SkopeAI: AI-powered Data Protection and Intelligent ZTNA that Mimics the Human Brain

In the modern, cloud-first era, traditional data protection technology approaches struggle to keep up. Data is rapidly growing in volume, variety, and velocity. It is becoming more and more unstructured, and therefore, harder to detect, and consequently, to protect. Most DLP solutions today rely only on textual data analysis in order to detect what data is sensitive, utilizing regular character patterns and content matching techniques applied to “conventional” data types (such as Word documents and spreadsheets). These techniques were once revolutionary; today, they are behind.

Similarly, traditional zero trust network access (ZTNA) solutions often depend on broad wildcard domains and IP subnets, making secure access management cumbersome and inefficient.

Don’t get me wrong: it is fundamental for DLP to be equipped with as many text analysis tools as possible—after all, if identifiable, it’s the content itself that is sensitive. DLP must be able to recognize thousands of known sensitive data types and unambivalent regular expressions, plus understand different data specific to countries and languages. For reliability, DLP must also be equipped with highly scalable data fingerprinting engines that can memorize and match specific information found in sensitive databases and documents. Textual content must be clear and legible in order to be leveraged by such engines. To minimize false positives, today it is also fundamental to leverage rich context, deep learning, natural language processing (NLP), and other newer ML and AI based automated techniques.

ZTNA must also adapt to reduce operational overhead and strengthen security by simplifying policy management and configuration audits. Modern business relies on unstructured data like images and screenshots to quickly share information. However, traditional optical character recognition (OCR) struggles with low-quality images and consumes excessive resources, leading to delays and unreliable results. As visual data sharing grows, smarter solutions are needed to accurately identify and protect sensitive information.

To address these challenges, Netskope has pioneered SkopeAI, a suite of AI and ML innovations that revolutionizes both data protection and secure access.

Evolving modern DLP

For modern businesses, DLP has to evolve. Think of the necessity for modern DLP as akin to functioning like a human brain. Our brain doesn’t necessarily have to read the text in a document like a picture ID to tell that the document is indeed a picture ID containing personally identifiable information (PII). Now, modern DLP can do the same.

To solve modern DLP challenges, Netskope has pioneered ML-enabled image classification. This technique leverages deep learning and convolutional neural networks (CNN) to swiftly and accurately identify sensitive images without the need for text extraction. It mimics the human visual cortex, recognizing visual characteristics such as shapes and details to comprehend the image as a whole (much like how we can recognize that a passport is a passport without necessarily reading the details in it). ML enables feature recognition even in poor quality images, akin to the capabilities of the human eye. This is crucial, as images can be blurry, damaged, or discolored, yet still contain sensitive information.

The importance of personalized data classifiers

Netskope’s industry-leading ML classifiers empower automated identification of sensitive data, revolutionizing the categorization of images and documents with exceptional precision. This breakthrough technology detects and safeguards various sensitive data types, including source code, tax forms, patents, identification documents like passports and driver’s licenses, credit and debit cards, as well as full-screen screenshots and application screenshots. The ML classifiers work in conjunction with text-based DLP analysis (like data identifiers, exact matching, document fingerprinting, ML-based NLP and deep learning etc.), complimenting the DLP analysis of a file when text is indecipherable or harder to extract. They greatly enhance the detection accuracy and help enable DLP controls in real-time.

But what if I told you that a set of predefined ML classification templates may still not be enough?

Nowadays, organizations also possess proprietary document types and templates, personalized forms, and industry-specific files that fall outside the realm of standard ML classifiers. Netskope’s Train Your Own Classifiers (TYOC) technology revolutionizes data protection by combining the strength of AI, the adaptability of ML, and the convenience of automation. TYOC automatically identifies and categorizes new data based on a “train and forget” approach. Consider this analogy: your brain can recognize a known document like a passport or a W-2 form, but it won’t identify a new document type you’ve never encountered before. Yet, once your eyes see it and your brain learns its features, you can easily recognize it in the future. This is precisely how TYOC operates.

With TYOC, Netskope has democratized AI and ML data protection, granting customers the power of AI, automation, and adaptive learning as part of the Netskope Intelligent SSE capabilities available today. Organizations can embrace these cutting-edge advancements to safeguard their sensitive data and stay ahead of ever-evolving data protection requirements. This innovation empowers organizations to confidently address today’s most formidable data protection challenges while relieving policy administrators of most manual burdens, allowing them to focus human resources on more critical tasks.

Policy recommendations and configuration audits

Beyond data protection, SkopeAI extends its capabilities to simplify zero trust network access (ZTNA) deployments with intelligent policy recommendations and configuration audits. SkopeAI for ZTNA helps organizations streamline their migration from broad wildcard domains (e.g., *.corp.com) and IP subnets (e.g.:10/8) to more precise Fully Qualified Domain Names (FQDNs) and IP addresses—effortlessly overcoming operational complexity.

For example, a global enterprise with 70,000 users, used SkopeAI for ZTNA to analyze 90 days of access patterns. The system recommended optimized Private Application Segments for Active Directory controllers, file shares, RDP, and SSH servers, along with corresponding user groups for policy assignment. Administrators implemented these recommendations instantly, saving months of manual effort and achieving a tighter security posture.

SkopeAI for ZTNA doesn’t stop there. It performs monthly audits to continuously optimize configurations and policies, including:

• Configuration optimization: Removing unused wildcards, narrowing IP ranges, and replacing them with specific FQDNs or ports.
• Policy optimization: Identifying and eliminating unused Private Application definitions and redundant user groups.

Organizations like TD Bank have also benefited from SkopeAI’s proactive recommendations, creating a positive feedback loop that strengthens their security posture without extensive manual effort.

Conclusion

Netskope SkopeAI, the new suite of AI and machine learning (AI/ML) innovations, is now available across the complete Netskope SASE portfolio. By evolving traditional data loss prevention (DLP) with ML-driven image classification and simplifying ZTNA policy recommendations, SkopeAI delivers cutting-edge data protection and cyber threat defense. These AI-speed innovations overcome the limitations of legacy technologies, enabling organizations to strengthen security, reduce complexity, and keep pace with modern business demands.

If you’d like to learn more, please visit our dedicated SkopeAI page or watch this video featuring a conversation about AI with Netskope CTO Krishna Narayanaswamy: