CLOUD CONNECTOR

Netskope

The Netskope Security Cloud provides visibility and real-time data and threat protection when accessing cloud services, websites, and private apps on multiple device formats.

Securonix integrates with the Netskope REST API , ingesting detected threat events such as malware, suspicious files, malicious sites, credential theft, data exfiltration, and others. It then correlates them with events from across the rest of the enterprise security infrastructure in order to identify and mitigate threats.

Data Source Types Related Threats Use Cases/Threat Packages Details
Alerts Malware As indicated Malware, Suspicious Files, Beaconing etc. Malware detected
Alerts Malicious Site As indicated Malware Traffic detected to malicious site
Alerts Compromised Credential As indicated Credential Theft, Fraud Possible Compromised Credential
Alerts Anomaly As indicated Suspicious Behavior Unusual/Suspicious Behavior/Unknown Threat
Alerts DLP As indicated DLP DLP
Alerts Watchlist As indicated As indicated Watchlist entity detected
Alerts Quarantine As indicated As indicated Suspicious file/data quarantined
Alerts Policy As indicated As indicated Policy triggered
Alerts Legal Hold As indicated DLP Legal file hold exercised
Alerts Remediation As indicated SOAR Remediation action for infected machine
Events Audit NA NA NA
Events Page NA NA NA
Events Application NA NA NA
Events Infrastructure NA NA NA