Netskope Help

New Features and Enhancements in Hotfix Release 91.1.0

Here is the list of the new features and enhancements.

Advanced Analytics
Threat Protection Dashboard Enhancement

The latest update to the Threat Protection dashboard includes a new section to summarize the exploits detected by CTEP (Client Traffic Exploit Protection). It encapsulates the detected exploits and the affected users.

You can schedule a dashboard directly from the Netskope shared folder and automatically get updates that Netskope makes to improve that dashboard. If you do not want automatic updates, then copy the dashboard into your group or personal folders and schedule from there.

Netskope Public Cloud Security
Additional Permissions For AWS Instance Setup CFT

Netskope Cloud Security Assessment (CSA) uses cross-account IAM role (Netskope_Role) to access the customer AWS environment. The inline policy netskope-csa attached to the Netskope_role is updated to add support for CodeBuild and ElasticBeanstalk. The new Inline policy after this release is as follows:

{
"Version": "2012-10-17",
    "Statement": [
        {
"Action": [
                "s3:ListBucket",
                "ses:ListIdentityPolicies",
                "s3:GetBucketAcl",
                "s3:GetBucketLocation",
                "s3:ListAllMyBuckets",
                "dynamodb:ListTagsOfResource",
                "sqs:ListDeadLetterSourceQueues",
                "sqs:GetQueueUrl",
                "sqs:GetQueueAttributes",
                "lambda:Get*",
                "lambda:List*",
                "cloudwatch:GetMetricStatistics",
                "eks:ListFargateProfiles",
                "ec2:GetEbsEncryptionByDefault",
                "codebuild:BatchGetProjects",
                "codebuild:ListSourceCredentials"
],
            "Resource": [
                "*"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "s3:GetObject",
                "s3:GetObjectVersion"
            ],
            "Resource": [
                "arn:aws:s3:::elasticbeanstalk-*"
            ],
            "Effect": "Allow"
        }
    ]
}