Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Netskope

A Real-World Look at AWS Best Practices: Password Policies

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

The Right Steps to SASE: Place Core Inspection Points Between Users and Apps

This is the third in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. With a Next Generation Secure Web Gateway (NG-SWG) firmly in place and your visibility into all your traffic dramatically increased, one thing is certain: You may not like what you see next. Are your people using Microsoft Office 365? Salesforce? Workday? Box? The answer is almost certainly, yes.

3 Key Observations on Network and Security Transformation

Recently I attended another great Evanta CIO event, and in the course of a day packed with excellent talks and knowledge-sharing opportunities, I had the opportunity to sit down and discuss the topic of network and security transformation with Stuart Hughes, the CIDO at Rolls Royce. Stuart shared his experiences over the past 18 months, discussing how the pandemic—among other things—had changed his strategic approach to security.

Improving Web Security User Experience with HTTP/2

More than half of websites today support HTTP/2 for an improved user experience as web developers continue to move off HTTP 1.1. That’s for several good reasons. HTTP 1.1 can support six concurrent TLS tunnels with one session each to download web objects in popular web browsers, but HTTP/2 uses multiplexing to support thousands of sessions in one TLS tunnel and download web objects much faster.

Expanding the Netskope-Microsoft Relationship: Microsoft Intelligent Security Association

Netskope is proud to be a member of the Microsoft Intelligent Security Association! We provide adeep and effective ability to leverage the Microsoft Azure Information Protection (AIP) and Microsoft Information Protection (MIP) feature sets available to E3 and E5 customers who are connecting not only to Microsoft cloud services, but to a wide range of non-Microsoft cloud storage solutions and Internet services.

The Right Steps to SASE: Gain Awareness and Visibility

The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the second in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. The first step in solving any problem is admitting there is one.

Ask SME Anything: Which legacy technologies are being made obsolete by SASE?

Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

Cloud and Threat Report: Gone Phishing

The total number of phishing attacks doubled in 2020, with phishing for cloud credentials, specifically SaaS and webmail app credentials, accounting for nearly a third of the targets of phishing campaigns. Over the same period, we saw cybercriminals hosting 13% of their baits in cloud apps. This blog post summarizes the top phishing trends from 2020 and looks forward at what to expect for the rest of 2021.

Cloud Threats Memo: Keeping Distributed Workforces Secure

Thanks to the growing availability of vaccines and immunization campaigns in multiple countries, the world is starting to see a light at the end of the COVID-19 tunnel. We are eager to return to a new normal, being aware that some changes will be permanent, or if not permanent will strongly characterize the next years.

Cloud Threats Memo: How Contact Tracing and Personal Cloud Apps Led to a Huge PII Exposure

COVID-19 contact tracing and personal cloud apps, what could possibly go wrong? A recent federal lawsuit, filed against the state of Pennsylvania and a vendor contracted by the state’s Department of Health, provides an interesting answer. The vendor in question was contracted “to provide contact tracing and other similar services” following the outbreak of COVID-19 in March 2020.