Creating Data Protection Policies for Netskope Public Cloud Security
- Viewing DLP and Malware Alerts for Public Cloud Storage
- FAQs to setup Data Protection for Public Cloud
- Forensics for Public Cloud
- Getting Started with Forensics for Public Cloud
- Enabling Forensics for Amazon Web Services S3
- Enabling Forensics for Azure Blob Storage
- Step 1/3: Configure a Microsoft Entra ID Application for Forensics
- Deprecation Notice for Classic Azure Blob Storage as a Forensic Destination
- Step 2/3: Assign Azure permissions to store forensic objects
- Step 3/3: Set up a Netskope instance with Azure App Registration credentials
- Azure forensics Instance Re-grant FAQs
- Enabling Forensics for Google Cloud Storage
- Creating a Forensic Profile for Public Cloud Storage
- Viewing Forensic Alerts for Public Cloud Storage
- Troubleshooting Forensics Setup for Public Cloud
- Netskope Public Cloud Security Dashboards
- Implementation guide to set up AWS accounts in Netskope
- Updating AWS Instances Post Setup
- Deleting AWS Instances in the Netskope Tenant
- Enabling and Disabling Netskope Services for AWS
- Migrating Existing Google Cloud Platform Instances