New Features and Enhancements In Release 95.0.0
New Features and Enhancements In Release 95.0.0
Here is the list of the new features and enhancements.
User and Entity Behavior Analytics (UEBA) – Adv UEBA Incidents
Adv UEBA incidents show Data Loss Prevention(DLP) policy violations (detections) along with User Confidence Index (UCI) impact for the detection.
App Connector Revamp For Domo
Editing a POST message activity is now modified to POST instead of EDIT activity. DLP support is also added for the same.
Support For Send Activity In Google Mail Workspace
With this release, Netskope extends its support for the Send activity in API. This release do not support to_user and Netskope plans to provide support in the upcoming releases.
Support For Microsoft Outlook 365 Notes
The new feature support for Microsoft O365 Outlook Notes section includes the following:
- Create
- Edit
- Upload
- Delete
DLP Inspection Support: The DLP engine inspects the data while editing the notes and takes necessary actions.
Limitation: While uploading a file, the engine does not display the name of the file, but displays alert with the important details.
Shift Esign To Adobe Sign Application
With this release, Netskope moves the Esign section coverage and supported activities to the Adobe Sign application.
Revamping App Connector For Amazon Drive
Netskope now revamps Amazon Drive app connector signature and supports the following activities:
- Upload
- Download
- Create
- Edit
- Delete
- Share
- Move
Removed the support for the following activities:
- View
- Delete All
With this release, Netskope remapped Amazon.com to Amazon Personal Login application. As the Amazon Drive application comes under Amazon Personal App suite, it is mandatory to steer Amazon Personal Login and Amazon Drive applications in the steering configuration to detect all the supported activities.
DLP Support For Larger Files
With this release, you can perform DLP and Threat Inspection for the files uploaded to Box (>100 MB) and Dropbox application( > 4 MB)
Note
This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.
Matched Username Attribute Field In Reports
Added Matched Username as an attribute value that allows you to report matched corporate domains for compromised credentials.
App Category Update For LinkedIn
Netskope updates the application category for the LinkedIn application from Social to Professional Networking.
Activity Coverage For Adobe Sign Application
With this release, Netskope updates the coverage for Adobe Sign application activity covered through the Adobe App Suite. This release also includes the DLP support for the Upload activity.
Update CCI Apps To File Converter Category
Updated the application categories to File Converter in App Info for the following CCI apps:
Application Name | Old Category | New Category |
---|---|---|
Convert EBooks | Consumer | File Converter |
PDF Creator | Collaboration | File Converter |
Nitro PDF Pro | Collaboration | File Converter |
Jet Convert | Consumer | File Converter |
Online-Convert | Consumer | File Converter |
Online PDF-Converter | Consumer | File Converter |
Convert JPG to PDF | Consumer | File Converter |
Smallpdf | Consumer | File Converter |
Pdf2Jpg.net | Consumer | File Converter |
PDF.online | Consumer | File Converter |
Convertonlinefree | Consumer | File Converter |
Word to PDF | Consumer | File Converter |
JPG to PDF | Consumer | File Converter |
Image to PDF | Consumer | File Converter |
PDFaid Image to pdf | Consumer | File Converter |
Convert-my-image | Consumer | File Converter |
JPG to PDF Online Converter | Consumer | File Converter |
FreeFileConvert | Consumer | File Converter |
Office Converter | Consumer | File Converter |
PDF To Word Converter | Consumer | File Converter |
Free Online Word to PDF Converter | Consumer | File Converter |
VeryPDF | Consumer | File Converter |
FM-PDF.com | Consumer | File Converter |
Sciweavers | Consumer | File Converter |
Text to PDF Converter | Consumer | File Converter |
Conv2pdf | Consumer | File Converter |
ConvertFiles | Consumer | File Converter |
Zamzar Convert PNG to PDF | Consumer | File Converter |
Zamzar BMP to PDF | Consumer | File Converter |
Zamzar PDF to JPG | Consumer | File Converter |
PDF to PNG | File Converter | File Converter |
Free PDF to Image Online Converter | Consumer | File Converter |
Convertimagetotext.net | Consumer | File Converter |
ConvertImage | Consumer | File Converter |
Convert PDF to Word.net | Consumer | File Converter |
Convert PDF to Text.net | Consumer | File Converter |
CloudConvert | Consumer | File Converter |
easyPDF Cloud | Consumer | File Converter |
Go2Convert | Consumer | File Converter |
ConvertICO | Consumer | File Converter |
PDFaid-Pdf to Doc | Consumer | File Converter |
XPS to PDF | Consumer | File Converter |
RotatePDF.net | Consumer | File Converter |
Word to Clean HTML | Consumer | File Converter |
DriveConverter | Consumer | File Converter |
Web2PDF | Consumer | File Converter |
PDFmyURL | Consumer | File Converter |
PDF2Go.com | Consumer | File Converter |
PDFSimpli | Consumer | File Converter |
FreeConvert.com | Consumer | File Converter |
Support For Additional File Types
This release includes support for more than 30 additional file types accessible through DLP file filter. The following lists a few of the file types:
- JavaScript Object Notation (JSON) documents
- XML Common Biometric Format (XCBF) files
- Microsoft Dynamic Link Library (DLL) files
- Microsoft Equation Editor object files
- iOS App Store Package files
- Kingsoft WPS document, spreadsheet and presentation files
Non-US ASCII SMTP Support
Email DLP now includes support for the full SMTP UTF-8 standard for email addresses. This means email addresses seen by the SMTP proxy can include non-US characters.
Alert Action For Response Upgrade Header
App detect now supports Alert action for response header processing and the list of supported actions are:
- Block
- Alert
- Allow
Other Categories In Page Events
The Page Events section now includes the Other Category field that displays the list of all categories present in the URL. Earlier only the primary category was available in Page Events. TheApplication Events already include the Other Category field.
User/User-Group/Organization Unit(OU)/ Exclusion In Real-Time Protection Policies
With this release, you can exclude users, user groups, and organizational units when configuring the Source field in Real-time Protection policies.
To learn more: Real-time Protection Policies
Note
This is a Limited Availability feature. Contact your Sales Representative or Netskope Support for more information.
Private Apps With Wide IP Ranges
Input checking prevents configuring private apps with the following IP ranges:
- 0/0
- Any CIDR less than /8 that is if x.x.x.x/y is configured CIDR, then y should be greater than or equal to 8. For example, 0/8 is allowed, whereas 1/7 is not allowed.
- TLD
- IPv6 equivalent of 0/0, that is:
- “::”
- “0:0:0:0:0:0:0:0”
- “::0”
Enhanced Filtering In Skope IT > Page Events
The enhanced filtering of Page Events in Skope IT allows to filter page events by action using the predefined filter in the + Add Filter menu.
This enables to filter isolation events easily (action: isolate) and combine them with additional filters. Prior to this change, users had to use the advanced search capability to build a query to filter page events by action. This enhancement allows you to identify the pages sent to Netskope RBI for web isolation by selecting the predefined filter for action, with value ‘isolate’.
Trigger Email Notification For Compromised Credentials
For Compromised Credentials page in Incidents, you can now send email notifications to users or admins using Edit Email Notification popup dialog in the row action. The row action is displayed at the end of each row (‘…’ icon). You can customize the email templates by editing the popup dialog using a default template. At the same time, you can reset the default template any time using the Edit template popup dialog.
New Search And Filter Field Incident ID In Malware And Skope IT
Netskope adds a new search and filter field called Incident ID in real-time (inline) malware detections and policy actions. Use Incident ID to filter and search events and alert data to uniquely identify malware detections and policy blocks. New real-time (inline) detections contain both transaction_id and incident_id.
To learn more: About Malware and About Alerts.
Standard Sandbox And Heuristics Detections
The standard threat protection now comes with standard sandbox and heuristics detections that provides positive detection. This can provide additional corroboration by the advanced threat engines for a detection in standard threat protection. For detailed forensics analysis and reports an advanced Threat Protection license is required.
Sandbox File Submission And Report Retrieval Through REST API
Netskope uses a defense in depth approach using adv Machine Learning, heuristics and other advanced engines to complement sandbox observed behaviors and detections. The new API for Direct File Submission provides a mechanism to retrieve sandbox observed behaviors and forensic analysis, mapped to MITRE TTPs in a detailed report for SOC analysts to research malware. These detections are also available in the tenant and shown as access method API.
- License Required: Adv Threat protection
- File Type Supported: Exe files of size less than 16MB.
- Requests Per Day: Max limit of upto 1000 file submissions and up to 10,000 report retrievals.
In addition to documenting all new and improved features, here is the list of articles with key documentation updates:
- Netskope Public Cloud Security: The content has been revised and reorganized to provide a consistent structure across all Netskope Public Cloud Security features.
- Mobile Deployment Management: Moved the following topics from Integrations > Mobile Device Management to Traffic Steering > Netskope Client > Netskope Client Deployment Options:
- Netskope IPSec with Fortinet FortiGate: Updated the configuration steps for IKEv2.
- The following Threat Protection articles were reorganized and updated with new content: