Overview

Netskope One DSPM is a data security posture management (DSPM) platform that automates data security and governance controls, on-prem and in your cloud, to protect your data throughout its entire journey. We provide visibility, control, and remediation for structured, semi-structured, and unstructured data across cloud and on-prem databases, data lakes, and data warehouses. With Netskope One DSPM, you get robust Data Security Posture Management (DSPM), Data Access Governance (DAG), and Data Detection and Response (DDR), enhancing compliance and audit readiness.

Follow these instructions to easily integrate Cohesity and Netskope One DSPM, incorporating the latter’s DSPM insights to identify gaps in your data protection program and ensure the safeguarding of your most sensitive assets.

More information on this integration is available on the Cohesity Marketplace.

Integration Overview and Benefits

Managing and securing data across dispersed environments is a significant challenge in today's complex data landscape. Netskope One DSPM, joining Cohesity’s Data Security Alliance, provides a unified solution that revolutionizes data security posture management (DSPM) and data protection across multi-cloud and on-premises infrastructures.

Our collaboration integrates Netskope One DSPM’s robust DSPM capabilities with Cohesity’s AI-powered data security and management platform. This synergy offers a consolidated view of your data estate, enhancing compliance and mitigating risks.  For example, this integration can reveal previously uncovered data assets with personally identifiable information (PII) that were not backed up. This information enables IT backup administrators to adjust protection priorities and provides security teams with the data to fulfill their protection mandates effectively.

There are many key benefits:

• Enhanced Data Discovery: Automate sensitive and critical data detection across cloud, on-prem, and hybrid environments, improving oversight and control of your data landscape.
• Resilient Data Security Posture: Proactively identify and rectify vulnerabilities within cloud workloads, ensuring comprehensive data protection and swift incident recovery.
• Advanced Risk and Compliance Reporting: Strengthen your cybersecurity frameworks with enhanced risk assessments and compliance reporting, building a more resilient and secure data infrastructure.

…which lead to several core advantages and value outcomes:

• Unified Data Visibility and Control: Comprehensive monitoring of all data assets, enhancing governance and risk management.
• Enhanced Data Security and Compliance: Improved defense against cyber threats and simplified compliance with regulatory standards such as GDPR and CCPA.
• Optimized Data Protection Strategies: Cohesity's scalable backup and disaster recovery solutions complement Netskope One DSPM’s classification and protection of overlooked data assets.
• Proactive Risk and Configuration Analysis: Identification of misconfigurations and security gaps with immediate remediation capabilities, ensuring data integrity and security.
• Streamlined Operational Efficiency: Reduction in manual efforts and minimized risks, accelerating the time-to-value for data management initiatives.

Supported Services

The Netskope One DSPM / Cohesity integration supports the following services:

• AWS RDS
  • MariaDB
  • MySQL
  • Oracle
  • PostgreSQL
  • SQL Server
  • Aurora
• AWS S3

Setting Up Netskope One DSPM

If you don't already have access to Netskope One DSPM, please email support@netskope.com and include the following information:

• Your request for a new Netskope One DSPM-hosted application
• The full name and email address for the user you wish to be application administrator

Your assigned support representative will respond with the following:

• Details on how to access your new Netskope One DSPM application.  
• A link for accessing our private knowledge base.

Generate Cohesity API Key

Within your Netskope One DSPM instance, click on Administration → Integrations from the left-hand navigation. A drawer will open with instructions for connecting with Cohesity. 

Follow the links to the Cohesity console to sign in and access the API Keys tab under Access Management. After inputting a name and generating an API Key, copy and paste the value into the Cohesity API Key field pictured above.

Click Connect to complete the connection and start integrating with Cohesity. You can also disconnect at any time by editing the connection and clicking Disconnect from the Integrations page. You'll see a popup to confirm Cohesity data removal upon disconnecting.

Configuring Netskope One DSPM

Once you have access, there are two main configuration activities to perform in Netskope One DSPM. Once complete, information will flow between systems:

1. Onboard your AWS Infrastructure Connections
2. Connect your data stores

Links to specific knowledge base articles are included below, or you can contact your CSM for assistance.

Onboard Infrastructure Connections

Unlike Cohesity, which connects to AWS using AWS KMS keys, Netskope One DSPM connects to AWS using IAM roles. This is necessary to provide us with the full permissions necessary to fully-analyze your data stores and provide accurate classification. These roles can be created using either CloudFormation or Terraform.

Each AWS account you onboard as a Cohesity Source must also be onboarded as a matching Netskope One DSPM Infrastructure Connection. See the following articles for specific steps, depending on your preferred tool (be sure to first authenticate to our KB using the link provided by Netskope One DSPM support):

• Onboarding AWS Infrastructure via CloudFormation
• Onboarding AWS Infrastructure via Terraform

Once your AWS accounts are connected, Netskope One DSPM will then auto-discover your AWS data stores and ingest any associated AWS tags.  

Connect Data Stores

Each data store you wish to monitor in the Cohesity Security Center must also be connected as a matching Netskope One DSPM Data Store. See the following articles for specific steps (be sure to first authenticate to our KB using the link provided by Netskope One DSPM support):

• Connecting to AWS S3 Data Stores
• Connecting to AWS RDS MariaDB Data Stores
• Connecting to AWS RDS MySQL Data Stores
• Connecting to AWS RDS Oracle Data Stores
• Connecting to AWS RDS PostgreSQL Data Stores
• Connecting to AWS RDS SQL Server Data Stores
• Connecting to AWS Aurora MySQL Data Stores
• Connecting to AWS Aurora PostgreSQL Data Stores

Once your data stores are connected, Netskope One DSPM will analyze and classify their fields based on a number of different signals and inputs. This activity includes applying Data Tags to better describe your data stores. For example, if we detect healthcare-related data, we might tag the data store with “HIPAA” and “PHI.”

More information on how classification works is available in our Classification Management article. 

Monitoring Your Sensitive Data Posture

You can access the classification data that Cohesity retrieves from Netskope One DSPM and view it on the Data Classification → Sensitive Data Posture page in the Security Center. The Sensitive Data Posture page displays the workloads that Netskope One DSPM has identified as containing sensitive data and their protection status. Using these details, you can protect the workloads with sensitive data using Cohesity DataProtect as a Service.

The Sensitive Data Posture page shows only the objects registered on Cohesity DataProtect that have Netskope One DSPM DSPM Tags.  Infrastructure tags (those applied directly in AWS, often for purposes outside of data security) are not published as DSPM Tags.

At a minimum, Netskope One DSPM's tags are automatically synced with Cohesity every 24 hours. In addition, tags are also synced each time your data stores are scanned.

Troubleshooting

If you don't see your latest tag assignments represented in Cohesity, please open a support ticket by emailing support@netskope.com.