Netskope

Configure the Netskope data connector.

In this guide, you'll configure the integration between Radiant and the Netskope security cloud. Netskope provides visibility and threat protection for cloud services, websites, and private apps, offering capabilities like web filtering, DLP, Zero Trust access, and information protection. This integration allows Radiant Security to collect and analyze alerts and events from Netskope for enhanced detection and investigation.

At the end of this configuration, you will provide Radiant Security with the following values:

  • API base URL

  • API token

Prerequisites

Obtain the Netskope API token

In this step, you will create the API Token on Netskope.

Important note: If an Expiration value is set for the token, update the token value on Radiant Security’s connector at the time of expiration to prevent disruptions in data collection.

  1. Log into the Netskope Console.

  2. Navigate to Settings > Tools > Rest API v2.

  1. At the top of the page, identify if the REST API is enabled. If it's not enabled, click the Pencil button and enable the toggle for REST API. Click Save to save the changes.

  1. Click New Token to create a new API Token.

  1. Enter the Token Name as RadiantConnector

  2. Under Expire In, select 12 Months.

  3. Click Add Endpoint to select the API Endpoints that the Token is allowed to access:

    1. Select all entries that start with /api/v2/events/dataexport/events

    2. Select all entries that start with /api/v2/events/dataexport/alerts

    3. Select the entry /api/v2/incidents/uba/getuci

    4. Select the entry /api/v2/incidents/dlpincidents

    5. Select the entry /api/v2/events/data/alert

  1. On Privilege, select Read.

  2. Click Save and copy the Token shown in the popup. Please note that this will be the only opportunity to copy the token so ensure you store it in a safe place.

Add the data connector in Radiant Security

  1. Log in to Radiant Security.

  2. From the navigation menu, click Settings > Data Connectors and click + Add Connector.

  3. Search for and select the Netskope option and then click Data Feeds.

  4. Click Credentials.

  5. Under Credential Name, give the credential an identifiable name (e.g. Netskope Token).

  6. In the Tenant URL field, enter the URL you use to access the Netskope Console. For example: https://companyName.goskope.com

  7. In the API Token field, paste in the Netskope API Token that you generated in the previous section.

  8. Click Add Connector.

PreviousMimecast API 2.0NextOkta

Last updated