Netskope’s Cloud Threat Exchange Features VMware Carbon Black, CrowdStrike, More

By | Managed Services News

Sep 03

The Cloud Threat Exchange is free and open to Netskope partners, vendors and customers.

Netskope‘s new Cloud Threat Exchange allows partners, vendors and customers to share cloud threat intelligence with each other to improve response time.

The Cloud Threat Exchange is free and users collaborate on sharing indicators of compromise (IOCs). They can use it to automate the delivery and distribution of threat intelligence. This reduces the time to protect and eliminate gaps in coverage.

Cloud Threat Exchange is supported by members certified by Netskope. They include VMWare Carbon Black, CrowdStrike, Cybereason, Mimecast, SentinelOne and ThreatQuotient.

Together, they help mutual customers maximize the benefit of their protections by leveraging threat intelligence across multiple enforcement points, the company said.

Help for MSPs and MSSPs

Krishna Narayanaswamy is Netskope’s CTO.

Netskope's Krishna Narayanaswamy

Netskope’s Krishna Narayanaswamy

“The Cloud Threat Exchange (CTE) helps MSP/MSSP providers improve their security posture,” he said. “The MSP/MSSP providers support multiple security solutions to address different types of threats. The threat detection capabilities vary among different solutions. So the ability to leverage the IOCs from one solution to another provides broader coverage for threats across all the solutions compared to just using the native detection capabilities of the individual solutions.”

Cloud Threat Exchange’s flexibility makes it possible for a relationship directly between peers that doesn’t require intermediation by Netskope.

“The CTE will provide a competitive edge to organizations using it,” Narayanaswamy said. “The benefit of deploying CTE is to have a much more effective threat detection capability compared to not using it.”

More effective and timely threat detection will reduce the chances of data breaches, he said. Data breaches affect brand reputation and potentially causes hefty fines imposed by data regulations.

It also increases users’ productivity. That’s because they don’t have to deal with down time needed to remediate and clean infected systems.

Cloud Threats Spike During Pandemic

According to Netskope’s August 2020 Cloud and Threat Report, cybercriminals continue to use the cloud as an attack vector in new ways. And this has been exacerbated by the surge in remote working caused by the COVID-19 pandemic.

Between Jan. 1 and June 30, cloud malware delivery and cloud phishing were the two most common types of cloud threats. These challenges require multiple defenses with unique capabilities and focus points to share timely threat intelligence.

For example, a threat actor might combine multiple types of attacks including phishing, malware and data theft. An organization improves its capabilities to stop such an attack by sharing details of the threats across all of their protections.

“We believe that the future of timely and effective security controls is going to be driven by automation,” Narayanaswamy said. “Security solution vendors are increasingly exposing APIs to share and ingest threat intelligence data. This in turn drives the need for solutions like CTE to help connect these disparate systems to achieve an end result that is much greater than the sum of what the individual security systems can provide.”

“The sharing of threat data between solutions is paramount in the fight against the growing onslaught of attacks our customers face on a daily basis,” said Julian Martin, Mimecast‘s vice president of business development. “Mimecast will now be able to identify an attack at the email gateway and by utilizing Cloud Threat Exchange, can immediately notify the other solutions within the security architecture. This will vastly improve joint customers’ speed of response and alleviate any potential risk to the business.”

About the Author

>