Coming Soon in our Next Release

Assign Policy Incidents to Yourself   

You can streamline incident assignment on the Policy Incidents page by reducing the effort required to locate your name in the Owner menu. The Owner assignment list is dynamically reordered for each user, ensuring your name (me) appears at the top for quick self-assignment.

This capability facilitates faster incident assignments and results in a more responsive security operations process.

Extend ML-Driven False Positive Detection for Shadow/Web DLP Incidents  

You can search for Shadow/Web DLP incidents that are potential false positives easily and quickly on the Policy Incidents page. This enables you to identify and review incidents that may not be actual policy violations, allowing you to take necessary actions such as marking them as false positives or tuning your policy configurations to reduce false positives in the future.  

It also enables Security Operations Center (SOC) analysts to access detailed statistics and a comprehensive list of these potentially false-positive incidents. This capability helps minimize false positives and refine DLP policies, enhancing operational efficiency in incident management.

Capability of ML-driven Potential False Positives on Policy Incidents:

1. Potential False Positives Summary. You can view the total count of potential false-positive incidents, along with recent trends and changes in their volume. 
2. Filter for Potential False Positives. Filter the Incident Type as Shadow/Web DLP, and apply the Machine Learning Status filter as Potential False Positive to display all potential false-positive incidents within your organization.
   
   

3. Review and Validate Potential False Positives. The Shadow/Web DLP Incident Cloud Card now features a Potential False Positive section within the Machine Learning Status component. This addition allows for efficient validation of incidents classified as potential false positives. 
   
   

Utilize Non-English Language Models for ML Auto Classifiers   

The ML Auto Classifier now supports five non-English languages for the Skyhigh predefined classifier, Financial Reports, and Financial Statements. This enhancement extends machine-learning capabilities to accurately identify and classify financial and trade documents in French, German, Spanish, Japanese, and Korean.

Organizations can effectively manage and protect sensitive financial and trade-related data across global operations with this multilingual capability. It also ensures that financial reports and statements in these languages are properly classified, supporting security compliance. 

Enhanced Keyword Detection Boundary Matching  

This feature improves the accuracy of keyword matching in classifications within a dictionary by enhancing allowed boundary characters that can enclose a matched keyword. During evaluation of content, it refines matching criteria to ensure that certain keywords do not trigger a match. For example, enabling legacy keyword boundary match can prevent detection of matches for a keyword that appears within larger strings that are preceded by a period (.).  With this capability, the DLP system can eliminate unwanted matches, leading to more precise classification of sensitive information and a reduction in false positives. 

Additional DLP Enhancements 

Enhanced Visibility and Troubleshoot IPSec Tunnels 

Skyhigh now offers the ability to monitor the real-time status of your IPSec tunnels, troubleshoot issues in real-time, update configurations as needed, and view details such as source subnets and the encryption mechanisms used, to name a few.

You can also access error logs for failed or inactive tunnels and troubleshoot with enhanced error codes while establishing an IPSec connection between Skyhigh SSE and third-party devices. Enhanced error logging and a comprehensive troubleshooting guide help you identify and resolve tunnel issues more effectively. You can compare tunnel attributes to aid in diagnosing problems and re-establishing connectivity.

Enhanced User Alerts via Agentless Notification 

Skyhigh now offers a Browser Control ruleset to manage advanced Skyhigh capabilities that can be applied to websites. These enhancements improve both the end-user experience and data security. One of the rules in the Browser Control ruleset is Agentless Notification. This capability alerts end users when actions are blocked, ensuring that Skyhigh Web Gateway alerts are visible in the browser, even if the current page does not display directly.

Isolate Referring Domains of Isolated Websites 

You can now configure a list of domains using Isolate Referring Domains of Isolated Websites to isolate domains that are referred by already isolated sites. This list is entered as a string, and capability is available in Full Isolation protection mode. By default, the browser does not isolate any referred sites.

Customize Brand Header and Description in RBI Popup Prompts 

RBI popup prompts now support brand customization when full browser isolation or risky web protection is active. You can customize the headers and descriptions in the RBI popup prompts with your own branding. The default branding currently is Skyhigh Remote Browser Isolation. Additionally, you can view a sample to see how the popup appears in the isolated window.

Enhanced Information Protection with Webpage Watermark in RBI  

Skyhigh now adds a watermark to the background of any webpage. The watermarks display your user ID or email ID, or client IP diagonally across the background, depending on your authentication method and the client used. This capability promotes accountability, enables tracking in case of data exfiltration, and deters unauthorized sharing of sensitive information.

Enhance Access and Control Across SSE Web Using Skyhigh APIs 

You can use the unified API gateway and support capabilities to enhance security, streamline governance, and integrate with applications and platforms. These capabilities provide a unified interface for users to access APIs using keys and enforce role-based access control (RBAC).

Utilize SSE Web APIs with API keys across SWG, Private Access, and the Skyhigh Client to retrieve, create, update, or delete the applicable resources. You can create API keys on the User Management page to simplify the authorization process and authenticate web API requests.

Key Capabilities of API Keys:

• Secure Authentication and Enhanced Security. Restrict API access to authorized users and applications through key-based authentication.
• Application Integration and Automation. Effortless third-party integrations facilitate automation across various software systems, applications, and platforms.

Deploy Secure App Connector V2 on Docker for UDP Applications 

Secure App Connector V2 for Docker now supports UDP Applications, offering a lightweight and fast deployment method. It can be used as a single container to perform the same functions on various supported platforms based on microK8s.

Categorize Logs using Tags 

Use Skyhigh CASB Tag Configuration to classify and manage traffic and content across Sanctioned, Shadow, and Web services through metadata labels or tags. These tags organize logs according to various security requirements, ensuring that relevant data is easily identifiable and actionable. 

Categorize logs by:

• Geography. Distinguish logs from users in different geographies to enforce regional compliance rules, such as the GDPR for European users.
• Active Directory Attributes. Categorize logs by department (e.g., Engineering, HR) to apply appropriate web access policies. 
• Security Status. Label logs linked to malware activity or policy violations for quicker threat response by building policy enforcement around them.

You can apply tags in Data Jurisdictions to enforce access restrictions and enforce DLP policies in SWG Cloud. This allows SOC teams to efficiently manage, apply policies, and analyze data at scale.

Create Custom and Shareable Dashboards 

The Dashboards provide a summary of the Shadow and Sanctioned cloud services data configured in your organization, using cards. You can create your dashboards, share them with others in your organization, and mark them as favorites for easy access. Additionally, you can set a specific dashboard as your home dashboard, which will appear every time you log in to the product. To customize a dashboard, you can add new cards of various types and rearrange the existing cards.

Based on your license, the default set of dashboards, such as My Dashboard, Private Access Dashboard, IaaS Dashboard, Office 365 Dashboard, Web Dashboard, and Isolated Web Dashboards, is displayed.

Using custom and shareable dashboards, you can:

• Share any dashboard of your choice within your organization.
• Create dashboards from your preferred Saved Views.
• Access dashboards easily using the icon.

Support for Salesforce Summer 2025 

Skyhigh CASB now supports the latest Salesforce Summer 2025 version.

Integrate Skyhigh CASB with Microsoft 365 Copilot 

As Microsoft 365 Copilot, an AI tool, becomes integral to applications, sensitive data faces growing vulnerabilities, demanding robust security at every level. By integrating Skyhigh CASB with Microsoft 365 Copilot, organizations can prevent the following risks in Microsoft 365 applications such as SharePoint, OneDrive, and Teams:

• User Prompts and Response Data Breach in Copilot. Implement comprehensive DLP controls for Copilot prompts and responses, preventing sensitive data leakage to the Cloud.
• Exfiltration of Sensitive Data. Establish protection against unauthorized data uploads or unintended sharing of confidential information.
• Sensitive Data Ingestion. Make sure that access to sensitive, regulated, or proprietary content is conducted with the necessary safeguards in place.

This integration protects organizations from security threats in the AI era. Skyhigh Security provides targeted solutions for securing AI copilots, such as Microsoft 365 Copilot. This combination of innovative technology and robust data protection allows enterprises to utilize Copilot fully while safeguarding critical assets.

Integrate Skyhigh CASB with GitHub Using GitHub App 

The GitHub App integration offers a robust alternative compared to the legacy Custom OAuth App, making it more suitable for enterprise security and operational requirements. Integrate GitHub via the GitHub App to monitor user activity, enforce DLP policies, and review threats detected by Skyhigh CASB User and Entity Behavior Analytics (UEBA) on GitHub.

Benefits:

• GitHub App rate limits scale with the number of accessible repositories and organization users.
• The owning enterprise controls the fine-grained permissions of GitHub Apps.

Track File Access and Activity Details in Atlassian Confluence 

The integration of Skyhigh CASB with Atlassian Confluence is now enhanced to track and monitor file access activity, enabling SOCs to maintain comprehensive audit trails effectively.

Enhanced ChatGPT Enterprise Integration with DLP and Admin Controls 

The integration of Skyhigh CASB with ChatGPT allows SOC administrators to monitor and control user interactions effectively. The ChatGPT integration has been enhanced with the following key capabilities:

• Apply comprehensive DLP controls for ChatGPT prompts and responses to prevent sensitive data leakage to the Cloud. 
• Create a DLP policy that includes rules and response actions to detect sensitive content and implement manual and bulk remediation measures.
• Track and audit admin-level activities to help prevent AI misuse, misconfigurations, and security breaches across your organization.