Netskope Threat Protection

Additional Info

CompanyNetskope
Websitehttps://www.netskope.com/
Company size (employees)100 to 499
Type of solutionCloud/SaaS

Overview

With the fast-evolving landscape of malware, ransomware and other threats to the enterprise, it’s crucial for enterprises to have visibility into shadow IT and be able to react to and mitigate problems immediately, ensuring the security of their entire cloud service environment. Netskope Threat Protection includes industry-first complete threat protection for all enterprise cloud services. This first-of-its kind solution provides a comprehensive vantage point over cloud service usage by combining threat intelligence, static and dynamic analysis and machine-learning based anomaly detection. The product enables real-time detection, prioritized analysis, and remediation of threats that may originate from, or can be further propagated by, cloud services and reduces the time required for cloud threat detection and forensic analysis from hours to minutes.

Netskope Threat Protection is designed to prioritize potential threats during scanning without sacrificing the comprehensiveness of the scans performed. This is done at high-speed and in real-time before surfacing forensic analysis. To expedite and automate remediation efforts, Netskope Threat Protection comes with a granular policy enforcement engine and can either trigger workflows or integrate with a customer’s existing remediation toolset.

In 2016, Netskope introduced industry-first ransomware detection and remediation capabilities to Netskope Threat Protection, providing the ability to scan sanctioned services for ransomware and immediately flag and remediate potential attacks before enterprises need to pay a ransom. These capabilities examine files stored in or synchronized with, sanctioned cloud services like Office 365, Box or Dropbox. Using machine learning to detect unauthorized file encryption across more than 70 dimensions, Netskope Threat Protection can quickly detect new ransomware outbreaks that spread into sanctioned cloud services. Through integrations with endpoint detection and response solutions, Netskope Threat Protection can isolate and contain ransomware, and initiate an integrated workflow that leverages versioning capabilities in cloud storage services to restore encrypted files to earlier, unaffected versions.

How we are different

The proliferation of unsanctioned cloud services which, according to Netskope research, outnumber sanctioned services by 10x, has forced IT to blindly set proactive security policies to hedge the risk of threats. Netskope Threat Protection provides a deep view into the entirety of a business’ cloud service usage data, arming IT with the necessary intelligence to set policies that are able to quickly detect and remediate threats.


Netskope Threat Protection addresses organizations’ lack of visibility in the cloud with a 360-degree view into sanctioned and unsanctioned cloud service usage, even if the user is accessing the service remotely or from a mobile device. This vantage point goes beyond other cloud security solutions that fail to see all service usage and data movement, or fail to provide granular control over file sharing activity.


According to Netskope research, 43.7 percent of detected types of malware are common delivery methods for ransomware. What’s more, ransomware made up 4.2 percent of detected threats in April, and over 7 percent in January. Netskope Threat Protection ransomware capabilities scan sanctioned cloud services for unauthorized encryption due to ransomware infection and quickly remediate the effects of a ransomware attack without enterprises paying a ransom.