Date: 06/25/20
Major New Features
Alerts by Employee: Dashboard Widget and Page
A new widget has been added to the dashboard that shows the employees who have generated the most Netskope One DSPM alerts within the selected time period. It is the horizontal bar graph on the right side of the dashboard:
This widget can be clicked on, and the Alerts by Employee Page will be shown. You can also navigate to this page in the left navigation via Analysis > By Employees
On this page, you can sort by different types of alerts or total # of alerts; you can export a CSV; you can search for a specific employee; and you can click on any employee’s name/userID to drill down into their Alerts for Individual Employee page.
Employee Whitelist
The Whitelist enables you to exclude specific database user accounts from the Netskope One DSPM scan. Any query issued from a whitelisted account will not generate risky query alerts in Netskope One DSPM.To access the Employee Whitelist, go to Administration > Whitelist. In addition you can whitelist an individual employee/user when on the Alerts for Individual Employee page (when drilling down from the Alerts by Employee dashboard widget or Alerts by Employee page, see above).
Custom Sensitive Data Types
Admins and Data Custodians (see below) can create custom sensitive data types. These custom sensitive data types can be used to:
- Classify data on the sensitive data page
- Filter searches on the sensitive data page
- Generate alerts -- any custom sensitive data type will automatically have 2 policies created on the policies page
- Be incorporated in the dashboard and alerts pages
To create a custom sensitive data type, go to the Sensitive Data page, and click on “Custom Sensitive Data Types” in the top right of the page.
Data Custodian Privileges
Netskope One DSPM Admins can create new users and give them Data Custodian privileges. Data Custodians can:
- Create custom sensitive data types (see above),
- Edit and delete custom sensitive data types that they created,
- Reclassify sensitive fields on the Sensitive Data page,
- Mark sensitive data classifications as “reviewed” (or unmark them), and
- See alerts and risky queries.
Note: All of the privileges above are restricted to one or more data sets, as specified by an administrator.
To create a user with Data Custodian privileges, go to Administration > Users, create a new user, and in the Privileges section, pick “Data Custodian.” Specify the data set(s) the user will have data custodian privileges over.
Service Accounts
For customers that have employees that use BI/query tools, and those tools log into the data warehouse through one unified database user account, Netskope One DSPM has the ability to parse out the user’s ID or email address from the query metadata. The user’s extracted ID or email address will then appear in the “Employee” column of the alerts.In order for this to happen, the administrator will need to register the service account. Access service accounts by going to Administration > Service Accounts.
We currently support extracting metadata from Looker, Periscope Data, and Mode Analytics.
Query Copy
If you want to quickly copy an entire query from the alerts page, just mouse over the query. A copy icon will appear. Click on the copy icon. The entire query will then be copied to your clipboard.
Bug Fixes
Some minor bugs were fixed, including the ability to add a new data warehouse and authenticate via password instead of via IAM.