Skip to main content

Netskope Help

SaaS Security Posture Management

“As much as 63% of security incidents are due to SaaS misconfiguration issues.” - Cloud Security Alliance (April 2022)

As enterprises continue to adopt SaaS apps at a rapid pace, the risk of data exfiltration, sensitive data loss, non-compliance, and insider threats remain significant challenges. In addition, organizations struggle to get full visibility and control of entities with privileged access like privileged users and cloud-to-cloud apps (3rd party OAuth apps).

Netskope SaaS Security Posture Management (SSPM) is an API-enabled security service that combines deep security and SaaS app expertise to provide continuous visibility and monitoring of the security posture of your protected SaaS apps. SSPM identifies misconfigurations, recommends remediation of configuration drift, and aligns overall security posture with industry best practices and compliance standards.

Netskope SSPM provides not only centralized visibility of resources and their attributes like configurations, privileged users, and cloud-to-cloud apps, but also audit events that offer insight into the activity and behavior of these resources. It helps organizations to secure data stored in SaaS apps that are growing in volume, velocity and variety by continuously scanning for and eliminating configuration mistakes and mismanaged permissions, which are the top causes of cloud security failures. The result is continuous improvement of organizational security posture and reduced risk.

SSPM Key Features

Netskope SSPM provides several key features:

  • Continuous security assessment of SaaS app security configurations.

  • Scheduled scans as frequently as every 15 minutes.

  • Policies based on common industry compliance standards like CIS Foundations Benchmarks, CSA-CCM v4.0, GDPR 2016/679, HIPAA 1996, ISO 27002, NIST 800-53 r4, NIST-CSF v1.1, PCI-DSS v3.0.

  • Fully customized compliance rules and policies.

  • Alerts when misconfigurations are detected.

  • Incident response and guided remediation of misconfigurations.

  • Audit events for forensics.

  • Automated, machine-learning-based UEBA detections.

  • Custom reporting in Advanced Analytics.

  • Integrations with leading ticketing (Jira, ServiceNow), SIEM (Splunk), and SOAR vendors to enable seamless security workflows.

SSPM Key Benefits

Netskope SSPM provides the following key benefits:

  • Get comprehensive visibility into protected SaaS app security configurations, privileged users, and cloud-to-cloud (3rd party OAuth) apps.

  • Maintain compliance aligned to industry best practices and compliance standards.

  • Prevent data breaches by getting real-time alerts when SSPM detects critical security misconfigurations or configuration drift that could lead to data exfiltration incidents.

  • Combine with Netskope API Data Protection for comprehensive SaaS app protection; from protecting data and users to monitoring for security misconfigurations.

  • Part of an integrated SASE architecture. SSPM is integrated with Netskope CASB, Secured Web Gateway, Data Loss Protection, Zero Trust Network Access, and other Netskope products to offer a seamless and unified management, visibility, and security solution.

SSPM Support Matrix

SSPM supports the following critical capabilities:

  • Audit event: Netskope retrieves audit events for any change made in the SaaS app (upload, download, delete, and more). You can view the audit logs/events on the Skope IT > EVENTS > Application Events page of the Netskope UI. For more information, see Skope IT.

  • UEBA: Standard User and Entity Behavior Analytics. Enable rule-based and ML-based policies to review user and entity behavior on the Policies > Behavior Analytics page of the Netskope UI. For more information, see Behavior Analytics Policies.

  • Compliance: Security configuration rules and policies that map to industry compliance standards. For more information, see Security Posture Policy Wizard and View Security Posture Compliance.

  • Graph-powered rule: Make graph queries with Netskope Governance Language (NGL) and create graph-powered detections to correlate security risk across SaaS apps. For more information, see Custom Rules Using Netskope Governance Language.

Table 9. SSPM Support Matrix

SaaS App

Audit event

UEBA

Compliance

Graph-powered rule

Documentation link

Box

Yes

Yes

-

-

API Data Protection for Box

Citrix ShareFile

Yes

Yes

-

-

Next Generation API Data Protection for Citrix ShareFile

Dropbox

Yes

Yes

-

-

API Data Protection for Dropbox

Egnyte

Yes

Yes

-

-

API Data Protection for Egnyte

GitHub

Yes

Yes

Yes

-

Google Drive

Yes

-

-

-

API Data Protection for Google Drive

Microsoft Azure AD

-

-

Yes

Yes

Next Generation SaaS Security Posture Management for Microsoft 365

Microsoft 365 Suite

-

-

Yes

Yes

Next Generation SaaS Security Posture Management for Microsoft 365

Microsoft Office 365 OneDrive

Yes

Yes

-

-

API Data Protection for Microsoft Office 365 OneDrive

Microsoft Office 365 OneDrive GCC High

Yes

Yes

-

-

Next Generation API Data Protection for Microsoft 365 OneDrive GCC High

Microsoft Office 365 SharePoint

Yes

Yes

-

-

API Data Protection for Microsoft Office 365 SharePoint

Microsoft Office 365 SharePoint GCC High

Yes

Yes

-

-

Next Generation API Data Protection for Microsoft 365 SharePoint GCC High

Microsoft Office 365 Teams

Yes

Yes

-

-

API Data Protection for Microsoft Office 365 Teams

Microsoft Office 365 Teams GCC High

Yes

Yes

-

-

Next Generation API Data Protection for Microsoft 365 Teams GCC High

Microsoft Office 365 Yammer

Yes

-

-

-

Next Generation API Data Protection for Microsoft 365 Yammer

Okta

Yes

-

-

-

Next Generation API Data Protection for Okta

Salesforce

Yes

Yes

Yes

Yes

ServiceNow

-

-

Yes

-

Security Posture for ServiceNow

Slack for Enterprise

Yes

Yes

-

-

API Data Protection for Slack for Enterprise

Workday

Yes

-

Yes

-

Workplace by Facebook

Yes

Yes

-

-

API Data Protection for Workplace by Facebook

Zendesk

Yes

-

-

-

Next Generation API Data Protection for Zendesk

Zoom

Yes

-

Yes

-