Netskope

By integrating Netskope with ThreatDefence via Netskope’s REST APIs and log streaming capabilities, you can ingest cloud activity, data loss prevention (DLP) alerts, and user behavior events directly into ThreatDefence for centralized visibility and control.

This integration enables ThreatDefence to monitor user interactions across SaaS, IaaS, and web applications—correlating cloud risk signals with broader security data to detect insider threats, enforce policies, and enhance incident response across your environment.

Step 1. Obtain API Key

Log in to your Admin Console using your login URL.
- Example: https://<tenant-name>.au.goskope.com
Once logged in, ensure the REST API is enabled for your tenant.
Netskope Enable REST API
Navigate to the REST API v2 page and select New Token.
Netskope New Token
Enter your token name and expiration date.
Netskope Token Configuration
Select Add Endpoint and configure the events you want to collect.
- Ensure that each endpoint is granted read access.
Netskope Add Endpoint
When finished, click Save and Copy Token.
- Store the token in a secure location.
Netskope Copy Token

Step 2. Configure ThreatDefence Integration

Provide the following information to your ThreatDefence representative at [email protected]:

Netskope URL
API Key

Support

For questions or assistance, please contact: [email protected]

PreviousContent Security NextCato Networks

Last updated 26 days ago