Viso Trust Plugin for Application Risk Exchange
Viso Trust Plugin for Application Risk Exchange
This document explains how to configure the Viso Trust integration with the Application Risk Exchange module of the Netskope Cloud Exchange platform. This plugin pushes the Applications to the Viso Trust platform and creates the relationships in the Viso Trust platform by grouping the applications together based on vendors.
Prerequisites
- A Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.
- A Netskope Cloud Exchange tenant with the Application Risk Exchange module already configured.
- Viso Trust Platform Access, plus your Viso Trust Business Owner Email and Viso Trust URL.
- Connectivity to the following host: Viso Trust platform URL (like https://dev.visotrust.com)
CE Version Compatibility
Netskope CE v4.2.0, v5.0.0
Plugin Scope
The Viso Trust plugin shares Application data (CCI Scores) to the Viso Trust Platform. It creates relationships on the Viso Trust platform with the tags as CCI Score of the Netskope application. You need the Viso Trust API Token, Viso Trust Business Owner Email and Viso Trust URL to configure the plugin.
Viso Trust Plugin Support
Type of data pushed | Applications |
Mappings
CCI Tags Mapping
Netskope CE CCI | Viso Trust CCI |
---|---|
CCI Poor | <=49 |
CCI Low | >49 and <=59 |
CCI Medium | >59 and <=74 |
CCI High | >74 and <= 89 |
CCI Excellent | >89 |
Mappings for Push (Netskope field – Viso Trust fields)
Netskope CE Fields | Viso Trust Fields |
---|---|
name | vendor |
homepage | steering domain/discovery domain |
tags | CCI Scores as levels based on the CCI Tags Mapping |
businessOwnerEmail | Viso Trust Business Owner Email |
Note
As the applications are grouped based on the vendors and relationships are created for this vendor, the tags are created by calculating the average of all the apps in the vendor and finding the matching levels based on the CCI Tags Mapping.
Permissions
Permission to create API Keys on Viso Trust platform.
API Details
List of APIs used
API Endpoint | Method | Use Case |
---|---|---|
/api/v1/tags | POST | Validating connectivity while creating tags. |
/api/v1/relationships/search | GET | Get existing relationships with the selected domains. |
/api/v1/relationships | POST | Create a new relationship. |
/api/v1/relationships | PATCH | Update an existing relationship. |
Validate Connectivity
API Endpoint: /api/v1/tags
Method: POST
Headers:
Key | Value |
---|---|
Authorization | Bearer <API Token> |
Content-Type | application/json |
Parameters:
{ "tags": [ "" ] }
Sample API Response:
[ "Tag Name" ]
Get Existing Relationships
API Endpoint: /api/v1/relationships/search
Method: GET
Headers:
Key | Value |
---|---|
Authorization | Bearer <API Token> |
Content-Type | application/json |
Parameters:
{ "name": "Google", "domains": ["accounts.google.com"] }
Sample API Response:
[ { "assessments": [], "businessOwner": { "businessUnit": "Unassigned", "email": "tanushree.kurup@crestdatasys.com", "firstName": "Tanushree", "lastName": "Kurup" }, "businessUnit": "Unassigned", "contextTypes": [], "createdDate": "2024-02-13T08:41:58.851279Z", "dataTypes": [], "description": null, "homepage": "accounts.google.com", "id": 673639651, "inherentRisk": "NO_CONTEXT", "isTransitional": true, "name": "Google", "potentialRisk": "NO_CONTEXT", "primaryContact": null, "recertificationDate": null, "recertificationType": "NONE", "residualRisk": "NO_CONTEXT", "status": "NOT_ONBOARDED", "subscribers": [], "tags": [ "CCI Low" ], "updatedDate": "2024-02-13T08:42:00.251705Z" } ]
Create a New Relationship
API Endpoint: /api/v1/relationships
Method: POST
Headers:
Key | Value |
---|---|
Authorization | Bearer <API Token> |
Content-Type | application/json |
Parameters:
{ "name": "Google", "homepage": "accounts.google.com", "businessOwnerEmail": "tanushree.kurup@crestdatasys.com", "tags": [ "CCI Low" ] }
Sample API Response:
{ "assessments": [], "businessOwner": { "businessUnit": "Unassigned", "email": "tanushree.kurup@crestdatasys.com", "firstName": "Tanushree", "lastName": "Kurup" }, "businessUnit": "Unassigned", "contextTypes": [], "createdDate": "2024-02-13T08:41:58.851279Z", "dataTypes": [], "description": null, "homepage": "accounts.google.com", "id": 673639651, "inherentRisk": "NO_CONTEXT", "isTransitional": true, "name": "Google", "potentialRisk": "NO_CONTEXT", "primaryContact": null, "recertificationDate": null, "recertificationType": "NONE", "residualRisk": "NO_CONTEXT", "status": "NOT_ONBOARDED", "subscribers": [], "tags": [ "CCI Low" ], "updatedDate": "2024-02-13T08:42:00.251705Z" }
Update an Existing Relationship
API Endpoint: /api/v1/relationships
Method: PATCH
Headers: Value
Value | Key |
---|---|
Authorization | Bearer <API Token> |
Content-Type | application/json |
Parameters:
{ "id": "673639651", "name": "Google", "homepage": "accounts.google.com", "businessOwnerEmail": "tanushree.kurup@crestdatasys.com", "tags": [ "CCI High" ] }
Sample API Response:
{ "assessments": [], "businessOwner": { "businessUnit": "Unassigned", "email": "tanushree.kurup@crestdatasys.com", "firstName": "Tanushree", "lastName": "Kurup" }, "businessUnit": "Unassigned", "contextTypes": [], "createdDate": "2024-02-13T08:41:58.851279Z", "dataTypes": [], "description": null, "homepage": "accounts.google.com", "id": 673639651, "inherentRisk": "NO_CONTEXT", "isTransitional": true, "name": "Google", "potentialRisk": "NO_CONTEXT", "primaryContact": null, "recertificationDate": null, "recertificationType": "NONE", "residualRisk": "NO_CONTEXT", "status": "NOT_ONBOARDED", "subscribers": [], "tags": [ "CCI High" ], "updatedDate": "2024-02-13T08:52:34.902966Z" }
Performance Matrix
Here is the performance reading conducted by sharing 1000 Applications in each plugin lifecycle on a Large CE instance with these specifications.
Stack details | Size: Large RAM: 32 GB CPU: 16 Cores |
Applications shared to Viso Trust | ~39 per minute |
User Agent
The user-agent added in this plugin is in the following format:
netskope-ce-<ce_version>-<module>-<plugin_name>-v<plugin_version>
For example:
netskope-ce-5.0.0-are-viso-trust-v1.0.0
Workflow
- Get your Viso Trust API Token.
- Configure the Viso Trust plugin.
- Configure a Business Rule.
- Configure Sharing.
- Validate the plugin.
Click play to watch a video.
Get your Viso Trust Token
- Log in to your Viso Trust Platform.
- Click the Profile Icon on the top right.
- Click Profile.
- Select Expiration Period and select a time period.
- Click Generate token.
- Copy the token. It is needed to configure the plugin, and you won’t see it again.
Configure the Viso Trust Plugin
- In Cloud Exchange go to Settings > Plugins.
- Search for and select the Viso Trust box to configure the plugin.
- Enter and select these values:
- Configuration Name: Unique name for the configuration.
- Use System Proxy: Enable if the proxy is required for communication.
- Click Next.
- Enter these values:
- Viso Trust URL: Your Base URL for the Viso Trust instance. For example: https://dev.visotrust.com/.
- Viso Trust Business Owner Email: Your Viso Trust Business Owner email address.
- Viso Trust API Token: Your Viso Trust API Token.
- Click Next.
- Select Company Name = Application Name in the Mapping Information. This is a mandatory selection in the Application Risk Exchange plugin, but for the Viso Trust plugin, these mappings are not acknowledged in the plugin.
- Click Save.
Configure an Application Risk Exchange Business Rule for Viso Trust
To share Applications fetched from Application Risk Exchange to the Viso Trust, you need to have a business rule that will filter out the Applications that you want to share. To configure a business rule, follow the below steps:
- In Application Risk Exchange, go to Business Rules and click Create New Rule.
- Add the filter according to your requirement in the rule, and then click Save.
Configure an Application Risk Exchange Sharing for Viso Trust
To share Applications from Application Risk Exchange to the Viso Trust platform, follow the below steps:
- In Application Risk Exchange, go to Sharing and click Add Sharing Configuration.
- Select the Source Configuration (Netskope ARE), a Business Rule, and the Destination Configuration (Viso Trust).
- Click Save.
Validate the Viso Trust Plugin
Validate the Pull
Pulled Applications will be listed on the Applications page.
To verify pulled logs on CE, go to Logging and search the logs (enter your Netskope ARE plugin name).
Validate the Push
To validate the push in CE, go to Logging and filter shared logs for the ARE Viso Trust plugin.
To check the ingested Applications on the platform, log in to Viso Trust and go to Third Parties > Relationships.
Troubleshooting
Not able to share Applications to Viso Trust
Check if the Application vendors are present or not. If the vendor is not present, then the applications will not be shared.
Check the Steering Domain and if Discovery Domain is not present, then the application will not be shared.
If the applications were previously shared, and there is no change in the CCI score, even then the applications will not be shared.
The logs for all of these cases will be available in the logging sections.