Next Generation SaaS Security Posture Management
Note
Next Generation SaaS Security Posture Management is now declared General Availability.
As enterprises move workloads and sensitive data into the cloud at a rapid pace, SaaS Security Posture Management (SSPM) is a mechanism to look at a cloud infrastructure and service and identify issues, risks, vulnerabilities, and exposures. SSPM allows a user (individual or an enterprise) of a cloud environment to monitor, assess, and act on security, permission, and access related issues in that environment. Netskope gives organizations the visibility, compliance, and protection for critical workloads needed to combat these challenges. With Netskope, get an understanding of your risk exposure, detect misconfigurations, inventory assets, enforce compliance standards, and protect against insider threats and malware.
The Next Generation SSPM solution would, on being granted requisite access to a cloud environment, do the following:
Scan the cloud environment and list resources specific to that environment.
Look at relationships between those resources to identify security related issues in the cloud environment.
Generate alerts for the identified issues, based on customer configuration.
Next Generation Security Posture Management is the new generation platform for Security Posture Management designed to provide the following benefits:
Unified inventory that provides visibility into all your SaaS apps.
Note
Netskope has extended its Next Generation SaaS Security Posture Management capabilities to GitHub, Microsoft 365 (including Azure AD, Exchange, and SharePoint), ServiceNow, Salesforce, Workday, and Zoom. New SaaS applications will be rolled out in due course.
Enhanced policies management page that makes setting up rules, compliance standard, and policies easier.
A new Netskope Governance Language which makes it is easy to build, check, and deploy sophisticated custom rules.
Improvements in compliance page with-respect-to performance, enhanced filtering capabilities, and richer context around compliance findings.
Ability to build rules spanning across heterogeneous SaaS apps using graph based schema which also helps co-relate relationships between apps.
Extendable set of REST APIs now available for Next Generation SSPM that can help to automate and orchestrate SSPM capabilities. For additional information, refer the Swagger documentation available within the Netskope tenant. Navigate to Settings > Tools > REST API v2 > API DOCUMENTATION. Search for the following string
/api/v2/spm
.Visibility into connected apps now available using Netskope Governance Language.
Netskope has extended its Next Generation SSPM capabilities to GitHub, Microsoft 365 (including Azure AD, Exchange, and SharePoint), Salesforce, ServiceNow, Workday, and Zoom. New cloud services and applications will be rolled out in due course.
Next Generation SSPM Support Matrix
Next Generation SSPM supports the following critical capabilities:
Audit event: Netskope retrieves audit events for any change made in the SaaS app (upload, download, delete, and more). You can view the audit logs/events on the Skope IT > EVENTS > Application Events page of the Netskope UI. For more information, see Skope IT.
UEBA: Standard User and Entity Behavior Analytics. Enable rule-based and ML-based policies to review user and entity behavior on the Policies > Behavior Analytics page of the Netskope UI. For more information, see Behavior Analytics Policies.
Compliance: Security configuration rules and policies that map to industry compliance standards. For more information, see Next Generation SaaS Security Posture Management Policy Wizard and Next Generation SaaS Security Posture Management Dashboard.
Graph-powered rule: Make graph queries with Netskope Governance Language (NGL) and create graph-powered detections to correlate security risk across SaaS apps. For more information, see Custom Rules Using Netskope Governance Language.
SaaS App | Audit event | UEBA | Compliance | Graph-powered rule | Documentation link |
---|---|---|---|---|---|
Box | Yes | Yes | - | - | |
Citrix ShareFile | Yes | Yes | - | - | |
Dropbox | Yes | Yes | - | - | |
Egnyte | Yes | Yes | - | - | |
GitHub | Yes | Yes | Yes | - | |
Google Drive | Yes | - | - | - | |
Microsoft Azure AD | - | - | Yes | Yes | Next Generation SaaS Security Posture Management for Microsoft 365 |
Microsoft 365 Suite | - | - | Yes | Yes | Next Generation SaaS Security Posture Management for Microsoft 365 |
Microsoft Office 365 OneDrive | Yes | Yes | - | - | |
Microsoft Office 365 OneDrive GCC High | Yes | Yes | - | - | Next Generation API Data Protection for Microsoft 365 OneDrive |
Microsoft Office 365 SharePoint | Yes | Yes | Yes | Yes |
|
Microsoft Office 365 SharePoint GCC High | Yes | Yes | - | - | Next Generation API Data Protection for Microsoft 365 SharePoint |
Microsoft Office 365 Teams | Yes | Yes | - | - | |
Microsoft Office 365 Teams GCC High | Yes | Yes | - | - | Next Generation API Data Protection for Microsoft 365 Teams GCC High |
Microsoft Office 365 Yammer | Yes | - | - | - | Next Generation API Data Protection for Microsoft 365 Yammer |
Okta | Yes | - | - | - | |
Salesforce | Yes | Yes | Yes | Yes |
|
ServiceNow | - | - | Yes | - | Next Generation SaaS Security Posture Management for ServiceNow |
Slack for Enterprise | Yes | Yes | - | - | |
Workday | Yes | - | Yes | - | |
Workplace by Facebook | Yes | Yes | - | - | |
Zendesk | Yes | - | - | - | |
Zoom | Yes | - | Yes | - |