SaaS Security Posture Management

SaaS Security Posture Management

As enterprises move workloads and sensitive data into the cloud at a rapid pace, SaaS Security Posture Management (SSPM) is a mechanism to look at a cloud infrastructure and service and identify issues, risks, vulnerabilities, and exposures. SSPM allows a user (individual or an enterprise) of a cloud environment to monitor, assess, and act on security, permission, and access related issues in that environment. Netskope gives organizations the visibility, compliance, and protection for critical workloads needed to combat these challenges. With Netskope, get an understanding of your risk exposure, detect misconfigurations, inventory assets, enforce compliance standards, and protect against insider threats and malware.

The SaaS Security Posture Management solution would, on being granted requisite access to a cloud environment, do the following:

  • Scan the cloud environment and list resources specific to that environment.
  • Look at relationships between those resources to identify security related issues in the cloud environment.
  • Generate alerts for the identified issues, based on customer configuration.

SaaS Security Posture Management is the new generation platform for Security Posture Management designed to provide the following benefits:

  • Unified inventory that provides visibility into all your SaaS apps.
  • Enhanced policies management page that makes setting up rules, compliance standard, and policies easier.
  • A new Netskope Governance Language which makes it is easy to build, check, and deploy sophisticated custom rules.
  • Improvements in compliance page with-respect-to performance, enhanced filtering capabilities, and richer context around compliance findings.
  • Ability to build rules spanning across heterogeneous SaaS apps using graph based schema which also helps co-relate relationships between apps.
  • Extendable set of REST APIs now available for SaaS Security Posture Management that can help to automate and orchestrate SSPM capabilities. For additional information, refer the Swagger documentation available within the Netskope tenant. Navigate to Settings > Tools > REST API v2 > API DOCUMENTATION. Search for the following string /api/v2/spm.
  • Visibility into connected apps now available using Netskope Governance Language.

Netskope has extended its SaaS Security Posture Management capabilities to GitHub, Microsoft 365 (including Azure AD, Exchange, and SharePoint), Salesforce, ServiceNow, Workday, and Zoom. New cloud services and applications will be rolled out in due course.

SaaS Security Posture Management Support Matrix

SaaS Security Posture Management supports the following critical capabilities:

  • Audit event: Netskope retrieves audit events for any change made in the SaaS app (upload, download, delete, and more). You can view the audit logs/events on the Skope IT > EVENTS > Application Events page of the Netskope UI. For more information, see Skope IT.
  • UEBA: Standard User and Entity Behavior Analytics. Enable rule-based and ML-based policies to review user and entity behavior on the Policies > Behavior Analytics page of the Netskope UI. For more information, see Behavior Analytics Policies.
  • Compliance: Security configuration rules and policies that map to industry compliance standards. For more information, see SaaS Security Posture Management Policy Wizard and SaaS Security Posture Management Dashboard.
  • Graph-powered rule: Make graph queries with Netskope Governance Language (NGL) and create graph-powered detections to correlate security risk across SaaS apps. For more information, see Custom Rules Using Netskope Governance Language.

Netskope supports audit event, UEBA, compliance and graph powered rule capabilities for the SSPM supported apps and other additional apps. Refer the Classic API Data Protection and Next Generation API Data Protection documentation to use the capabilities.

Articles

Share this Doc

SaaS Security Posture Management

Or copy link

In this topic ...