May 2, 2023

Validating and Optimizing your Security Service Edge Posture with SafeBreach and Netskope

Enterprise security operations teams find it increasingly difficult to maintain a hardened posture against advanced network and cloud threats. Given the rapid adoption of cloud platforms and software-as-a-service (SaaS) tools, cloud application traffic has overtaken web traffic to dramatically expand the attack surface. As a result, overreliance on traditional security controls can lead to increased blind spots, and control misconfigurations can create significant business risks.

How SafeBreach and Netskope Combat These Challenges Together

The SafeBreach and Netskope joint solution helps security organizations combat these challenges by continuously validating and optimizing their Security Service Edge (SSE). The offering combines continuous security validation—powered by the SafeBreach breach and attack simulation (BAS) platform—with Netskope Intelligent SSE, a comprehensive suite of products designed to mitigate data and cloud risk through integrated, adaptive zero-trust controls.

SafeBreach safely executes various cloud and web attacks that trigger Netskope’s detection and protection capabilities. The SafeBreach platform then continuously fetches and correlates security events and alerts from Netskope Intelligent SSE to provide visibility per simulated attack to validate if it was able to detect or block the threat, and ensure appropriate alerts are configured. This context (including results of simulated attacks and associated remediation information) is available to security analysts via SafeBreach Insights to appropriately update Netskope Intelligent SSE policies to detect such attacks in the future. 

“Using Safebreach ensures that your security controls are configured properly and protecting your organization against the latest threats. Safebreach makes it easy to identify and test your defenses, proactively identifying gaps so that you can focus your resources on addressing them. For Netskope Intelligent SSE customers, Safebreach not only confirms that Netskope is properly configured and deployed, but also tests the other security controls they have in place,” commented Netskope’s Threat Research Director, Raymond Canzanese, Jr.

Supported Use Case

Validate Internet & Cloud-Access Configurations & Policies

The dedicated SafeBreach Labs team monitors the threat landscape 24/7 to ensure the SafeBreach Hacker’s Playbook includes coverage for the latest indications of compromise (IOCs) and tactics, techniques, and procedures (TTPs). SafeBreach then uses this coverage to validate an organization’s security posture by safely and continuously executing attacks from known threat groups to provide visibility into which cloud controls prevented,  detected, or missed an attack. The integration with Netskope Intelligent SSE tests advanced cloud and web application attacks against Netskope to validate which threats and associated IOCs were blocked. When IOCs or threats are missed, SafeBreach Insights provides security teams with raw IOC data that can be used to optimize Netskope Intelligent SSE threat detection policies.

Together SafeBreach and Netskope Intelligent SSE

  • Provide unparalleled visibility into cloud readiness and enterprise security posture
  • Optimize prevention and detection abilities of Netskope Intelligent SSE against advanced cloud and web application threats
  • Enable continuous improvement of alerting accuracy and prevent drift in detection rules and policies

To learn more about Netskope’s integration with SafeBreach, request a demo.

Get the latest
research and news