Skip to main content

Netskope Help

View Security Posture Inventory

Next Generation Security Posture Management continuously audits cloud service and app resources to identify compliance rule violations. The Inventory page displays a consolidated view of various cloud resources. To view the Inventory page, navigate to API-enabled Protection > Security Posture (Next Gen) > Inventory in the Netskope UI.

Next-Gen-SPM_Inventory_page.png

The page provides the last updated date and time in UTC.

You can toggle between Resource Types, Instances, and Resources to view the audit results.

Click the Resource Types tab to view the various cloud resources sorted by resource type. Under the Resource Types tab, the table displays the following information:

Note

You can sort the table based on a particular field. The default field is set to Resource Type.

  • Resource Type: The cloud resource type.

  • App: Name of the application of the SaaS app.

  • App Suite: Name of the SaaS app.

  • App Category: The category the cloud application belongs to. This could be collaboration, CRM, email, security, etc.

  • Total Checks: Total number of checked resources.

  • Pass: Total number of passed resources.

  • Fail-Muted: Total number of failed resources that are muted.

  • # Rules Violated: Total number of failed resources.

  • Critical: Total number of resources failed for a rule with critical severity.

  • High: Total number of high severity failed resources.

  • Medium: Total number of medium severity failed resources.

  • Low: Total number of low severity failed resources.

  • Unknown: Total number of unknown resources.

  • # Resources: Total number of cloud resources.

Note

You can click on a number to view relevant and additional information.

Click the Instances tab to view the various cloud resources sorted by the cloud app instance. You can view a list of cloud app instances under Settings > API-enabled Protection > SaaS. Under the Instances tab, the table displays the following information:

Note

You can sort the table based on a particular field. The default field is set to Instance Name.

  • Instance Name: Name of the cloud app instance that is used to connect the cloud app with Netskope.

  • App Suite: Name of the SaaS app.

  • Total Checks: Total number of checked resources.

  • Pass: Total number of passed resources.

  • Fail-Muted: Total number of failed resources that are muted.

  • # Rules Violated: Total number of failed resources.

  • Critical: Total number of resources failed for a rule with critical severity.

  • High: Total number of high severity failed resources.

  • Medium: Total number of medium severity failed resources.

  • Low: Total number of low severity failed resources.

  • Unknown: Total number of unknown resources.

Note

You can click on a number to view relevant and additional information.

Click the Resources tab to view the various cloud resources. Under the Resources tab, the table displays the following information:

Note

You can sort the table based on a particular field. The default field is set to Resource Name.

  • Resource Name: The name of the cloud resource. You can click a resource name to get additional information like resource type, cloud provider, instance name, region, compliance data, and metadata.

  • Resource Type: The cloud resource type.

  • App Suite: Name of the SaaS app.

  • App: Name of the application of the SaaS app.

  • Instance Name: Name of the cloud app instance that is used to connect the cloud app with Netskope.

  • App Category: The category the cloud application belongs to. This could be collaboration, CRM, email, security, etc.

  • Region Name: The location name of the cloud resource.

  • Region ID: The location ID of the cloud resource.

  • Netskope Instance Name: Name of the cloud account instance that is used to connect the cloud app with Netskope.

  • Parent Resource Type: This indicates the type of resource under which the specified resource is created. For example, DeviceCompliancePolicy is created under DeviceManagement, hence DeviceManagement is the parent resource-type of DeviceCompliancePolicy.

  • Resource ID: Unique ID associated with the resource.

Filters

By default, the Resource Types, Instances, and Resources tabs display the latest audit results. You can choose to view the results for a specific date.

To filter your view by a specific date, 

  1. Click the Time drop-down to select Latest Result or As of Date to select a specific date.

  2. Specify the date and time in the date picker. Click Apply.

You can filter the result displayed on the page by selecting App Suite, App Name, Instance Name, and Resource Type. To further narrow the result on the page, click Add Filter and select an option from the list.

You can choose to filter based on the following options:

  • App Category: Select the category the cloud application belongs to. This could collaboration, CRM, email, security, etc.

  • The following filter values are redundant for SaaS applications. The values are same as the account ID of the SaaS application.

    • Instance Group

    • Instance Subgroup

    • Instance ID

  • Resource Name: Select Resource Name and enter a resource name in the search field. 

  • Resource ID: Select the resource ID of the cloud app. You can get the resource ID from the Compliance > Raw Findings tab, then look for Resource Name & ID field.

Filter by Netskope Governance Language

You can filter the result of your inventory by using Netskope Governance Language (NGL). Navigate to API-enabled Protection > Security Posture (Next Gen) > Inventory, click the Resources tab. Beside + ADD FILTER, click the Switch to NGL icon. On the search edit box, enter your NGL query and click Search. For more information on NGL, see Custom Rules Using Netskope Governance Language.

Note

Filters by NGL are available under the Resources tab only.