Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2022

How Netskope SSE Prevents Insider Threat Kill Chain

Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data-centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

SD-WAN and Security Service Edge (SSE): Building Blocks for SASE

If you work in networking or security, you have probably gotten used to the acronym stew that makes up the technology industry at times. By now you have surely heard the latest buzzword and what industry analysts have coined as security service edge (SSE). SSE is essentially the consolidation of Firewall-as-a-Service (FWaaS), secure web gateway (SWG), cloud access security broker, and Zero Trust Network Access (ZTNA) delivered as a cloud service.

Netskope Threat Coverage: HermeticWiper

In January 2022, Netskope analyzed a destructive malware named WhisperGate, wiping files and corrupting disks during the aftermath of a geopolitical conflict in Ukraine. On February 24, the conflict escalated with Russian attacks in Ukraine, followed by a series of DDoS attacks against Ukrainian websites. On February 24, 2022, a new malware called HermeticWiper was found in hundreds of computers in Ukraine. HermeticWiper corrupts disks on infected systems, similar to WhisperGate.

Microsoft Office: VBA Blocked By Default in Files From the Internet

In January 2022, Microsoft announced that Excel 4.0 macros will be restricted by default, as a measure to protect customers against malware based on XLM 4.0 macros. As a more aggressive measure, on February 07, 2022, Microsoft announced that they will start blocking VBA macros for files downloaded from the internet.

Building Operational Efficiency in Your SOC with Better Visibility

As security operations leaders, we are burdened with a large responsibility. The expectation is that we can respond to alerts as soon as possible and be able to investigate immediately. It sounds simple, but in today’s cyber threat landscape we are faced with growing threat vectors and a sheer volume increase in overall alerts or notifications. Failure to respond quickly enough or investigate the right areas could result in huge impacts to the organizations we are responsible for.

Cloud Threats Memo: Keeping Collaboration Apps Secure

During the pandemic, collaboration apps such as Microsoft Teams and Zoom have played an important role in connecting the distributed workforce and helping organizations to cope with the so-called “new normal.” Even if we are finally starting to see the light at the end of the tunnel (and this time it’s a real light), the world won’t be exactly the same as it was before.

Security Service Edge (SSE) is a Profound Moment for Cloud, Data, and Network Security

Today we are very excited to share that Netskope has been named a Leader in the 2022 Gartner ® Magic Quadrant ™ for Security Service Edge (SSE). This Magic Quadrant for SSE* is the first such SSE analysis of its kind, and I invite you to read the full SSE report (available here) to learn how Netskope was recognized for its completeness of vision and ability to execute.

Talking About the CISO Mental Health Crisis

For the past 20 years, I’ve served as CISO for companies across different sectors. In this role, I have shouldered responsibility for protecting each organization from a wide swath of rapidly developing cybersecurity threats. I have also learned firsthand how much stress security leaders face day-to-day. Recent conversations with my peers have shown stress in cybersecurity is an industry-wide problem. The CISO role is one of the most stressful in any organization.

Navigating Change Results - The CISO and CTO View

The Results are In Diverse approaches, but consistent cost savings. Our latest research shows European CIO and CISO intentions and practices at a time of huge security and networking change. See the key findings, dig into the results and hear analysis of what it all means directly from our EMEA CISO Neil Thacker and VP Vice President, Sales Engineering, EMEA/LATAM, Andy Aplin. What does network and security transformation mean in practice for teams, budgets, skills and suppliers? View our video & infographic for the key headlines – then request our Ebook for the full picture.

Cloud Threats Memo: Why Multi-Factor Authentication is a Must-Have

Despite the growing interest in cloud accounts by opportunistic and state-sponsored actors, too many organizations fail to implement basic security measures to protect their cloud apps, such as multi-factor authentication (MFA) for administrators and users. This is the concerning finding of a report recently released by Microsoft, according to which just 22% of Azure Active Directory customers implement strong authentication mechanisms such as MFA or passwordless authentication.

Understanding Data Context and Successful Zero Trust Implementations in 5 Scenarios

The nature of business today is increasingly decentralized. Cloud applications are exploding. Data is everywhere. And a large number of users will continue to work remotely even post-COVID-19. While all of these things increase business agility, they also increase an organization’s attack surface. The concept of Zero Trust is generating a lot of buzz as a panacea for these new risk exposures—and for good reason.

NewEdge, You've Come a Long Way Baby

Just over three years ago, Joe DePalo joined Netskope as Senior Vice President of Platform Engineering. He had most recently led the infrastructure design and build-out at AWS, the world’s largest public cloud, and prior to that, engineering and operations for one of the largest content delivery networks (CDNs) at Limelight Networks.

Cloud Threats Memo: New Malicious Campaign Using GitHub for Command and Control

State-sponsored threat actors continue to exploit legitimate cloud services. In their latest campaign, uncovered by Malwarebytes during January 2022, the North Korean group Lazarus (AKA HIDDEN COBRA) has been carrying out spear phishing attacks, delivering a malicious document masquerading as a job opportunity from Lockheed Martin (37% of malware is now delivered via Office documents).

Tanium and Netskope: Delivering Continuous Device Classification

Netskope is a leading provider of cloud security with its security service edge, single-pass architecture. Using clients to steer traffic to the Internet through the Netskope Security Cloud means that customers can securely enable data moving into and out of the distributed corporate environment. But this traffic has to originate from an endpoint—and endpoints can be compromised. How do organizations know whether SaaS traffic originating from an endpoint is potentially compromised or at risk?