Getting Started with CSPM for Public Cloud
Netskope Public Cloud Security provides a security assessment framework which accesses and analyzes the posture of your IaaS resources in AWS, Azure, and Google Cloud Platform, and generates alerts that an administrator can remediate. You can configure one or more accounts to be evaluated against CIS benchmarks such as CIS AWS Foundations, CIS Microsoft Azure Foundations, or your own assessment framework. Netskope assesses your environment and measures against benchmarks and best practices. Netskope securely audits your cloud services continuously so you can determine if there are any potentially exploitable misconfigurations.
To set up CSPM for public cloud, you need to:
Configure Security Posture for each AWS account, Azure tenant, and GCP organization.
To learn more:
Assign roles to IaaS/PaaS administrators.
To learn more about managing admin privileges using Netskope UI, see Managing Administrators.
Set up security assessment policies
To learn more: Creating Security Assessment Policies for Netskope Public Cloud Security.
To learn more about creating custom security assessment rules, see Custom Rules using Domain Specific Language.
Here are references to APIs that help you automate deployments at scale.
To manage your IaaS instances, use
https://<tenant-name>.goskope.com/api/v1/introspection_instance
To receive security assessment violations from the latest scan, use
https://<tenant-name>.goskope.com/api/v1/security_assessment
To learn more about REST API endpoints: Public Cloud API Endpoints for REST API v1.