Netskope One AgentSkope adds ZTNA and DEM agent capabilities

Netskope used its Netskope One AgentSkope framework to introduce network operations-focused agents aimed at policy maintenance for ZTNA and faster digital experience diagnosis. The updates matter to enterprise IT and security teams managing access governance and service assurance.

Research Overview

The blog frames access governance work as a recurring operational problem, citing Microsoft’s claim that 90% of identities are over-privileged while fewer than 5% of granted permissions are used. It links over-privileged accounts to attacker behavior such as lateral movement toward sensitive data.

For digital experience operations, the blog describes troubleshooting as a process that spans multiple telemetry sources and often requires manual review. It ties the resulting delays to higher MTTD and MTTR and growing ticket backlogs.

Key Findings

The first agent described targets ZTNA operations by reviewing traffic to find where access rules can be narrowed and exceptions can be tightened. The goal stated in the blog is to keep ZTNA policies accurate and aligned with least-privilege as environments change.

The second set of agents focuses on digital experience monitoring within Netskope One Digital Experience Management (DEM), positioning AI agents to automate triage and investigation for faster root cause analysis. The blog states these agents aim to shorten the time from performance degradation to operational insight and remediation actions.

Technical Breakdown

For policy management, the blog introduces the Netskope Private Access AIOps Agent, describing it as a way to address operational gaps after ZTNA is deployed. It states the agent reviews traffic to identify access that is wider than needed and to surface privileges that can be tightened or removed.

For digital experience monitoring and troubleshooting, the blog describes the Netskope DEM Data Intelligence Agent as analyzing telemetry to identify drivers of performance degradation and guide teams to the data explaining why an issue occurs. It also says analysts can interact using plain English to access diagnostic information without complex query languages.

The blog further introduces the Netskope DEM Insights Agent, which it describes as distilling large volumes of telemetry into a narrative-driven incident discovery view. It states the agent identifies reasons behind degradation, highlights performance issues across ISPs, regions, device health, or application latency, and provides an executive-level view intended to reduce mean-time-to-understanding.

Operational Impact

The policy agent is presented as reducing the manual effort involved in identifying where permissions can be de-permissioned or corrected as application usage changes. The blog also describes the problem as scaling poorly across cloud expansion and mergers and acquisitions.

For DEM, the blog says the agents support accelerated root cause analysis, faster and more accurate ticket triage, and reduced manual discovery requirements. It also references a cited estimate of downtime cost to underscore why quicker diagnosis matters to support teams and user productivity.

In addition, the blog notes that Netskope produced demo videos for the new add-on agents and points readers to an Agent Library for those clips. It also states that details about three other agents for security and SecOps teams appear in part one of the series.