Integrating Netskope with SecurityCoach

In this article, you will learn how to integrate Netskope’s Next Gen Secure Web Gateway (SWG) with SecurityCoach. Once the integration is complete, data provided by Netskope will be available for use under the SecurityCoach tab of your KMSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns. For general information about SecurityCoach, see our SecurityCoach Product Manual.

Click the links below to learn how to integrate Netskope with SecurityCoach.

Jump to:
Create Your API Token
Obtain Your Tenant Name
Set Up or Update the Integration in Your KMSAT Console

• Set Up the Integration in Your KMSAT Console
  Update the Integration in Your KMSAT Console

Create Your API Token

Before you can set up this integration in your KMSAT console, you will need to create a Netskope API token in your Netskope console.

To create an API token for Netskope, follow the steps below:

1. Log in to Netskope and navigate to Settings > Tools > REST API v2.
   
2. Click the pencil icon below the REST API Status.
   
3. In the Edit REST API Status pop-up window, enable the token by selecting the status toggle and then click Save.
   
4. Click New Token to create a new API token.
   
5. Fill out the Token Name, Expire In, and Add Endpoint fields on the Create REST API Token pop-up window. For more information about these fields, see below:
   
   
   1. Token Name: Enter a name for your token. In the example above, the name is KB4-V2-Token.
   2. Expire In: From the drop-down list, select the number of hours, days, weeks, or months to keep the token valid.
   3. Add Endpoint: From the drop-down list, select the /api/v2/events/data.alert endpoint.
6. Click Save.
7. Click the Copy Token link. Make sure to save your copied API token somewhere that you can easily access. You will need this token when you complete the integration setup in the Set Up the Integration in Your KMSAT Console section below.
   

Back to top

Obtain Your Tenant Name

You will also need to obtain the tenant name from your Netskope portal URL. Typically, the URL will be in the following format:

<tenant-name>.goskope.<rest-of-url>

Make sure to save this tenant name to a place that you can easily access later. You will need the tenant name to complete the integration setup in the Set Up the Integration in Your KMSAT Console section below.

Back to top

Set Up or Update the Integration in Your KMSAT Console

Once you have created your Netskope API token and obtained your tenant name, you can set up the integration in your KMSAT console. If you created a new token using REST API v2 for an existing integration, you can also update your integration in your KMSAT console.

To learn how to set up or update your Netskope integration, see the subsections below.

Set Up the Integration in Your KMSAT Console

To set up the integration in your KMSAT console, follow the steps below:

1. Log in to your KMSAT console and navigate to SecurityCoach > Setup > Security Vendor Integrations.
2. Locate Netskope and click Configure Integration.
3. Enter your Tenant Name and API Token in the corresponding fields.
4. Click Authorize.
   

Once you’ve successfully authorized this integration, you can manage detection rules for Netskope on the Detection Rules subtab of SecurityCoach. For a full list of available system detection rules for this vendor, see our Which Detection Rules Can I Use with My Vendors? article.

Back to top

Update the Integration in Your KMSAT Console

To update your integration with a token created using REST API v2, follow the steps below:

1. Log in to your KMSAT console and navigate to SecurityCoach > Setup > Security Vendor Integrations.
2. Locate Netskope and click Edit.
3. Click Update Registration to update the existing integration.
   
4. Replace your existing API token with the updated token created using REST API v2 in the API Token field.
5. Click Authorize.

Back to top