Skip to main content

Netskope Help

Certificate Pinned Applications

TLS certificate pinning is when a desktop or mobile application validates if the proposed server certificates match the hardcoded ones in the application. It's a security technique used to prevent man-in-the-middle attacks (MITM) and secure access to your organization's applications.

Predefined certificate pinned applications bypass the Netskope cloud by default. You can also create custom certificate pinned apps and add them as exceptions for your steering configuration to bypass them.

Certificate Pinned Apps

On the Certificate Pinned Apps page (Settings > Security Cloud Platform > App Definition > Certificate Pinned Apps), you can:

  1. Search for a certificate pinned app by name or filter the apps by type or platform.

  2. Create a custom certificate pinned app.

  3. View a list of predefined and custom certificate pinned apps. For each app, you can see the following information:

    • Application: The name of the certificate pinned app. Click to edit the platform and definition information.

    • Type: The type of certificate pinned app.

      • Predefined: A common certificate pinned application that bypasses the Netskope cloud by default.

      • Custom: A certificate pinned app you created.

    • Platforms: The affected operating system platform for the certificate pinned app.

    • Bypassed in Steering: The total number of steering configurations where the certificate pinned app is added as an exception. Hover over the value to see the steering configuration names.

    • Last Edited: The last time the certificate pinned app was edited.

  4. Sort the table by application name, application type, or last edited.

  5. Click The More icon. to edit or delete a certificate pinned app. You can only delete custom apps.

  6. View up to 100 certificate pinned apps per page.

  7. View multiple pages of the table.

Traffic-Steering-App-Definition-Certificate-Pinned-Apps.png
Predefined Certification Pinned Application Exceptions

By default, web traffic from the following predefined certificate pinned apps bypass the Netskope cloud and go directly to the destinations:

Application

Platform

Adobe Creative Cloud

Mac

Windows

Amazon Drive

Android

Mac

Windows

Amazon Kindle

Mac

Windows

Amazon WorkSpaces

Mac

Apple App Store

Mac

Backblaze B2 Cloud Storage

Windows

Bitcasa

Mac

Windows

Carbonite

Mac

Windows

Cisco Webex Teams

Mac

Windows

Citrix Workspace

Mac

Windows

CrowdStrike Falcon

Mac

Windows

Diligent Boards

Windows

DocuSign

iOS

Windows

Dropbox

Android

iOS

Mac

Windows

Druva

Mac

Windows

Egnyte

Mac

Windows

ElephantDrive

Mac

Windows

Eventbrite

iOS

Facebook

iOS

Windows

Filemail

Mac

Windows

Foursquare

iOS

Windows

GitHub

Mac

Windows

Google Backup and Sync

Mac

Windows

Google Drive

Mac

Windows

Google Hangouts

Mac

Windows

Google Play

Android

Google Workspace

Windows

GoToMeeting

iOS

Mac

Windows

iCloud Drive

Mac

Windows

Jungle Disk

Mac

Windows

Keybase

Mac

Windows

LivePerson

Mac

Windows

Microsoft 365 Outlook

Mac

Windows

Microsoft Intune Company Portal

Mac

Mozy

Mac

OpenDrive

Windows

PingOne for Enterprise

Android

Planview Projectplace

Windows

Rally Software

iOS

Rescue Remote Support

Mac

Windows

Salesforce

Mac

Skype

Windows

Skype for Business

Windows

SpiderOak

iOS

Windows

SugarSync

Mac

Windows

Swizznet

Windows

TeamViewer

iOS

Mac

Windows

Toggl Track

Mac

Windows

Tresorit

Windows

Twitter

Android

iOS

Mac

Windows

Workday

iOS

Zoom

Mac

Windows