Skyhigh Security Cloud Release Notes 6.3.2 (May, 2023)
Skyhigh Data Protection
OCR and Classifications for Skyhigh CASB
Skyhigh CASB customers can now access all Classification based features. OCR enables the Skyhigh Security DLP engine to extract text from supported image files and is available for Skyhigh CASB customers. For details, see About OCR.
Redesigned Fingerprint Page
The redesigned Fingerprint page (found under Policies > DLP Policies > Fingerprints) provides the below User Interface (UI) changes:
- The Omnibar Search is enhanced to filter your search based on Fingerprint Name.
- Create Fingerprint menu displays separate options for Structured and Unstructured Fingerprint where you can create a legacy fingerprint to use with Skyhigh CASB and an enhanced fingerprint to use with Web Gateway.
- The Actions column in the Fingerprint table now displays options vertically as a dropdown. Click the Generate Index (three-dot) menu to view Show Command Line and Delete actions. For details, see About Fingerprints.
Policy Validations Enhancements
In this release (6.3.2), while importing DLP Policies using Policy Templates, we have enhanced the validation process for:
- Collaboration Rule.
- Data Identifier Rule.
- Classifications.
- Bulk Activations with Invalid Classifications.
- Fingerprints.
For details, see Import Policy Templates.
Skyhigh Secure Web Gateway (Cloud)
Backup and Restore Web Policies
When configuring your web policy with Secure Web Gateway, new options for backing up and restoring are available.
Using these options, you can:
-
Back up your web policy in a backup file and after continuing to work on your web policy for some time, restore it to the previous state using the backup file.
For details, see Back Up Your Web Policy and Restore Your Web Policy from a Backup File. - Replace the web policy that you are currently working with and restore a web policy instead that uses the default values as they were preconfigured when you initially set up Secure Web Gateway.
For details, see Restore the Default Values for Your Web Policy.
Skyhigh Cloud Firewall
Cloud Firewall Policy Enhancements
You can now select Service and Service Groups as policy criteria that are managed in CASB Shadow IT. This enables you to apply application-based policies for more than 40000 applications under Skyhigh Cloud Registry. For details, Configure Firewall Policies.
- Service — The service name. For example, Zoom, Facebook.
- Service Group — The group of services. You can create a group of services and then set allow or block access for all the services in the group. For example, you can add several services, such as Amazon, Target, Magneto, and ekart to a group called e-commerce.
NOTE: You must have the Skyhigh CASB Shadow IT license to use the Service and Service Group options.
Skyhigh CASB
Unmatched Uploads Enhancements
In the previous release (6.3.1), the Unmatched Uploads page (found under Analytics > Unmatched Uploads) was redesigned to provide granular information about users accessing the data from unmapped or potentially suspicious destinations as well as the risk (or reputation) associated with these destinations. There are enhanced workflows that allow users to update the status of URLs if it is a trusted unmatched cloud service. In addition, users can request new cloud services to be added to the Registry.
In the current release (6.3.2), you can find more enhancements to the Unmatched Uploads table:
- You can sort the data by Reputation and Status columns.
- You can add three new columns to the unmatched uploads table to view the information on IP, Country, and City. These columns can be selected from Settings > Actions > Edit Table Columns. For details, see About Unmatched Uploads Enhancements.
Custom Anomaly Enhancements (Limited Availability)
In the previous release (6.3.1), the Custom Anomaly (found under Incidents > Anomalies > Anomaly Settings) was introduced which allows users to create their own anomaly structure based on risk parameters identified in Sanctioned IT cloud service activities.
In the current release (6.3.2) you can create a custom anomaly rule based on user groups for tenants who have configured user data (Active Directory). You can also include all or selected user groups to evaluate a rule. For details, see Create a Custom Anomaly.
Seclore DRM Support for External Users in SharePoint (Limited Availability)
Skyhigh CASB provides Seclore DRM protection over files containing sensitive data owned by external users in SharePoint sites. Skyhigh CASB leverages the internal collaborator’s information to encrypt these sensitive files in Seclore DRM. This feature allows security administrators to protect sensitive data uploaded by external users to SharePoint sites. For details, see Seclore DRM for External Users in SharePoint.
Skyhigh CNAPP
New Azure CIS v2.0 Policy Templates
CIS Benchmarks are based on technical configuration settings used to maintain and increase enterprise security, especially when used in conjunction with other essential cyber hygiene tasks. In this release, 5 new Azure Policy templates have been added for the CIS v2.0 benchmark. For details, see Policy Templates for Azure.
- Skyhigh Security Cloud Resolved and Known Issues
- For more details, see Skyhigh Security Cloud Bug Fixes and Known Issues.