Netskope Help

Using Advanced Analytics

To use Advanced Analytics for remediation of IaaS misconfigurations, follow the steps shown below:

  1. Navigate to Advanced Analytics > Netskope Library.

  2. Select one or many from IaaS CSA Dashboard, IaaS dashboard, IaaS Storage Scan Dashboard, Unsanctioned IaaS Dashboard and Multi Cloud CSA Dashboard. 

  3. Run the dashboard(s) for the required time period.

  4. Check the results of the dashboard(s) to identify key areas of remediation and perform remediation steps as described in Auto Remediation or Manual steps for remediation.

vrp_iaas_protect_use_case_5.jpg

Type of information obtained from the dashboards is shown below:

IaaS CSA Dashboard

IaaS CSA Dashboard

IaaS Storage Scan Dashboard

Multi Cloud CSA Dashboard

Unsanctioned IaaS Dashboard

Get overall details of CSA alerts by severity, region, account:

  • IaaS CSA alerts by severity

  • Top Critical/High CSA rules triggered

  • Top Accounts & Objects with Critical CSA alerts

  • Regions generating alerts

This dashboard offers a view into IaaS account health by addressing the following topics and questions:

  • What are the top accounts that are out of compliance?

  • What are the top accounts out of compliance for AWS, GCP and Azure?

  • Why are these accounts out of compliance?

  • Is compliance improving over time?

Gives a high-level overview of Data Protection, Threat Protection and Security Assessment in IaaS apps/platforms. Including:

  • DLP profile distribution, the apps and buckets affected, DLP alert details

  • Malware detected and specific buckets

  • Public buckets detected

Get overall IaaS metrics across all accounts:

  • Trend of IaaS CSA Alerts

  • IaaS Alerts by CSP

  • IaaS CSA alerts by CSP & Account ID

Identity unsanctioned IaaS instances by instance id and users associated.

Get details of hits by users and alerts.

All the data  here is obtained from inline traffic.