Przejdź do głównej zawartości
  • Szybkie i łatwe składanie zamówień
  • Wyświetlanie zamówień i śledzenie stanu wysyłki
  • Tworzenie i dostęp do listy produktów
Niektóre numery artykułów mogły ulec zmianie. Jeśli szukasz czegoś innego, spróbuj wyszukać wszystkie artykuły. Wyszukaj artykuły

How To View Security Posture Compliance in Netskope

Podsumowanie: Netskope SaaS Security Posture Management compliance can be viewed by following these instructions.

Ten artykuł dotyczy Ten artykuł nie dotyczy Ten artykuł nie jest powiązany z żadnym konkretnym produktem. Nie wszystkie wersje produktu zostały zidentyfikowane w tym artykule.

Instrukcje

Netskope SaaS Security Posture Management (SSPM) continuously audits all the Software as a Service (SaaS) resources to identify compliance rule violations. The Security Posture page provides the status of the checks on all the compliance rules and SaaS resources.


Affected Products:

  • Netskope

Affected Versions:

  • Release 86 and Later

SaaS Security Posture Management is a new service that provides an organization insight into their security posture of SaaS applications.

To view security posture compliance:

  1. In a web browser, go to the Netskope web console:
    • United States Datacenter: https://[TENANT].goskope.com/
    • European Union Datacenter: https://[TENANT].eu.goskope.com/
    • Frankfurt Datacenter: https://[TENANT].de.goskope.com/
Note: [TENANT] = The tenant name in your environment
  1. Log in to the Netskope web console.

Netskope web console

  1. From the home page, click API-enabled Protection.

API-enabled Protection

  1. In the API-enabled Protection menu under COMPLIANCE, click Security Posture.

Security Posture

  1. The Security Posture page loads and displays the current assessment of your SaaS environments.

Security Posture page

Note: The Security Posture page provides the last updated date and time in Coordinated Universal Time (UTC).

The Export button exports the data on the Security Posture page into a CSV file for offline access. You can export all displayed columns or select specific columns, export either all or some rows, and provide the CSV file name.

The view can be switched between Raw Findings, Rules, and Resources to view the audit results. All three views may also have a Filter applied. Raw Findings and Rules views may have Rule Details displayed. Click the appropriate task for more information.

Raw Findings

The Raw Findings tab allows you to view the compliance findings of your rules and resources. This page provides an aggregated list of all the rules and resources that have failed, passed, remediated, and muted. You can select the check box beside a rule or select multiple check boxes and mute or unmute rules.

The Raw Findings tab displays the following information:

  • Has Error: Rules that have errors.
  • Status: Status of the rule when checked against the resource. If the resource contains rule violations, the rule status shows Failed.
  • Profile: The name of the profile against which the rule is checked.
  • Policy: Name of the security posture policy.
  • Severity: The level of severity of the violation. There are four levels: Critical, High, Medium, and Low.
  • Cloud Provider: The cloud service provider. Netskope provides security for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Microsoft 365, GitHub, and Salesforce.
  • Instance Name & ID: Name of the SaaS account instance and ID.
  • Region Name: The location of the account.
  • Resource Category: The SaaS resources category.
  • Resource Type: The SaaS resource type.
  • Failing Since: The date since the rule is failing.
  • Muted: Status If the rule is muted.
  • Compliance Standard: Gives a brief description of the rule.
Note: The default, the Raw Findings page displays status, Rulename, Severity, Resource Name, Cloud Provider, Instance Name & ID, Resource Category, and Resource Type.

Rules

The Rules tab displays information about rules compliance.

The Rules tab displays the following information:

  • With Errors: The total number of rules with errors.
  • Rules Failed: The total number of compliance rules that failed against a resource.
  • Rules Passed: The total number of compliance rules that passed against a resource.
  • Total Rules: The total number of compliance rules checked against a resource.
  • Status: Status of the rule when checked against the resource. If the resource contains rule violations, the rule status shows Failed.
  • Name: The compliance rule name.
  • Severity: The level of severity of the violation. There are four levels: Critical, High, Medium, and Low.
  • Resource Category: The SaaS resources category.
  • Resource Type: The SaaS resource type.
  • Cloud Provider: The cloud service provider. Netskope provides security for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Microsoft 365, GitHub, and Salesforce.
  • # Failed Resources: The total number of resources that failed the compliance rule.
  • # Unknown Resources: The total number of unknown resources.
  • # Passed Resources: The total number of resources that passed the compliance rule.
  • # Total Resources: The total number of resources checked against a compliance rule.
Note: By default, the Rules tab displays Status, Name, Severity, Resource Category, Cloud Provider, # Failed Resources, # Passed Resources, and # Total Resources.

Resources

The Resources tab displays information about the SaaS resources.

The Resources tab displays the following information:

  • With Errors: The total number of resources with errors.
  • Status: Status of the resource when checked for compliance. If the resource contains rule violations, the resource status shows Failed.
  • Name: The resource name.
  • Region: The location of the account.
  • Resource Category: The SaaS resources category.
  • Resource Type: The SaaS resource type.
  • Cloud Provider: The cloud service provider. Netskope provides security for Amazon Web Services, Microsoft Azure, Google Cloud Platform, Microsoft 365, GitHub, and Salesforce.
  • Account: The account name of the SaaS service.
  • # Failed Rules: The total number of compliance rules that failed against a resource.
  • # Unknown Rules: The total number of unknown rules.
  • # Passed Rules: The total number of compliance rules that passed against a resource.
  • # Total Rules: The total number of compliance rules checked against a resource.
Note: By default, the Resources tab displays Status, Name, Resource Category, Account, # Failed Rules, # Passed Rules, and # Total Rules.

Filters

By default, the Raw Findings, Rules, and Resources pages display the latest audit results. You can choose to view the results for a specific date.

  1. Click the Time drop-down and either:
    • Select Latest Result and then go to Step 3.
    • Select As of Date to select a specific date and then go to Step 2.

Time drop-down

  1. Specify the date and time in the date picker and then click Apply.

Selecting date and time

  1. Record the audit result findings.

Audit results can be filtered by selecting Resource Category, Tags, and Cloud Provider. To further narrow the results on the page, click Add Filter and select an option from the list.

You can choose to filter based on the following options.

  • Status: Select Failed or Passed.
  • With Error: Select Yes or No.
  • Muted: Select Yes or No.
  • Last Remediation Status: Select None, Started, Completed, or Error.
  • Remediated By: Select Auto-remediation or On-demand remediation.
  • Rule name: Select Rule Name and enter a rule name in the search field.
  • Profile: Select a security assessment profile from the list.
  • Policy: Select security assessment policy from the list.
  • Severity: Select a severity level. There are four levels: Critical, High, Medium, and Low.
  • Compliance Standard: Select or search for a compliance standard. For example, NIST-CSF-1.1.
  • Resource Name: Select Resource Name and enter a resource name in the search field.
  • Netskope Resource ID: Select Netskope Resource ID and enter a resource ID in the search field.
  • Account: Select Account Name and enter an account name in the search field.
  • Region: Select Region and select a region from the list or enter the region in the search field.

You can click a rule in the rules table in the Rules or Raw Findings pages to view detailed information about the rule. The Rule Detail window provides a description of the rule.

The window contains the following tabs:

  • Definition: The rule syntax defining the predefined or custom rule. Custom rules can be defined using Domain Specific Language.
  • Remediation: The remediation action to be performed to remediate the violation. Some rules also provide manual steps to remediate the violation.
  • Compliance: The various compliance standards that the rule satisfies. This tab provides the compliance standard, section, control, and description of the rule defined in the compliance standard's documentation.
  • Other: Displays the rule description, service the resource uses, and rule type; custom or predefined.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

 

Dodatkowe informacje

 

Filmy

 

Produkty, których dotyczy problem

Netskope
Właściwości artykułu
Numer artykułu: 000189289
Typ artykułu: How To
Ostatnia modyfikacja: 22 lis 2023
Wersja:  5
Znajdź odpowiedzi na swoje pytania u innych użytkowników produktów Dell
Usługi pomocy technicznej
Sprawdź, czy Twoje urządzenie jest objęte usługą pomocy technicznej.