SaaS Security Posture Management
“As much as 63% of security incidents are due to SaaS misconfiguration issues.” - Cloud Security Alliance (April 2022)
As enterprises continue to adopt SaaS apps at a rapid pace, the risk of data exfiltration, sensitive data loss, non-compliance, and insider threats remain significant challenges. In addition, organizations struggle to get full visibility and control of entities with privileged access like privileged users and cloud-to-cloud apps (3rd party OAuth apps).
Netskope SaaS Security Posture Management (SSPM) is an API-enabled security service that combines deep security and SaaS app expertise to provide continuous visibility and monitoring of the security posture of your protected SaaS apps. SSPM identifies misconfigurations, recommends remediation of configuration drift, and aligns overall security posture with industry best practices and compliance standards.
Netskope SSPM provides not only centralized visibility of resources and their attributes like configurations, privileged users, and cloud-to-cloud apps, but also audit events that offer insight into the activity and behavior of these resources. It helps organizations to secure data stored in SaaS apps that are growing in volume, velocity and variety by continuously scanning for and eliminating configuration mistakes and mismanaged permissions, which are the top causes of cloud security failures. The result is continuous improvement of organizational security posture and reduced risk.
SSPM Key Features
Netskope SSPM provides several key features:
Continuous security assessment of SaaS app security configurations.
Scheduled scans as frequently as every 15 minutes.
Policies based on common industry compliance standards like CIS Foundations Benchmarks, CSA-CCM v4.0, GDPR 2016/679, HIPAA 1996, ISO 27002, NIST 800-53 r4, NIST-CSF v1.1, PCI-DSS v3.0.
Fully customized compliance rules and policies.
Alerts when misconfigurations are detected.
Incident response and guided remediation of misconfigurations.
Audit events for forensics.
Automated, machine-learning-based UEBA detections.
Custom reporting in Advanced Analytics.
Integrations with leading ticketing (Jira, ServiceNow), SIEM (Splunk), and SOAR vendors to enable seamless security workflows.
SSPM Key Benefits
Netskope SSPM provides the following key benefits:
Get comprehensive visibility into protected SaaS app security configurations, privileged users, and cloud-to-cloud (3rd party OAuth) apps.
Maintain compliance aligned to industry best practices and compliance standards.
Prevent data breaches by getting real-time alerts when SSPM detects critical security misconfigurations or configuration drift that could lead to data exfiltration incidents.
Combine with Netskope API Data Protection for comprehensive SaaS app protection; from protecting data and users to monitoring for security misconfigurations.
Part of an integrated SASE architecture. SSPM is integrated with Netskope CASB, Secured Web Gateway, Data Loss Protection, Zero Trust Network Access, and other Netskope products to offer a seamless and unified management, visibility, and security solution.
SSPM Support Matrix
SSPM supports the following critical capabilities:
Audit event: Netskope retrieves audit events for any change made in the SaaS app (upload, download, delete, and more). You can view the audit logs/events on the Skope IT > EVENTS > Application Events page of the Netskope UI. For more information, see Skope IT.
UEBA: Standard User and Entity Behavior Analytics. Enable rule-based and ML-based policies to review user and entity behavior on the Policies > Behavior Analytics page of the Netskope UI. For more information, see Behavior Analytics Policies.
Compliance: Security configuration rules and policies that map to industry compliance standards. For more information, see Security Posture Policy Wizard and View Security Posture Compliance.
Graph-powered rule: Make graph queries with Netskope Governance Language (NGL) and create graph-powered detections to correlate security risk across SaaS apps. For more information, see Custom Rules Using Netskope Governance Language.
SaaS App | Audit event | UEBA | Compliance | Graph-powered rule | Documentation link |
---|---|---|---|---|---|
Box | Yes | Yes | - | - | |
Citrix ShareFile | Yes | Yes | - | - | |
Dropbox | Yes | Yes | - | - | |
Egnyte | Yes | Yes | - | - | |
GitHub | Yes | Yes | Yes | - |
|
Google Drive | Yes | - | - | - | |
Microsoft Azure AD | - | - | Yes | Yes | Next Generation SaaS Security Posture Management for Microsoft 365 |
Microsoft 365 Suite | - | - | Yes | Yes | Next Generation SaaS Security Posture Management for Microsoft 365 |
Microsoft Office 365 OneDrive | Yes | Yes | - | - | |
Microsoft Office 365 OneDrive GCC High | Yes | Yes | - | - | Next Generation API Data Protection for Microsoft 365 OneDrive GCC High |
Microsoft Office 365 SharePoint | Yes | Yes | - | - | |
Microsoft Office 365 SharePoint GCC High | Yes | Yes | - | - | Next Generation API Data Protection for Microsoft 365 SharePoint GCC High |
Microsoft Office 365 Teams | Yes | Yes | - | - | |
Microsoft Office 365 Teams GCC High | Yes | Yes | - | - | Next Generation API Data Protection for Microsoft 365 Teams GCC High |
Microsoft Office 365 Yammer | Yes | - | - | - | Next Generation API Data Protection for Microsoft 365 Yammer |
Okta | Yes | - | - | - | |
Salesforce | Yes | Yes | Yes | Yes |
|
ServiceNow | - | - | Yes | - | |
Slack for Enterprise | Yes | Yes | - | - | |
Workday | Yes | - | Yes | - |
|
Workplace by Facebook | Yes | Yes | - | - | |
Zendesk | Yes | - | - | - | |
Zoom | Yes | - | Yes | - |
|