Netskope launches Cloud Exchange for cloud security
Netskope, SASE company has launched Cloud Exchange, a suite of integration modules from Netskope and strategic partners that make customers’ existing security infrastructure much more efficient at stopping cloud security threats.
Cloud Exchange successfully enables cloud-based data and intelligence sharing across security and IT operations teams, helping those teams act faster and more effectively.
Cloud security risks continue to grow, a trend further accelerated by the pandemic-driven shift to remote work. According to Netskope Threat Labs research, cloud-delivered malware has reached an all-time high as of the second half of 2021, accounting for nearly 70% of malware delivery overall. Solving myriad web and cloud security challenges requires teams to proactively share actionable threat intelligence and use tools that draw on the best of multi-vendor integrations to shorten time-to-value, reduce friction in the delivery of security services, and increase the overall effectiveness of infrastructure.
Andy Horwitz, Vice President, Business Development, Netskope says: "Teams endure security operations complexity and often struggle to operationalise the valuable telemetry and threat intelligence that would make their security infrastructure more efficient.
“With Cloud Exchange, we’re removing complexity and helping all customers get more out of the investments they’ve made in their security stack. We’re very pleased to collaborate with important partners in security and workflow management to make this easy today.”
New or enhanced Cloud Exchange integration modules announced include exporting logs, automating service tickets, sharing indicators of compromise (IOCs), and exchanging risk scores, delivered by Netskope with integrations for well-known technology partners and domain specialists. Cloud Exchange modules include the following:
● Cloud Threat Exchange (CTE) enables automated bi-directional IOC sharing of file hashes and malicious URLs, such as between Netskope and CrowdStrike for the latest in ransomware and threat intelligence. CTE has plug-ins for multiple security vendors, industry standards STIX and TAXII, plus customers can create their own CTE plug-ins.
● Cloud Ticket Orchestrator (CTO), new this year, automatically creates service tickets from Netskope alerts within IT service management and collaboration tools such as those from Atlassian, PagerDuty, ServiceNow, and Slack, helping to automate response workflows.
● Cloud Risk Exchange (CRE) enables the exchange and normalization of risk ratings between security solutions, such as Zero Trust Assessment (ZTA) for devices from CrowdStrike and user confidence index (UCI) risk ratings from Netskope. CRE enables adaptive policy controls to support zero trust principles, and can automatically invoke CTO service tickets to trigger investigations.
● Cloud Log Shipper (CLS) exports Netskope logs to preferred SIEMs and data lakes, smoothly enabling security operations or XDR/MDR services with rich details of web and cloud activity including data flows.
Matthew Polly, Vice President of Worldwide Alliances, Channels and Business Development, CrowdStrike says: "Today’s complex threat landscape requires a modern security strategy that includes shared telemetry between solutions, providing actionable intelligence to joint customers. This allows security teams to more effectively defend their organizations from sophisticated cyber actors.
“We are excited to participate in Netskope’s Cloud Exchange by sharing our IOCs and contextual device assessment, enabling customers to more easily implement a Zero Trust framework and protecting their applications, data and users from cyber-attacks.”