New Features And Enhancements In Release 93.0.0
Here is the list of the new features and enhancements.
New Inline App Connector Support
Netskope extends support for Figma, a popular and collaborative graphics editor and prototyping tool used worldwide, and adds activity detection in the browser for the following:
Login Attempt
Login Successful
Logout
Login Failed
Upload
Download
Share
View
Unshare
Create
Remove The App Connectors For Defunct Apps
Deprecating and removing the following applications from the list of applications available for Real-Time Policy Enforcement:
Action Solutions AG
AgileBench
ClearSync
Cloudon
ContactChamp
Dealernet
Digitalbucket
DocLanding
GetDashboard
Goshido
Greenerbilling
GroupCamp
HomePipe
Kanbanery
Odysen
Oprius
TimeBridge
TrueShare
Wunderlist
Slideshark
Important
All these applications are defunct and are deprecated by the respective App providers.
DLP Support For Edit Activity
Salesforce app has DLP support enabled on Edit activity on the user interface (UI). Netskope no longer supports this and removed DLP support for Edit activity for Salesforce.
Support For Post Activity In Workplace
Netskope extends support for Post activity in the Workplace application and you can post text-based content in your Workplace application. You can configure real-time policies based on Post activities.
DLP Support For Create Activity
Netskope adds DLP support for Create activity in the ServiceNow application. This allows Create as an activity in a real-time policy with a DLP Profile applied to it.
Addition Of Secure Attributes In Netskope Session Cookies
HttpOnly and Secure attributes are added to netskope_info, netskope_check, and nsauth_session cookies as part of security enhancements.
App Connector Revamp
In this release, Netskope extends support for the HelloSign application by adding Login Attempt and Send activities as part of the app activities. Login Attempt is triggered when the user tries to log into the application. Send activity is triggered when the user tries to send a document.
Rename Activity for DocuSign
In this release, Netskope extends support for the DocuSign application by adding new activity called Rename that gets triggered for file rename activity navigation.
Turn On Flag For Puppeteer
Improvements in report resolution for downloaded PDF.
Regex Support For Element Of AWS Policies
Netskope IaaS CSA added support for regular expression checks over AWS policy documents of S3bucket, SNSTopic, SQSQueue, and SES.
After this change, all custom rules which are dependent on AWS policies such as "S3Bucket should not have BucketPolicy with [ Statement with [ ( Action has ( "s3:Delete*" ) or Action has ("S3:Delete*") or Action has ("S3:*") or Action has ("s3:*") ) and Effect eq "Allow" and Principal has ( "*" ) and Conditions len ( ) eq 0 ] ]" is now rewritten like "S3Bucket should not have BucketPolicy with [ Statement with [ ( Action with [ value like "(?i)s3:Delete" or value like "(?i)S3:\*" ] ) and Effect eq "Allow" and Principal with [ value eq "*" ] and Conditions len ( ) eq 0 ] ]".
This enhancement ensures no false negatives are reported for AWS policy documents of S3bucket, SNSTopic, SQSQueue, and SES.
Applications Moved to CASB Category
In this release, Netskope adds the following new CASB categories:
Advocacy Groups & Trade Associations
Arts
Auctions & Marketplaces
Business
Family & Parenting
File Converter
File Repositories
File/Software Download sites
Financial Aid & Scholarships
Financial News
Games
Government & Legal
Health & Nutrition
Hobbies Interests
Home & Garden
Insurance
Investors & Patents
Kids
Lifestyle
Nursing
Online Ads
Pets
Philanthropic Organizations
Photo Sharing
Religion
Science
Search Engines
Social & Affiliation Organizations
Sports
Technology
Telecommuting
Trading & Investing
Translation
Web Conferencing
In addition, Netskope also moved a few existing CCI applications to newly added categories since they fit there better, and also they were seen as re-cat requests. Following are the list of apps that moved to a new category:
Application Name | Old Category | New Category |
---|---|---|
ACKO | Business Process Management | Insurance |
Arts People | Business Process Management | Arts |
CommunitySuite | Business Process Management | Financial Aid & Scholarships |
Fundable | Business Process Management | Investors & Patents |
GameSpot | Business Process Management | Games |
HealthyChildren.org | Business Process Management | Family & Parenting |
Hometalk | Business Process Management | Hobbies & Interests |
The Bureau of Meteorology | Business Process Management | Government & Legal |
WebMD | Business Process Management | Health & Nutrition |
Forbes | Consumer | Financial News |
garDsign | Consumer | Home & Garden |
iStockPhoto | Consumer | Photo Sharing |
Justdial | Consumer | Search Engines |
Kayo Sports | Consumer | Sports |
mywellness consumer | Consumer | Lifestyle |
PDF Converter | Consumer | File Converter |
Fidelity | Finance/Accounting | Trading & Investing |
PetSitClick | Finance/Accounting | Pets |
GoFundMe | Forums | Philanthropic Organizations |
ATI Nursing Education | Knowledge Management | Nursing |
eBay | Shopping | Auctions & Marketplaces |
TinyTap | Social | Kids |
New Transaction Log Fields
x-transaction-id and x-request-id are new transaction log fields that are available from this release.
Skip Retrying Of Failed Events In Collaborator
Reduces the number of notifications in case of multiple alerts from inline policy evaluation, by sending a single notification whenever a policy hit and regardless of the number of subsequent policy hits during any 30 minutes.
Reserved Application Name From API Gateway For Private App Creation
Netskope_Discovery_App is a reserved private app name. The administrator is not allowed to create a private app with this name.
Soft Limits For The Number Of Publishers
Each tenant can have up to 100 NPA Publishers. Contact Support to increase this limit for the tenant. The admin UI will display a warning when the number of Publishers exceeds 90% of the allowed limit.
Soft Limits For The Number Of Private Applications
Each tenant can have up to 1000 private application definitions. Contact Support to increase this limit for the tenant. The admin UI will display a warning when the number of private applications exceeds 90% of the allowed limit.
Enhancements to NPA policy updates
Netskope enhanced the NPA Cloud to support dynamic routing of traffic to Private Apps when Publishers reconnect. This enhancement reduces client and app reconnections by dynamically routing traffic to available publishers.
NPA API Gateway
With this release, you can automate NPA configurations using API with the following supported HTTP methods:
GET
POST
PUT
PATCH
DELETE
To learn more, go to Settings > Tools > REST API v2 in your Netskope tenant, and then click the API Documentation link.
MITRE ATT&CK Framework For Mapping Threat Behaviors In Sandbox Analysis
Observed behaviors in the cloud sandbox are mapped to the MITRE ATT&CK® framework for security teams to understand the scale and impact of an incident quickly and drive actionable mitigation measures. The MITRE ATT&CK framework < https://attack.mitre.org > is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
To learn more: Viewing Cloud Sandbox Analysis
Retrohunt API
Retrohunt API provides an API that allows you to query detections by hash (md5,sha256) if the file has been seen (whether malicious or benign) in traffic within the Netskope tenant. Additionally, a report can be retrieved for the detections and verdicts by the different engines.
To learn more, go to Settings > Tools > REST API v2 in your Netskope tenant, and then click the API Documentation link.
Steering API Security enhancement
Netskope enhanced the REST API calls from Netskope Agent to use AuthHeader for better security. Currently, this facility is behind a feature flag that is disabled by default.
In addition to documenting all new and improved features, here is the list of articles with key documentation updates:
New Release Notes Format: Segregated all release notes into five different categories: Cloud Release Notes, Netskope Private Access Release Notes, CTEP Release Notes, Netskope Cloud Exchange Release Notes, and Netskope Appliance Release Notes.
Netskope Cloud Exchange Release Notes: Moved Netskope Cloud Exchange Release Notes from Integrations > Netskope Cloud Exchange to Release Notes > Netskope Cloud Exchange Release Notes.
Certificate Pinned Applications: New document about certificate pinned applications and exceptions.
Managing Error Settings: Improved the content and structure for the steering error settings.
Cloud Security Posture Management: The structure and content for CSPM have been further improved.