Coming Soon in our Next Release

View Expected Response Action for Shadow/Web DLP Incidents 

The Policy Incidents page now displays the Expected Response for Shadow/Web DLP Incidents. This Expected Response action is configured during DLP policy creation and defines the intended action when a policy violation occurs. This helps SOC administrators identify potential discrepancies between the Expected Response and the actual Incident Response taken during policy evaluation, which is vital for troubleshooting and refining security policies for robust data protection and operational efficiency.

View Match Locations for Sanctioned DLP Email Incidents 

The Match Locations column in the Policy Incidents table shows where a DLP policy violation occurs in emails/files/chat. It displays the filename of an email attachment when the violation occurs in the attachment, or the email subject with a .eml extension when the match occurs in the email subject or body. When violations occur in both the subject/body and an attachment, the column lists all relevant match locations. For file-based CSP policy violations, the column displays the file name; in case of chat violations, the cell is left blank. SOC administrators use these details to troubleshoot incidents, refine policies, and strengthen data protection while improving operational efficiency.

Utilize Non-English Language Models for ML Auto Classifiers 

The ML Auto Classifier now supports five non-English languages for the Skyhigh predefined classifier, Financial Reports, and Financial Statements. This enhancement extends machine-learning capabilities to accurately identify and classify financial and trade documents in French, German, Spanish, Japanese, and Korean.

Organizations can effectively manage and protect sensitive financial and trade-related data across global operations with this multilingual capability. It also ensures that financial reports and statements in these languages are properly classified, supporting security compliance.

Save CASB Evidence 

DLP Evidence is a copy of the compromised content that violates a CASB policy detected during the policy evaluation. This copy of compromised content is linked to the relevant incident and saved in your data storage, enabling further forensic analysis of generated incidents. 

This is achieved by creating a classification-based rule in CASB Policy, setting an additional response named Save Evidence. When a CASB Policy is violated, the Save Evidence response is triggered, and evidence files are saved on the generated incidents. Skyhigh allows saving evidence files to user-defined AWS S3 or Azure Blob storage for further analysis.

Edit or Create a Classification Rule Inline during Policy Creation 

The Classification list is generally viewed while setting up a classification rule within a DLP policy. This enhancement provides the convenience of editing the existing classification within the DLP policy creation workflow, eliminating the need to navigate back to the Classifications module to make necessary changes. Additionally, it enables you to create real-time inline classifications like dictionaries and advanced patterns as needed, reducing navigation time by managing all data protection components in a single view.

Enhanced Multi-Sheet Data Protection 

Sanctioned DLP policies applied to the spreadsheets now support accurate keyword detection across all worksheets within a workbook, extending beyond the first sheet. By utilizing an updated regex pattern, the sensitive column headings are scanned regardless of which tab they reside on. This enhancement eliminates false negatives and ensures comprehensive data security for complex spreadsheets.

Enable Data Explorer Data Feed 

The Data Explorer Data Feed is the essential gateway to the Data Explorer analytics dashboard for Skyhigh DSPM solution. This preliminary interface facilitates validation of prerequisites before enabling the dashboard, ensuring a seamless setup for data processing and reporting for DSPM discovery. Once the feed is active, a centralized view of the organization's most critical information, such as the location of PCI and HIPAA data, is displayed. This enhancement primarily ensures flexibility by providing means to activate, stop, or pause the data feed or data processing, which helps in capturing or analysing data for a specific period.

Prevent Unauthorized File Uploads via Browser

Skyhigh Web Gateway now supports File Upload Protection, enabling a real-time control and prevent unauthorized or potentially harmful file uploads through browser-based application. This application‑agnostic safeguard applies consistently across a wide range of web services and collaboration platforms such as Google Drive, Dropbox, WhatsApp Web, and Microsoft Copilot. This enhances data protection and offers the following updates.

Key Updates

• Intercepts uploads at the browser level and evaluates files before they are transmitted.
• Scans files in real time against configured DLP policies to detect sensitive data and enforce compliance.
• Blocks unauthorized or non‑compliant uploads to prevent accidental or malicious exposure of information.
• Supports multiple upload methods including form submissions, drag‑and‑drop actions, and clipboard pasting of files or images.
• Sends Agentless Notifications to alert users when a file upload is blocked. This requires configuring Agentless Notifications.
• Logs policy incidents to improve visibility and support audit tracking for security, compliance, and operational oversight.

This enhancement enforces Web DLP policies without requiring endpoint configuration and significantly reduces the risk of data breaches by intercepting unauthorized uploads at the source.

Restrict Unauthorized File Downloads from Browser Sources

Skyhigh Web Gateway now supports File Download Protection, enabling real‑time control to prevent sensitive visual content and unauthorized copying or transfer of files and images from web sources. This enhancement actively monitors and restricts browser‑initiated download actions.This application‑agnostic safeguard applies consistently across a wide range of web services and collaboration platforms such as Google Drive, Dropbox, WhatsApp Web, and Microsoft Copilot. This enhances data protection and offers the following updates.

Key Updates

• Intercepts downloads at the browser level to evaluate files before they are transmitted.
• Scans files in real time against configured Web DLP policies to detect sensitive data.
• Blocks unauthorized or non‑compliant downloads to prevent accidental or malicious exposure of information.
• Sends Agentless Notifications to alert users when a file upload is blocked. This requires configuring Agentless Notifications.
• Logs policy incidents to improve visibility and support audit tracking for security, compliance, and operational oversight.

This enhancement enforces Web DLP policies without requiring endpoint configuration and significantly reduces the risk of data breaches by intercepting unauthorized downloads at the source.

Block Sensitive Text Transfers in Browser Applications

Skyhigh Web Gateway now supports Text Upload Protection, a browser‑level capability designed to prevent the unauthorized transfer of sensitive information through text interactions. This enhancement actively monitors actions such as pasting text, dragging content, or dropping URLs into web applications, ensuring that sensitive data is intercepted before it leaves the user’s environment. This application‑agnostic safeguard applies consistently across a wide range of web services and collaboration platforms such as Google Drive, Dropbox, WhatsApp Web, and Microsoft Copilot. This enhances data protection and offers the following updates.

Key Updates

• Intercepts text inputs at the browser level to evaluate content before transmission.
• Scans text in real time against configured Web DLP policies to detect sensitive information.
• Blocks unauthorized or non‑compliant uploads to prevent accidental or malicious data leakage.
• Sends Agentless Notifications to alert users when a file upload is blocked. This requires configuring Agentless Notifications.
• Logs policy incidents to improve visibility and support audit tracking for security, compliance, and operational oversight.

This enhancement enforces Web DLP policies without requiring endpoint configuration and significantly reduces the risk of data breaches by intercepting unauthorized downloads at the source.

Deploy Secure App Connector V2 on Docker for UDP Applications

Secure App Connector V2 for Docker supports UDP applications and enables lightweight, fast deployment. You can deploy it as a single container across supported microK8s-based platforms.

Track LLM Risks and AI Service Incidents Using Saved Views and Dashboard Cards 

Skyhigh now allows you to track LLM Risks and AI Service incidents using Skyhigh Recommended Saved Views and Default AI Dashboard Cards. You can find the recommended saved views for LLM risk attributes on the Users and Services page and Microsoft 365 Copilot and ChatGPT incident-related saved views on Policy Incidents page. These saved views are automatically displayed as dashboard cards on the Default AI Dashboard.

Create and Manage Custom Roles (RBAC) 

Skyhigh introduces a new Roles feature to manage user permissions using flexible Role-Based Access Control (RBAC) across your organization. A role represents a set of permissions that can be assigned to one or more users, enabling consistent and scalable access management. Administrators can create custom roles, utilize built-in default roles, assign granular permissions, and apply multiple roles to a single user. The feature includes audit logging and dynamic report access enforcement, all delivered through a modern and intuitive user interface.

Key Benefits

• Granular and customizable access control through RBAC
• Improved security with role-based permission enforcement
• Built-in audit logs to support compliance and monitoring
• Assign and update roles for multiple users at once
• API support to automate role assignment and user onboarding

Centralized Access to Shadow IT Data in SaaS Discovery 

Under Analytics, the Services, Shadow Users, and Unmatched Uploads menu items are now grouped into a new menu item, SaaS Discovery, to provide centralized access to all Shadow IT–related data.

View Feature Configurations Using the Edit 

You can now use the Edit option on the Service Management page (Settings > Service Management > Setup > API > Edit) to view the feature configuration of a CSP configured through API integration. Currently, the Features page is read-only and provides visibility into the existing capabilities.