Welcome to the Netskope One DSPM Knowledge Base

You will find your answers here!

    Sorry, we didn't find any relevant articles for you.

    Send us your queries using the form below and we will get back to you with a solution.

    Netskope One DSPM 6.3 release notes

    Table of Contents

    Major New Features AWS Organization-Based Onboarding Saved Views for Classification Management New Built-in Data Access Policy for Un-linked Username (Ghost User) Detection Publishing Activity Logs to S3 Improvements and Updates Sensitive Record Count Updates Policy Retrospective UI Updates User Information on Classification Management page

    Major New Features

    AWS Organization-Based Onboarding


    Netskope One DSPM now supports AWS Organization-based onboarding. You can connect with and scan across different organizational units (OU) and multiple AWS accounts nested within an AWS organization. Once connected to an AWS organization, Netskope One DSPM has the ability to automatically discover new accounts and data stores within the organization hierarchy. This capability provides Netskope One DSPM visibility to many AWS Accounts simultaneously, enabling our customers to better utilize their AWS Organization structure. AWS Organization-based onboarding also speeds up the auto-discovery of all AWS Data Stores to help monitor data sprawl and improve data governance for your organization.

     

    Saved Views for Classification Management

    On the Classification Management page, you can now save views. Adjust filters, columns, and sorting, then save your view. Each saved view appears as an additional tab to the right of the Default View. You can also adjust your preferred view, which will appear on this screen anytime you return to it. All views here only apply on a per-user basis, and no user will see another user's saved views.

     

    New Built-in Data Access Policy for Un-linked Username (Ghost User) Detection

    Netskope One DSPM now offers a built-in policy to detect database usernames with access to sensitive data not linked to any employee (a.k.a ghost usernames). This provides stronger access controls for your organization's sensitive data. You can enable this policy from the Policy Management page for it to begin triggering alerts for all connected data stores. 

     

    Publishing Activity Logs to S3

    Activity logs from Administration → Activity Logs can now be pushed to your organization's instance of S3 within AWS. All system activity and user activity stores as .json objects with standard formatting. All information showing in your Netskope One DSPM activity log will appear in your S3 instance going forward. This can only be enabled via a direct request to our engineering team. 

     

    Improvements and Updates

    Sensitive Record Count Updates

    Sensitive records, viewable from the Risks Dashboard and Data Store Inventory, now represent the number of sensitive rows within connected data stores. Before 6.3, this number represented the number of sensitive cells. So, if a table has at least one sensitive field, the number of rows will each be counted as sensitive records in that table, aggregated to reflect the total sensitive record count for the data store. See the example below.

    Screenshot of Access 2013

    Policy Retrospective UI Updates

    Retrospective policy testing is now completely optional within the policy editor. You can bypass this step when it takes more than 30 seconds to produce accurate results. A TEST POLICY button is available if you wish to run the simulation; otherwise, the results will be logged as Alerts/Tasks on the next data store scan. 

    User Information on Classification Management page

    Netskope One DSPM now displays the count of users with access to each field on the Classification Management page. Clicking on this number displays additional user information to help analyze access control. 

    Was this article helpful?

    Still can't find what you are looking for?

    Contact Netskope Technical Support