Skip to main content

Netskope Help

Next Generation SaaS Security Posture Management

Note

Next Generation SaaS Security Posture Management is now declared General Availability.

As enterprises move workloads and sensitive data into the cloud at a rapid pace, SaaS Security Posture Management (SSPM) is a mechanism to look at a cloud infrastructure and service and identify issues, risks, vulnerabilities, and exposures. SSPM allows a user (individual or an enterprise) of a cloud environment to monitor, assess, and act on security, permission, and access related issues in that environment. Netskope gives organizations the visibility, compliance, and protection for critical workloads needed to combat these challenges. With Netskope, get an understanding of your risk exposure, detect misconfigurations, inventory assets, enforce compliance standards, and protect against insider threats and malware.

The Next Generation SSPM solution would, on being granted requisite access to a cloud environment, do the following:

  • Scan the cloud environment and list resources specific to that environment.

  • Look at relationships between those resources to identify security related issues in the cloud environment.

  • Generate alerts for the identified issues, based on customer configuration.

Next Generation Security Posture Management is the new generation platform for Security Posture Management designed to provide the following benefits:

  • Unified inventory that provides visibility into all your SaaS apps.

    Note

    Netskope has extended its Next Generation SaaS Security Posture Management capabilities to GitHub, Microsoft 365 (including Azure AD, Exchange, and SharePoint), ServiceNow, Salesforce, Workday, and Zoom. New SaaS applications will be rolled out in due course.

  • Enhanced policies management page that makes setting up rules, compliance standard, and policies easier.

  • A new Netskope Governance Language which makes it is easy to build, check, and deploy sophisticated custom rules.

  • Improvements in compliance page with-respect-to performance, enhanced filtering capabilities, and richer context around compliance findings.

  • Ability to build rules spanning across heterogeneous SaaS apps using graph based schema which also helps co-relate relationships between apps.

  • Extendable set of REST APIs now available for Next Generation SSPM that can help to automate and orchestrate SSPM capabilities. For additional information, refer the Swagger documentation available within the Netskope tenant. Navigate to Settings > Tools > REST API v2 > API DOCUMENTATION. Search for the following string /api/v2/spm.

  • Visibility into connected apps now available using Netskope Governance Language.

Netskope has extended its Next Generation SSPM capabilities to GitHub, Microsoft 365 (including Azure AD, Exchange, and SharePoint), Salesforce, ServiceNow, Workday, and Zoom. New cloud services and applications will be rolled out in due course.

Next Generation SSPM Support Matrix

Next Generation SSPM supports the following critical capabilities:

Table 16. Next Generation SSPM Support Matrix

SaaS App

Audit event

UEBA

Compliance

Graph-powered rule

Documentation link

Box

Yes

Yes

-

-

API Data Protection for Box

Citrix ShareFile

Yes

Yes

-

-

Next Generation API Data Protection for Citrix ShareFile

Dropbox

Yes

Yes

-

-

API Data Protection for Dropbox

Egnyte

Yes

Yes

-

-

API Data Protection for Egnyte

GitHub

Yes

Yes

Yes

-

Google Drive

Yes

-

-

-

Microsoft Azure AD

-

-

Yes

Yes

Next Generation SaaS Security Posture Management for Microsoft 365

Microsoft 365 Suite

-

-

Yes

Yes

Next Generation SaaS Security Posture Management for Microsoft 365

Microsoft Office 365 OneDrive

Yes

Yes

-

-

API Data Protection for Microsoft Office 365 OneDrive

Microsoft Office 365 OneDrive GCC High

Yes

Yes

-

-

Next Generation API Data Protection for Microsoft 365 OneDrive

Microsoft Office 365 SharePoint

Yes

Yes

Yes

Yes

Microsoft Office 365 SharePoint GCC High

Yes

Yes

-

-

Next Generation API Data Protection for Microsoft 365 SharePoint

Microsoft Office 365 Teams

Yes

Yes

-

-

API Data Protection for Microsoft Office 365 Teams

Microsoft Office 365 Teams GCC High

Yes

Yes

-

-

Next Generation API Data Protection for Microsoft 365 Teams GCC High

Microsoft Office 365 Yammer

Yes

-

-

-

Next Generation API Data Protection for Microsoft 365 Yammer

Okta

Yes

-

-

-

Next Generation API Data Protection for Okta

Salesforce

Yes

Yes

Yes

Yes

ServiceNow

-

-

Yes

-

Next Generation SaaS Security Posture Management for ServiceNow

Slack for Enterprise

Yes

Yes

-

-

API Data Protection for Slack for Enterprise

Workday

Yes

-

Yes

-

Workplace by Facebook

Yes

Yes

-

-

API Data Protection for Workplace by Facebook

Zendesk

Yes

-

-

-

Next Generation API Data Protection for Zendesk

Zoom

Yes

-

Yes

-