Using DLP with Netskope Public Cloud Security

Using DLP with Netskope Public Cloud Security

You can use Netskope’s DLP solution to check for compliance and protect sensitive data. The DLP profiles that enforce compliance and protect sensitive data consists of DLP rules that specify data identifiers. These data identifiers find content that should not be present in your IaaS environment. The following predefine rules and data identifiers can be used to create DLP profiles to monitor the data in your IaaS environment.

Predefine RulePredefine IdentifierDescription
Security – API Secret Keys
  • (P0) – computing/security/secret_keys/aws
  • (P1) – computing/security/secret_keys/generic_32h
  • (P2) – computing/security/secret_keys/generic_40a
Checks for AWS, GitHub, and Facebook API keys.
Security – Passwords
  • (P0) – computing/security/password_terms/eng
  • (P1) – computing/security/passwords/common
  • (P2) – computing/security/passwords/secure
Checks for common and secure passwords, and password related terms such as passwd, p/w, password.
Security – Private Key Blocks
  • (P0) – computing/security/private_keys/generic_begin
  • (P1) – computing/security/private_keys/generic_end
Checks for private keys.

You can setup DLP policies for AWS and GCP to perform retro scans and ongoing scans on your storage buckets. For detailed information refer to the following topics,

You can view the DLP incidents in your tenant under API-enabled Protection > IaaS > Overview > DLP Incidents. To learn more: View IaaS Overview.

For information on DLP Profiles and Rules, see the Data Loss Prevention documentation.

Share this Doc

Using DLP with Netskope Public Cloud Security

Or copy link

In this topic ...