The Netskope CDF integration ingests Netskope alerts into the ThreatQ platform.

The integration provides the following feeds:

• Netskope - Policy Alerts - ingests Netskope alerts of type Policy.
• Netskope - CTEP Alerts - ingests Netskope alerts of type Client Traffic Exploitation Protection.
• Netskope - DLP Alerts - ingests Netskope alerts of type DLP.
• Netskope - Malsite Alerts - ingests Netskope alerts of type Malsite.
• Netskope - UBA Alerts - Ingests Netskope alerts of type User Behavior Analytics.
• Netskope - Compromised Credential Alerts - ingests Netskope alerts of type Compromised Credentials.
• Netskope - Malware Alerts - ingests Netskope alerts of type Malware.
• Netskope - Quarantine Alerts - ingests Netskope alerts of type Quarantine.
• Netskope - Remediation Alerts - ingests Netskope alerts of type Remediation.
• Netskope - Security Assessment Alerts - ingests Netskope alerts of type Security Assessment.
• Netskope - Watchlist Alerts - ingests Netskope alerts of type Watchlist.
• Netskope - Content Alerts - ingests Netskope alerts of type Content.
• Netskope - Device Alerts - ingests Netskope alerts of type Device.

The integration ingests the following object types:

• Events
• Identities
• Indicators
• Malware