• The solution had to be extensible to ease the support of new threat sources, SIEMs, and ticketing platforms.

• Considering the large volume of events that needed to be ingested, making a solution that can scale and keep up with the volume was one of the primary challenge.

Customer Solution

Crest Data collaborated with Netskope to design and develop various use cases and came up with a horizontally scalable solution that was easy to deploy on customer premises. It included these major features:

• A plugin based architecture allowing customers to develop and upload their own plugins to integrate with new platforms.

• Ability to share malware and malsite information among Netskope and other threat providers.

• Ability to create tickets or receive email/messages based on specific Netskope security alerts.

• Ability to ingest Netskope security events into various customer SIEMs.

• Ability to monitor user risk scores and orchestrate actions on users based on the changes in their risk level.

The Crest Difference

The solution developed by Crest Data helped:

• Allow Netskope customers to easily integrate with multiple 3rd party threat intel providers.

• Security analysts to receive alerts and tickets in real time into their ticketing management platforms.

• Allow customers to ingest critical logs into their SIEM.