Netskope Help

Netskope API Data Protection can now scan Slack Enterprise direct and channel messages for DLP when sent via the Slack email app. Netskope scans the body of the email only.

Netskope API Data Protection has now validated support up till ServiceNow San Diego release.

Standard UBA shared credentials policy allows username exceptions to prevent alerts from legitimate credential reuse by multiple users.

You can now view, edit and download publicly shared Google Drive documents without sign in. Instance_id helps to identify these activities as public-link if the user fails to sign in.

The Slack application now supports Google Drive file sharing. When a file is shared Slack prompts to edit share permission and a Share event is generated for every file share.

Instance_id is captured as Unauthenticated on logging into the Google Meet application without sign in. Earlier it was captured as public.

Netskope supports Preview activity in the SuccessFactors application as part of Print Preview for Manage Permission Groups and, Manage Permission Roles module. Admin access activities can be previewed based on admin roles and groups. Now you can can configure policies in real-time based on Preview activity.

Support is introduced for Admin access for the following modules:

GMX Create supports create file and folder activity to create a file or folder in GMX Cloud while Delete supports deleting files from GMX Cloud.

Netskope discontinues support for Access Denied activity in the Amazon S3 application due to insufficient hits and use cases.

This feature is available while logging-in through Console and Command Line Interface (CLI) based on Login Domain or Service-Account.

In this release, Netskope includes Join activity coverage for Google Meet iOS.

This release supports the following functionalities in Microsoft OneNote Feed:

DLP Inspection Support

The DLP engine inspects the data while editing the notes and taking necessary actions.

Limitation

The engine does not display the file name while uploading a file. However, it displays an alert with the important details.

In this release, Netskope enhances browser traffic coverage for the following AWS applications:

In addition to this, Amazon Elastic Kubernetes Service (Amazon EKS) activities are mapped as follows:

UC and Web UC app connectors discontinue sending image file type to TSS Engine.

Auth proxy supports custom block template configured using Netskope UI > Policies > User Notification.  To enable the feature, please contact Netskope Support with the template name as input.

Netskope supports Create Draft activity with DLP.  This feature helps to identify Data exfiltration for draft messages in Gmail.

Netskope enhances all widgets under Compromised Credential template with new widgets to create reports.

With this release, Netskope updates application category for:

Netskope updates the following application names.

In this release, Netskope enhanced U.S. full name detection.

Netskope updates image classification Machine Learning (ML) model to enhance accuracy in the detecting images of various classes.

Netskope introduces German Driver License Number Entity that uses checksum validation to reduce false positives.

This release supports additional email DLP specific variables that can be referenced in email notification templates. These Simple Mail Transfer Protocol (SMTP) variables include:

These new variables enhance email DLP troubleshooting for administrators.

Limitation

If the SMTP specific variables are chosen for inline proxy traffic notifications, their value will be empty. This applies to all the variable names beginning with SMTP.

To learn more: Policy Notification Templates.

You now can use wildcards when entering domains for your email DLP configurations on the Netskope cloud instead of listing individual domains. This enhancement reduces the email DLP configuration time for admins by accepting and validating top-level domains.

To learn more: Configure Netskope SMTP Proxy with Microsoft O365 Exchange and Configure Netskope SMTP Proxy with Gmail.

Netskope has added support to monitor users, groups, and group memberships in Microsoft 365 Yammer. To leverage this enhancement, new permissions are requested by the Netskope CASB API app.

Netskope supports newly observed domains (NOD), which capture domains observed as active in the last 30 days. Threat actors might register a domain and leave it dormant for a period of time to avoid newly registered domain (NRD) classification. Later, they can use the domain for malicious activities, such as malware hosting and phishing. Netskope doesn't automatically categorize NRD's and NOD's as security risks. You must configure your policies to generate these alerts.

To learn more: Category Definitions.

With this release, you can exclude users, user groups, and organizational units when configuring the Source field in Real-time Protection policies.

To learn more: Real-time Protection Policies.

Netskope enables HTTP(S) traffic from non-standard ports (that is, any port other than 80 and 443) by default. Non-standard ports should be configured on WebUI for access methods (such as NSClient, IPsec, GRE, and so on) to forward non-standard port traffic to NSProxy.

In this release, Netskope enhances the HTTP Header Profile feature with new capabilities, such as new header support, regex, and so on.

To learn more: HTTP Header Profile.

Netskope Cloud Real-time Protection policies now provide access control to WebDAV traffic, by providing the ability to configure WebDAV extension methods under HTTP header profiles.

To learn more: HTTP Header Profile.

Netskope supports applying SSL Do Not Decrypt policies and Real-time Protection policies based on destination IP addresses. Destination IP addresses can be configured in custom URL lists.

To learn more: URL Lists.

As part of the SSPM portfolio, Netskope now supports security posture for Workday.

Skope IT Alert Details now supports nested view for alerts generated from Advanced UEBA and IaaS storage scans.

Netskope includes profile name detection for Custom Profile Hit on the Malware page.

To learn more: About Malware.

Netskope updated the CTEP user notification to display Security Threat Blocked instead of Non-Compliant Action.

To learn more: About IPS Settings.

You now can configure custom notifications for users when they trigger a CTEP alert.

To learn more: About IPS Settings.

This was earlier a beta feature . The Netskope Android App now supports SWG service. Web traffic can now be directed towards Netskope Security Cloud with this new version of Android App. Also, enhanced the domain and app bypass options.