Netskope, the SASE leader, has introduced Cloud Exchange, a suite of integration modules from Netskope and strategic partners that make customers’ existing security infrastructure much more efficient at stopping cloud security threats. Cloud Exchange, which is free to Netskope customers, successfully enables cloud-based data and intelligence sharing across security and IT operations teams, helping those teams act faster and more effectively.
Cloud security risks continue to grow, a trend further accelerated by the pandemic-driven shift to remote work. According to Netskope Threat Labs research, cloud-delivered malware has reached an all-time high as of the second half of 2021, accounting for nearly 70% of malware delivery overall. Solving myriad web and cloud security challenges requires teams to proactively share actionable threat intelligence and use tools that draw on the best of multi-vendor integrations to shorten time-to-value, reduce friction in the delivery of security services, and increase the overall effectiveness of infrastructure.
“Teams endure security operations complexity and often struggle to operationalize the valuable telemetry and threat intelligence that would make their security infrastructure more efficient,” said Andy Horwitz, Vice President, Business Development, Netskope. “With Cloud Exchange, we’re removing complexity and helping all customers get more out of the investments they’ve made in their security stack. We’re very pleased to collaborate with important partners in security and workflow management to make this easy today.”
New or enhanced Cloud Exchange integration modules announced today include exporting logs, automating service tickets, sharing indicators of compromise (IOCs), and exchanging risk scores, delivered by Netskope with integrations for well-known technology partners and domain specialists. Cloud Exchange modules include the following:
● Cloud Threat Exchange (CTE) enables automated bi-directional IOC sharing of file hashes and malicious URLs, such as between Netskope and CrowdStrike for the latest in ransomware and threat intelligence. CTE has plug-ins for multiple security vendors, industry standards STIX and TAXII, plus customers can create their own CTE plug-ins.
● Cloud Ticket Orchestrator (CTO), new this year, automatically creates service tickets from Netskope alerts within IT service management and collaboration tools such as those from Atlassian, PagerDuty, ServiceNow, and Slack, helping to automate response workflows.
● Cloud Risk Exchange (CRE) enables the exchange and normalization of risk ratings between security solutions, such as Zero Trust Assessment (ZTA) for devices from CrowdStrike and user confidence index (UCI) risk ratings from Netskope. CRE enables adaptive policy controls to support zero trust principles, and can automatically invoke CTO service tickets to trigger investigations.
● Cloud Log Shipper (CLS) exports Netskope logs to preferred SIEMs and data lakes, smoothly enabling security operations or XDR/MDR services with rich details of web and cloud activity including data flows.
Cloud Exchange integration modules support high availability deployments and are available free to Netskope customers via Netskope, Github, and AWS Marketplace.