Netskope Help

New Features and Enhancements

Category

Feature

Detailed Description and Benefits

Behavior Analytics

Advanced UEBA User Confidence Index

New capabilities are introduced in advanced UEBA for risk compliance (malicious/non-compliant insider) and breach detection (adversary controlled compromised insider device/account) and remediation policies.

New capabilities include:

  • 30+ detections including ML based detections

  • Actionable context of a user’s risky behavior

    • User time boxing and correlation logic improves detection and conviction criteria

    • A number of additional detectors provide more insights for the user’s behavior

  • Forensic investigation of user activity

  • User confidence index (UCI), UCI based actionable policies and third party risk exchange

    • UCI threshold based inline policies

    • UCI API export for user Risk Exchange with CTE

The UCI score and UCI based inline policies are only available with advanced UEBA.

Contact Support to enable this feature in your account.

CASB Inline Protection

App connector support for AWS services

With this release, we now provide app connector support for the following Amazon services:

Amazon API Gateway

Amazon DynamoDB Accelerator (DAX)

Amazon Redshift

Amazon API Gateway Management API

Amazon DynamoDB Streams

Amazon Redshift Data API Service

Amazon API Gateway V2

Amazon EC2

Amazon Resource Access Manager

Amazon Auto Scaling

Amazon EC2 Container Service

Amazon Route 53

Amazon Certificate Manager

Amazon EKS

Amazon Route 53 Domains

Amazon CloudFormation

Amazon Elastic Beanstalk

Amazon Route 53 Resolver

Amazon CloudFront

Amazon Elastic Container Registry

Amazon S3

Amazon CloudSearch

Amazon Elastic File System

Amazon Secrets Manager

Amazon CloudTrail

Amazon Elastic Load Balancing

Amazon SNS

Amazon CloudWatch

Amazon ElastiCache

Amazon SQS

Amazon CloudWatch Application Insights

Amazon Elasticsearch Service

Amazon Systems Manager

Amazon CloudWatch Events

Amazon Glacier

Amazon WAF

Amazon CloudWatch Logs

Amazon GuardDuty

Amazon WAF Regional

Amazon Database Migration Service

Amazon IAM

Amazon WAFV2

Amazon Direct Connect

Amazon MQ

Amazon WorkSpaces

Amazon Directory Service

Amazon Organizations

AWS KMS

Amazon DynamoDB

Amazon RDS

AWS Lambda

Netskope for IaaS

Google Cloud Platform (GCP) - Storage Scan

Netskope storage scan helps customers identify and secure sensitive content stored in GCP. With this release, customers will be able to extend their data protection coverage to GCP. Customers can create granular policies to raise alerts when sensitive data is found in GCP cloud storage. In addition to the Netskope user interface, these policies can also be managed via REST APIs, for workflow automation needs.

Features for this release include:

  • Ability to inspect content at the Org/Folder/Project level.

  • Ability to set granular policies and focus data protection based on specific storage and object attributes.

Granular policy attributes supported are:

  • Organization/Project/Folder controls at the instance level.

  • Name/Geo/Label/Storage Class/Access/Encryption controls at the container level.

  • Name/Content Type/Access controls at the object level.

Netskope for IaaS

Azure CIS benchmark support

CIS Microsoft Azure Foundations Benchmark version 1.3.0 will be part of Security Posture predefined profiles now. This is the latest version of Azure CIS benchmarks.

Netskope for IaaS

Google Kubernetes Engine support

Security Posture now includes the CIS Benchmark for Google Kubernetes Engine (GKE) 1.1.0. CIS specify 44 automated checks in this benchmark; the Netskope profile implements 25 of those 44 checks that can be evaluated from GCP APIs.

NG SWG / CASB

Netskope Cloud destination server enhancements

Netskope Cloud now connects to the destination servers using the destination IP address provided by the Netskope client instead of DNS resolving the domain name, for traffic that is steered and bypassed in the Netskope Cloud.

Private Access

Browser Access for HTTP/HTTPS traffic

Netskope Private Access now supports Browser Access, an additional method through which users can access enterprise internal web applications over HTTP/HTTPS.

Users can also access non HTTP/HTTPS internal applications using the Netskope client.

Note

For Browser Access functionality, admins are required to upgrade Publishers to version 1.4.6285.

SSPM

Detection and app enhancements

This SSPM release is focused on adding more detections and more apps.

Microsoft 365

  • Additional global configuration rules

  • Detection for user resources

  • Detection for cloud-to-cloud resources (C2C; 3rd party OAuth applications)

Salesforce

  • Additional global configuration rules

GitHub

  • Additional global configuration rules

Zoom

  • CIS Benchmark global configuration rules

ServiceNow

  • Netskope best practice global configuration rules