Skyhigh Security Cloud 6.8.0 Release Notes (Feb 2025)
Legends Used
General Availability |
IMPORTANT: The Skyhigh Security Cloud 6.8.0 release addresses significant library updates for enhancing security and stability. For additional information about these fixes and updates, contact Skyhigh Support.
Skyhigh Cloud Platform
Skyhigh Data Loss Prevention (DLP)
ML-driven Automatic Data Classification 
ML Auto Classifiers automatically detect and classify text and image-based files across sanctioned and shadow/web services, and identify sensitive documents like financial reports, patient records, patents, source code, and ID files across different formats. Security Operations Center (SOC) analysts can use these classifiers to discover real-time sensitive data and apply granular DLP policy controls, enhancing the organization’s data protection strategy and enabling quick and effective responses to data loss incidents. By leveraging AI and machine learning, ML Auto Classifiers improve data governance, support robust DLP policies, streamline management by eliminating manual classification, and enhance operational efficiency. They also offer scalable solutions for large data volumes, provide insights into classification confidence, and minimize false positives and negatives.
Utilize ML Auto Classifiers to categorize sensitive files (Classifications page) and review triggered matches along with their confidence levels (Policy Incidents page):
- ML Auto Classifier Condition. Use the ML Auto Classifier rule on the Classifications page to automatically classify sensitive files.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access ML Auto Classifiers, go to Policy > DLP Policies > Classifications > Create Classification > Conditions > ML Auto Classifier
- ML Auto Classifiers Component. Access the ML Auto Classifiers component on the Sanctioned DLP Policy Incident cloud card to view the triggered matches for file categories along with their confidence percentages. For details, see ML Auto Classifiers.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access the Sanctioned/Shadow DLP cloud card, go to Incidents > Policy Incidents > Filter Incident Type as Sanctioned DLP or Shadow/Web DLP > Select any incidents on the table
User Unique Identification Number (UID) for DLP Incidents 
The User Unique Identification Number (UID) filter has been introduced for Data Loss Prevention (DLP) incidents to enhance the ability to manage and analyze security incidents within your organization. The User UID is a unique identification number assigned to each user, allowing Security Operations Center (SOC) analysts to obtain a comprehensive view of all DLP incidents linked to a specific user across Sanctioned, Shadow/Web, and Private applications. It enables SOC analysts to take quick and effective remediation action. Additionally, It enhances the organization's data protection strategy and increases operational efficiency in incident management.
You can access and review specific information related to User UID on the Policy Incidents page.
Capability of User UID on Policy Incidents:
- Filter DLP Incidents. Apply the User UID filter on the Policy Incident cloud card to view all DLP incidents associated with a specific User UID directly on the Policy Incidents table.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access User UID, go to Incidents > Policy Incidents > Select any incidents on the table
- Search for User UIDs. Use the omnibar to search for specific User UIDs. This capability allows for quick access to DLP incidents linked to particular users.
- View User UID Column. Include a User UID column in the incident table to generate reports. For details, see Policy Incidents Page Cloud Card.
- ▶ Explore User Interface
ML-driven Potential False Positive Detection 
ML-driven Potential False Positives automatically identify and classify likely false positive DLP incidents, enabling Security Operations Center (SOC) analysts to access detailed statistics and a comprehensive list of these incidents. This capability helps minimize false positives and refine DLP policies, enhancing operational efficiency in incident management. AI-ML Powered Automatic Incident Categorization further streamlines DLP management by using machine learning to identify recurring patterns, reducing investigation time and costs while supporting large incident volumes. It boosts confidence in false positive identification, accelerates response times, and provides insights into trends over the past 30 days.
You can review Sanctioned DLP incidents detected and categorized as potential false positives on the Policy Incidents page.
Capability of ML-driven Potential False Positives on Policy Incidents:
- Potential False Positives Summary. You can view the total count of potential false positive incidents, along with recent trends and changes in their volume.
- Filter for Potential False Positives. This capability applies specifically to Sanctioned DLP Incidents. Filter the Incident Type as Sanctioned DLP, and apply the Machine Learning Status filter as Potential False Positive to display all potential false positive incidents within your organization.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access ML-driven Potential False Positives, go to Incidents > Policy Incidents.
- Review and Validate Potential False Positives. The Sanctioned DLP Incident Cloud Card now features a Potential False Positive section within the Machine Learning Status component. This addition allows for efficient validation of incidents classified as potential false positives. For details, see About ML-Driven Potential False Positives.
- ▶ Explore User Interface
Additional DLP Enhancement 
Enhanced File Size Limits for Shadow/Web DLP Evidence
Skyhigh has increased the maximum limit for Shadow/Web DLP evidence files from 50 MB to 150 MB. You can now save and download larger evidence files for Shadow/Web DLP incidents using the Shadow/Web DLP Policy Incident Cloud Card or API. This enhancement allows for comprehensive analysis of significant policy violations, facilitating in-depth investigations, and effective remediation of security incidents. For details, see Save Shadow/Web DLP Evidence and Match Highlights.
Data Classification Enhancements 
Increased Classification Limit
Skyhigh has increased the maximum limit for total DLP classifications from 1000 to 2000 per tenant, which includes 82 Skyhigh pre-canned classifications. This expansion enables you to create and manage a wide range of custom classifications, enhancing your ability to meet diverse data protection needs, refine DLP policies, and improve the accuracy of incident detection and response. For details, see About Classifications.
Enhanced User Experience in Classification Management
You can now access the Create Classification and Test Classification options directly on the Classifications page, eliminating the need to navigate through the Actions menu. This enhancement streamlines the workflow, making it faster and more intuitive to manage your classifications. For details, see About Classifications.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access Create Classification and Test Classification options, go to Policy > DLP Policies > Classifications > Create Classification and Test Classification
Skyhigh SSE Products
Skyhigh Secure Web Gateway
Configure System Error Notifications Using Custom Templates 
You can now customize the End User Notification Settings for system errors by using a custom template. To do this, check the list of system errors in the System Error Mapping section. Select the required system error to configure the corresponding End User Notification. This enables you to display notifications to end users that include relevant system error information. For details, see Configure System Error Notifications Using Custom Templates.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access System Error Mapping, go to Policy > Web Policy > Feature Configuration > End User Notification Settings > System Error Mapping.
Additional Skyhigh Secure Web Gateway Enhancements
Update an Imported HTML File
To replace an imported HTML file, click the Edit icon ( ) in the Action menu. If an existing HTML file requires updates, you can upload the revised HTML file to the End User Notification Pages using the Edit option. This allows you to view updates via an alert or block notification, including new logos, headers, and template details added to the HTML file. For details, see Import an HTML Template for an End User Notification Page.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access edit icon, go to Policy > Web Policy > End User Notification Pages > Custom Templates > Actions > Edit Icon.
View Referenced Ruleset and Policy Components
Skyhigh Secure Web Gateway now includes a Show References option in the Actions menu on both the List Catalog and Feature Config pages. This feature allows you to view the Rulesets associated with a selected List or Feature Config. When you click Show References, a reference bar will appear, displaying the names of the linked Rulesets. You can click the hyperlinks for each Ruleset to access and review them. Additionally, when deleting a List or Feature Config, this option allows you to see where it is used within the Ruleset. For details, see View Rule Set References.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access Show References, go to Policy > Web Policy > Feature Configuration > Actions > Show References.
Warning Notification: Selective Traffic Redirection
When configuring Skyhigh Client Proxy policies, a warning message displays when selecting the Redirect only Private Access traffic to cloud checkbox. The warning message displays: Redirect only Private Access traffic to cloud. Other sources traffic will not be redirected to the cloud. This message clarifies that enabling this option will ensure that only Private Access traffic is redirected to cloud services, while all other traffic will remain unaffected. This approach enhances control and security over network traffic management by directing Private Access traffic appropriately toward cloud services. For details, see Traffic Redirection.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access Redirect only Private Access traffic to cloud checkbox, go to Settings > Infrastructure > Client Proxy Management> Configuration Policies> Traffic Redirection > Redirect only private access traffic to cloud.
UI Enhancement for HTTP Protocol Ruleset
The Skyhigh Secure Web Gateway has enhanced usability by improving the flexibility of the HTTP Protocol Preset Rules, now featuring new menu options.
- Edit List: Modify existing rules.
- Select Different List: Choose from predefined Ruleset.
- Create New List: Create custom lists.
These enhancements include two specific HTTP Protocol Preset Rules: Set connection header to closed to block persistent connections and Block chunked transfer encoding between client and proxy. For details, see HTTP Protocol.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access new menu options, go to Policy > Web Policy > Policy > Common Rules > HTTP Protocol.
Remote Browser Isolation
Disable the Skyhigh Logo in Isolated Browsers 
You can now hide the Skyhigh logo in browsers while using Full and Risky Isolated browsers. By default, the Skyhigh logo is displayed. Select the Disable Skyhigh logo near browser address bar checkbox to hide the logo. For details, see Full Isolation — Use Browser Isolation for Websites Based on Your Own Selection.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access Disable Skyhigh logo near the browser address bar checkbox, go to Policy > Web Policy > Policy > Browser Isolation > Full Isolation > Browser Settings > Disable Skyhigh logo near the browser address bar.
Skyhigh CASB
OCR Support in Microsoft Teams Chats/Channels 
Skyhigh CASB for Microsoft Teams allows security admins to define DLP policies to monitor and remove the sensitive content in images shared in chats/channels by copying and pasting them. For details, see Microsoft Teams Secure Collaboration Use Cases.
- ▶ Explore Navigation Details
-
Navigation Path: To identify and remove sensitive content in the pasted images, go to Policy > DLP Policies > Classifications.
Microsoft Intune Company Portal App Support via Reverse Proxy 
Integrate the Intune Company Portal app with Skyhigh CASB to securely access the organization's resources on personal or company-owned devices like smartphones, tablets, and laptops. By enforcing policies that control how data is accessed, shared, and protected across devices and applications, you can prevent sensitive or confidential data exfiltration, ensuring secure and compliant usage of organizational resources. For details, see Microsoft Intune Company Portal App Support via Reverse Proxy.
- ▶ Explore Navigation Details
-
Navigation Path: To enroll your device with the Intune Company Portal app via a reverse proxy, go to Policy > Access Control > Access Policies.
Salesforce Winter 2025 Support 
Skyhigh CASB now supports the latest Salesforce Winter 2025 version. For details, see Supported Versions of Structured Apps.
ServiceNow Xanadu Q4 2024 Support 
Skyhigh CASB now supports ServiceNow Xanadu Q4 2024. For details, see Supported Versions of Structured Apps.
Filter AI Services by Risk Type 
Use the Artificial Intelligence (AI) Risk Type filter to sort AI services by High, Medium, and Low risk in the Skyhigh Cloud Registry. Sorting AI services by risk type allows you to take necessary actions to strengthen the defense against associated potential risks. SOCs can review and prioritize the AI services and outline remediations quickly, thereby enhancing the ability to secure their most sensitive data from high-risk AI services. For details, see Filtering AI Services by Risk Type.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To filter AI services by risk type, go to Governance > Cloud Registry > Filters > Artificial Intelligence Risk Type.
Skyhigh CASB for SAP S/4HANA 
Skyhigh CASB for SAP S/4HANA allows Security Operations Center (SOC) admins to secure and monitor user activities in cloud data and User Authorization Management. Skyhigh aims to secure the registration of SAP S/4HANA business users through certificate-based identifiers for activity monitoring and anomaly detection. For details, see About Skyhigh CASB for SAP S/4HANA.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To integrate Skyhigh CASB with SAP S/4HANA, go to Settings > Service Management.
Skyhigh CASB for Google Chat 
Skyhigh CASB for Google Chat provides comprehensive security, enabling IT teams to monitor and protect sensitive content in chat conversations within your organization. Integrate Skyhigh CASB with Google Chat to monitor risky user activities and apply DLP controls to sensitive file uploads or attachments posted in Google Chat. For details, see About Skyhigh CASB for Google Chat.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To integrate Skyhigh CASB with Google Chat, go to Settings > Service Management.
Additional Security Measures for Delta APIs 
Skyhigh CASB Delta API Integration for SharePoint Online and OneDrive now supports the following DLP Policy rules for near real-time DLP on sensitive content uploaded to SharePoint Online and OneDrive services:
- SharePoint Classification
- Microsoft Azure Information Protection
- Seclore Digital Rights Management (DRM)
- Manual and Bulk Remediation
With the new Delta APIs, Skyhigh provides:
- Uninterrupted near-real-time DLP
- Improved DLP policy execution
- Increased control over high-volume API operations
For details, see Skyhigh CASB Delta APIs Early Access Release Notes.
Custom and Sharable Dashboard 
Dashboards summarize the Shadow and Sanctioned cloud services' data configured in your organization using cards. Now, you can create your dashboards, share them with others in your organization, mark them as favorites for easy access. Additionally, set anyone of the dashboards as a home dashboard that appears when you log into the product each time. To customize a dashboard, you can add new cards of various types and rearrange the existing cards.
The default set of dashboards such as My Dashboard, Private Access Dashboard, IaaS Dashboard, Office 365 Dashboard, Web Dashboard, and Isolated Web Dashboards are displayed based on your license.
Using custom and sharable dashboards, you can:
- Share any dashboard of your choice within your organization.
- Create dashboards from your preferred Saved Views.
- Access dashboards easily using the
icon.
For details, see Custom and Sharable Dashboard.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To access Custom and Sharable Dashboards, go to Dashboards, and then click
.
Collect Logs in Real Time 
The Log Stream collects near real-time Security Service Edge web access data within your network or feeds directly into your reporting and analytics tools. You can save the logs to a local directory or send them to your third-party SIEM systems (Security Information and Event Management) through a Syslog server. You can use these files to investigate or analyze with Skyhigh SSE. For details, see Collect Logs in Real Time.
The Log Stream can:
- Identify issues as they occur, which helps address problems without delay.
- Simultaneously download data originating from different log types such as Secure Web Gateway (SWG), Remote Browser Isolation (RBI), Private Access, and Cloud Firewall. This eliminates running multiple instances to collect data from different log types. A single Enterprise Cloud Connector accommodates downloading multiple log types simultaneously.
- ▶ Explore Navigation Details and User Interface
-
Navigation Path: To collect logs in real time, go to Settings > Infrastructure > Cloud Connector > SIEM Integration (Inline) > Log Stream.
Resolved and Known Issues
Click here to view Resolved and Known Issues
- For details, see Skyhigh Security Cloud Bug Fixes and Known Issues.
View Help Content in your Preferred Language
Click here to learn how to change your language
-
You can use the Select Language option to select a language and view the help content in that language.