Netskope Cloud Exchange Case Study

Security
Written By Malhar Shah

Crest Data collaborated with Netskope to design and develop a horizontally scalable solution that was easy to deploy on customer premises

Home > Case Studies > Netskope Cloud Exchange Case Study

 

Executive Summary

Netskope needed an on-premise, scalable, and extensible solution for their customers which can

automate sharing of threat intelligence among Netskope and other third party platforms, create tickets based on generated Netskope alerts, and forward device event logs to customer's SIEMs.

Headquartered in Santa Clara, CA, Netskope takes a data-centric approach to cloud security, protecting data and users everywhere. The Netskope Security Cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Netskope understands the cloud and delivers data-centric security from one of the world’s largest and fastest security networks.

 

Business Challenge

  • The solution had to be extensible to ease the support of new threat sources, SIEMs, and ticketing platforms.

  • Considering the large volume of events that needed to be ingested, making a solution that can scale and keep up with the volume was one of the primary challenge.

 

Customer Solution

Crest Data collaborated with Netskope to design and develop various use cases and came up with a horizontally scalable solution that was easy to deploy on customer premises. It included these major features:

  • A plugin based architecture allowing customers to develop and upload their own plugins to integrate with new platforms.

  • Ability to share malware and malsite information among Netskope and other threat providers.

  • Ability to create tickets or receive email/messages based on specific Netskope security alerts.

  • Ability to ingest Netskope security events into various customer SIEMs.

  • Ability to monitor user risk scores and orchestrate actions on users based on the changes in their risk level.

The Crest Difference

The solution developed by Crest Data helped:

  • Allow Netskope customers to easily integrate with multiple 3rd party threat intel providers.

  • Security analysts to receive alerts and tickets in real time into their ticketing management platforms.

  • Allow customers to ingest critical logs into their SIEM.

Malhar Shah
Previous

Splunk Add-on for PureStorage Flashblade
Next

Google Chronicle GOLD Parser