Netskope Threat Protection

Leverage multiple prevention defense layers, threat intelligence feeds, automated IOC sharing, UEBA anomaly detection including data exfiltration, remote browser isolation, plus granular policy controls using data context.

• Leverage multiple prevention defense layers, including anti-malware, client traffic exploit prevention (CTEP), heuristics, machine-learning analysis, and pre-execution document and script analysis
• Leverage 40+ shared threat intelligence feeds to detect known threats
• Cloud Threat Exchange (CTE) provides bi-directional automated IOC sharing
• Add-on Netskope Remote Browser Isolation (RBI) to isolate risky websites, and Netskope Cloud Firewall (CFW) to secure all ports and protocols users and offices
• Detect data exfiltration anomalies between company and personal instances
• Decode cloud traffic to understand user, app, instance, risk, activity and data to detect and block:
  • Fake phishing forms used by cloud phishing attacks
  • Malicious Office documents and scripts
  • Cloud hosted malware payloads

Use multiple detection defenses, including machine learning anomaly detection and sandboxing, to uncover unknown threats, plus leverage 90 days of rich metadata for investigations and threat hunting.

• Detect unknown threats and anomalies using sandbox analysis, user and entity behavior analytics (UEBA), machine learning models, and more to identify malicious activity (like data exfiltration, bulk downloads, and shared credentials)
• Investigate and hunt for threats using 90 days of rich metadata for cloud services, apps, and web traffic
• Integrate threat intelligence and incident details to improve the effectiveness of your security infrastructure, such as endpoint detection and response (EDR) solutions, security incident and event management (SIEM) systems, and security orchestration and automation response (SOAR) solutions

Benefit from the insights of Netskope Threat Research Labs, which is dedicated to the discovery and analysis of new cloud threats, alongside 40+ shared threat intelligence sources, for up-to-the-minute protection against the threats you are facing.

• Leverage proprietary threat intelligence from Netskope Threat Research Labs, which is a dedicated team focused on the discovery and documentation of new cloud threats
• Complement knowledge with 40+ external threat intelligence sources, plus custom-defined IOC hashes and URLs from your internal threat intelligence
• Understand how cloud services and apps are being used to subvert legacy web and email defenses and how allow/deny policies fail
• Learn and develop policies to block rogue accounts instances related to cloud phishing, malicious script delivery, and malware payloads

Block or quarantine attacks before they can do any damage and take advantage of automated workflows to further analyze and reverse the effects of known threats. Plus, integrate and share threat intelligence and incident details with other security solutions in your infrastructure to coordinate responses.

• Automatically stop known or suspected threats, with options to alert, block, or quarantine
• Leverage automated policies and workflows for real-time response that stop or even reverse the effects of cloud and web threats
• Support targeted or broad policies for cloud services, at the service, service instance, or service category level
• Integrate with third-party remediation tools, such as endpoint detection and response (EDR) solutions, to coordinate incident remediation