Netskope Cloud TAP Integrations with NDR and Beyond

The Netskope One platform is advancing with improved integration capabilities that enhance its compatibility with existing security and networking systems. The introduction of Netskope Cloud Test Access Points (TAP) facilitates traffic packet captures (PCAPs) for outbound traffic from remote users or offices, supported by the NewEdge network spanning over 75 data centers in 220 countries.

Product Update

The visibility gained through network and Cloud TAP is essential for security, networking, infrastructure, and operations teams. Key benefits include traffic visibility for troubleshooting, performance monitoring, detection of advanced threats and Command and Control (C2) callbacks, asset discovery, and compliance use cases.

Technology Strategy

Through Cloud TAP, Netskope promotes secure integrations with third-party solutions for Network Detection and Response (NDR) and Network Performance Monitoring (NPMO) (Network Performance Monitor (NPM)). This is accomplished by providing either encrypted traffic and session keys to partners or decrypting traffic within a secure environment, thereby enhancing visibility and security.

Customer Use Cases

Netskope and Arista

The partnership with Arista utilizes their Data Analyzer (DANZ) for network TAP aggregation, enabling effective traffic capturing and analysis. This collaboration supports continuous visibility and enables security and operations teams to efficiently aggregate network and cloud traffic for security tools.

Netskope and Corelight

The integration with Corelight enhances security visibility by combining Corelight's network insights with traffic packet data from Netskope Cloud TAP, improving threat detection and incident response capabilities.

Netskope and Darktrace

Darktrace's support for ingesting encrypted network traffic and packet captures from Cloud TAP utilizes Artificial Intelligence (AI) to detect threats more effectively by modeling behavior with new data inputs.

Netskope and ExtraHop

This collaboration allows Cloud TAP to feed encrypted traffic and session keys to ExtraHop RevealX, enhancing threat detection and user experience through detailed analysis and forensic investigations.

Netskope and NetWitness

The integration provides deep visibility into Software-as-a-Service (SaaS) and Infrastructure-as-a-Service (IaaS) environments, leveraging encrypted packet captures to improve threat detection capabilities across various platforms.

Netskope and Vectra AI

Vectra AI gains additional insights by integrating packet broker metadata with its platform, allowing for comprehensive threat detection across hybrid environments.

File Management and Threat Sharing Integrations with Cloud TAP

Netskope and Cohesity

The partnership enables the secure storage of encrypted traffic captures through Cohesity, enhancing performance monitoring and analysis efforts.

Netskope and Commvault

Joint integration with Commvault strengthens cyber resilience by providing secure storage solutions while utilizing exchanged threat intelligence to enhance overall security posture.

Conclusion

The launch of Netskope Cloud TAP, supported by the NewEdge network, represents a notable enhancement in enterprise packet capture capabilities. The growing array of integrations with networking and NDR partners emphasizes the demand for increased visibility in cloud environments, addressing the challenges posed by cloud security platforms.