Network visibility and control, Advanced Evasive Threat Detection, context-aware zero trust integrations accelerate cloud networking and security operations
Netskope announced several new innovations in the Netskope One platform, including expanded digital experience management (DEM) features and benefits. Combining key network and security capabilities, Netskope One continues to improve the effectiveness of enterprise network infrastructure and operations (I&O) and security teams, enabling the entire organisation to optimise the user experience while protecting critical data and reducing risk, cost, and complexity.
Coming on the heels of Netskope being recognised as a Leader in the 2024 Gartner Magic Quadrant for Single-Vendor SASE and as a Leader in the 2024 Gartner Magic Quadrant for Security Service Edge, the newly announced Netskope One platform advancements include the following.
Transforming network monitoring and user experience management
Organisations frequently struggle to identify connectivity issues and quickly isolate the root causes of user experience degradation. This challenge is exacerbated by existing tools that are not designed to support hybrid work environments and cloud-based applications, leading to increased operational complexity and user frustration. To help alleviate these challenges, Netskope continues to expand the Proactive DEM capabilities in Netskope One, with the introduction of Proactive Digital Experience Management Enterprise (Proactive DEM Enterprise).
Proactive DEM Enterprise provides expert-level insight and analytics for security, network, and IT operations teams with a 360-degree view of network performance and experience, accounting for end-to-end visibility from user to applications, by monitoring traffic and services across the entire traffic path, including the SASE platform. Proactive DEM Enterprise delivers granular telemetry and flexible monitoring with true user experience management capabilities at both the user or site level, supporting the business objectives of midmarket to large enterprises. Building upon Netskope’s DEM offerings, the newly added DEM solution uses AI/ML-driven network performance diagnostics to help reduce operational costs by providing faster time-to-resolution when troubleshooting, ensuring organisations maintain optimal performance and user satisfaction.
Bringing traffic visibility to Secure Service Edge
As users, applications, and security infrastructure move to the cloud, traffic packet captures – once a key resource for providing visibility to security operations teams – are today a blind spot for most cloud-based SSE solutions. Now generally available for production environments, Netskope Cloud TAP is a packet capture tool with the ability to capture packets in the Netskope private cloud environment and feed them to advanced security tools like Network Detection & Response (NDR) or Network Performance Monitoring (NPM) for analysis. Netskope Cloud TAP comes ready to use with partner integrations, including from ExtraHop and others to support advanced evasive threat detection, application performance monitoring, help desk troubleshooting, and user experience, plus support for major compliance regulations including PCI DSS, HIPAA, and NIST SP 800-53.
Machine learning for automated C2 beacon detection
Highly evasive threats use Command and Control (C2) beacons that evade detection by commonly deployed security defences. The most common mitigation practice today is to hire highly skilled threat researchers to manually analyse traffic to determine malicious beacons. Netskope Advanced UEBA (User and Entity Behavior Analytics) overcomes these limitations thanks to new machine learning (ML) models for automated C2 beacon detection in Intelligent SSE traffic event logs for web and cloud access, helping automate a process that previously required intense manual efforts by security teams to detect malleable C2 beacons, including from in-memory frameworks such as Cobalt Strike, Mythic, and Sunburst.
Evolving the risk exchange ecosystem to maximise threat prevention efficacy
Every organisation has a different risk appetite, which can make it difficult for teams to analyse and normalise risk signals across the different security tools in their ecosystem. The newly expanded Netskope Cloud Risk Exchange (CRE) provides a consolidated business rule framework for continuously identifying and policing risk signals across Netskope SSE and through newly added integrations from Netskope partners including CrowdStrike, Microsoft, Okta, and Wiz. Using the CRE, customers can automate and normalise the exchange of disparate risk signals for the right users, devices, applications, and workloads to the right destinations and outcomes to greatly reduce their attack surface and enhance overall data protection.
Ongoing innovation and meeting our customers where they are in their cloud transformation and SASE architecture journeys remains core to Netskope’s overall charter,” said Krishna Narayanaswamy, co-founder and CTO, Netskope. “As a market leader, Netskope enables both network infrastructure and operations (I&O) and security teams to optimise connectivity while reducing risk, cost, and complexity. Combining SSE and SD-WAN across the Netskope NewEdge infrastructure, the Netskope One platform is the SASE offering that can deliver these capabilities using one engine, one client, one gateway, and one network.”
As part of Netskope One, Proactive DEM Enterprise, Cloud TAP, and the expanded Cloud Risk Exchange are generally available to Netskope customers today. Netskope Advanced UEBA enhancements will be available later this year.