Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Skyhigh Security Cloud 6.8.0 Release Notes (Feb 2025)

Legends Used

General Availability   GA.png            Limited Availability   LA.png

 

IMPORTANT: The Skyhigh Security Cloud 6.8.0 release addresses significant library updates for enhancing security and stability. For additional information about these fixes and updates, contact Skyhigh Support.

Skyhigh Cloud Platform

Skyhigh Data Loss Prevention (DLP) 

ML-driven Automatic Data Classification GA.png

ML Auto Classifiers automatically detect and classify text and image-based files across sanctioned and shadow/web services, and identify sensitive documents like financial reports, patient records, patents, source code, and ID files across different formats. Security Operations Center (SOC) analysts can use these classifiers to discover real-time sensitive data and apply granular DLP policy controls, enhancing the organization’s data protection strategy and enabling quick and effective responses to data loss incidents. By leveraging AI and machine learning, ML Auto Classifiers improve data governance, support robust DLP policies, streamline management by eliminating manual classification, and enhance operational efficiency. They also offer scalable solutions for large data volumes, provide insights into classification confidence, and minimize false positives and negatives.

Utilize ML Auto Classifiers to categorize sensitive files (Classifications page) and review triggered matches along with their confidence levels (Policy Incidents page):

  1. ML Auto Classifier Condition. Use the ML Auto Classifier rule on the Classifications page to automatically classify sensitive files.
▶ Explore Navigation Details and User Interface

Navigation Path: To access ML Auto Classifiers, go to Policy > DLP Policies > Classifications > Create Classification > Conditions > ML Auto Classifier

ML Auto Classifiers 1.png
  1. ML Auto Classifiers Component. Access the ML Auto Classifiers component on the Sanctioned DLP Policy Incident cloud card to view the triggered matches for file categories along with their confidence percentages. For details, see ML Auto Classifiers.
▶ Explore Navigation Details and User Interface

Navigation Path: To access the Sanctioned/Shadow DLP cloud card, go to  Incidents > Policy Incidents > Filter Incident Type as Sanctioned DLP or Shadow/Web DLP > Select any incidents on the table

ML Auto Classifiers 2.png  clipboard_e156db7b3cb57076447bdef993ff9b8f5.png

User Unique Identification Number (UID) for DLP Incidents  LA.png

The User Unique Identification Number (UID) filter has been introduced for Data Loss Prevention (DLP) incidents to enhance the ability to manage and analyze security incidents within your organization. The User UID is a unique identification number assigned to each user, allowing Security Operations Center (SOC) analysts to obtain a comprehensive view of all DLP incidents linked to a specific user across Sanctioned, Shadow/Web, and Private applications. It enables SOC analysts to take quick and effective remediation action. Additionally, It enhances the organization's data protection strategy and increases operational efficiency in incident management.

You can access and review specific information related to User UID on the Policy Incidents page.

Capability of User UID on Policy Incidents:

  1. Filter DLP Incidents. Apply the User UID filter on the Policy Incident cloud card to view all DLP incidents associated with a specific User UID directly on the Policy Incidents table.
▶ Explore Navigation Details and User Interface

Navigation Path: To access User UID, go to Incidents > Policy Incidents > Select any incidents on the table

User Unique Identification Number (UID) for DLP Incidents 1.png

  1. Search for User UIDs. Use the omnibar to search for specific User UIDs. This capability allows for quick access to DLP incidents linked to particular users.
  2. View User UID Column. Include a User UID column in the incident table to generate reports. For details, see  Policy Incidents Page Cloud Card.
▶ Explore User Interface
 
User Unique Identification Number (UID) for DLP Incidents 2.png
ML-driven Potential False Positive Detection LA.png

ML-driven Potential False Positives automatically identify and classify likely false positive DLP incidents, enabling Security Operations Center (SOC) analysts to access detailed statistics and a comprehensive list of these incidents. This capability helps minimize false positives and refine DLP policies, enhancing operational efficiency in incident management. AI-ML Powered Automatic Incident Categorization further streamlines DLP management by using machine learning to identify recurring patterns, reducing investigation time and costs while supporting large incident volumes. It boosts confidence in false positive identification, accelerates response times, and provides insights into trends over the past 30 days.

You can review Sanctioned DLP incidents detected and categorized as potential false positives on the Policy Incidents page.

Capability of ML-driven Potential False Positives on Policy Incidents:

  1. Potential False Positives Summary. You can view the total count of potential false positive incidents, along with recent trends and changes in their volume. 
  2. Filter for Potential False Positives. This capability applies specifically to Sanctioned DLP Incidents. Filter the Incident Type as Sanctioned DLP, and apply the Machine Learning Status filter as Potential False Positive to display all potential false positive incidents within your organization.
▶ Explore Navigation Details and User Interface

Navigation Path: To access ML-driven Potential False Positives, go to Incidents > Policy Incidents.

ML-Driven Potential False Positive Detection 1.png
  1. Review and Validate Potential False Positives. The Sanctioned DLP Incident Cloud Card now features a Potential False Positive section within the Machine Learning Status component. This addition allows for efficient validation of incidents classified as potential false positives. For details, see About ML-Driven Potential False Positives.
▶ Explore User Interface
 
ML-Driven Potential False Positive Detection 2.png
Additional DLP Enhancement GA.png
Enhanced File Size Limits for Shadow/Web DLP  Evidence 

Skyhigh has increased the maximum limit for Shadow/Web DLP evidence files from 50 MB to 150 MB. You can now save and download larger evidence files for Shadow/Web DLP incidents using the Shadow/Web DLP Policy Incident Cloud Card or API. This enhancement allows for comprehensive analysis of significant policy violations, facilitating in-depth investigations, and effective remediation of security incidents. For details, see Save Shadow/Web DLP Evidence and Match Highlights.

Data Classification Enhancements GA.png
Increased Classification Limit 

Skyhigh has increased the maximum limit for total DLP classifications from 1000 to 2000 per tenant, which includes 82 Skyhigh pre-canned classifications. This expansion enables you to create and manage a wide range of custom classifications, enhancing your ability to meet diverse data protection needs, refine DLP policies, and improve the accuracy of incident detection and response. For details, see About Classifications.

Enhanced User Experience in Classification Management

You can now access the Create Classification and Test Classification options directly on the Classifications page, eliminating the need to navigate through the Actions menu. This enhancement streamlines the workflow, making it faster and more intuitive to manage your classifications. For details, see About Classifications.

▶ Explore Navigation Details and User Interface

Navigation Path: To access Create Classification and Test Classification options, go to Policy > DLP Policies > Classifications > Create Classification and Test Classification

Enhanced User Experience in Classification Management.png

Skyhigh SSE Products

Skyhigh Secure Web Gateway

Configure System Error Notifications Using Custom Templates GA.png

You can now customize the End User Notification Settings for system errors by using a custom template. To do this, check the list of system errors in the System Error Mapping section. Select the required system error to configure the corresponding End User Notification. This enables you to display notifications to end users that include relevant system error information. For details, see Configure System Error Notifications Using Custom Templates.

Explore Navigation Details and User Interface

Navigation Path: To access System Error Mapping, go to Policy > Web Policy > Feature Configuration > End User Notification Settings > System Error Mapping.

Additional Skyhigh Secure Web Gateway Enhancements
Update an Imported HTML File

To replace an imported HTML file, click the Edit icon (  ) in the Action menu. If an existing HTML file requires updates, you can upload the revised HTML file to the End User Notification Pages using the Edit option. This allows you to view updates via an alert or block notification, including new logos, headers, and template details added to the HTML file. For details, see Import an HTML Template for an End User Notification Page.

Explore Navigation Details and User Interface

Navigation Path: To access edit icon, go to Policy > Web Policy > End User Notification Pages > Custom Templates > Actions > Edit Icon.

Update Imported HTML.png

View Referenced Ruleset and Policy Components

Skyhigh Secure Web Gateway  now includes a Show References option in the Actions menu on both the List Catalog and Feature Config pages. This feature allows you to view the Rulesets associated with a selected List or Feature Config. When you click Show References, a reference bar will appear, displaying the names of the linked Rulesets. You can click the hyperlinks for each Ruleset to access and review them. Additionally, when deleting a List or Feature Config, this option allows you to see where it is used within the Ruleset. For details, see View Rule Set References.

▶ Explore Navigation Details and User Interface

Navigation Path: To access Show References, go to Policy > Web Policy > Feature Configuration > Actions > Show References. 

list 1.png

Warning Notification: Selective Traffic Redirection 

When configuring Skyhigh Client Proxy policies, a warning message displays when selecting the Redirect only Private Access traffic to cloud checkbox. The warning message displays: Redirect only Private Access traffic to cloud. Other sources traffic will not be redirected to the cloud. This message clarifies that enabling this option will ensure that only Private Access traffic is redirected to cloud services, while all other traffic will remain unaffected. This approach enhances control and security over network traffic management by directing Private Access traffic appropriately toward cloud services. For details, see Traffic Redirection.
 

▶ Explore Navigation Details and User Interface

Navigation Path: To access Redirect only Private Access traffic to cloud checkbox, go to Settings > Infrastructure > Client Proxy Management> Configuration Policies> Traffic Redirection > Redirect only private access traffic to cloud.

redirect only PA.png

UI Enhancement for HTTP Protocol Ruleset 

The Skyhigh Secure Web Gateway has enhanced usability by improving the flexibility of the HTTP Protocol Preset Rules, now featuring new menu options.

  • Edit List: Modify existing rules.
  • Select Different List: Choose from predefined Ruleset.
  • Create New List: Create custom lists.

These enhancements include two specific HTTP Protocol Preset Rules: Set connection header to closed to block persistent connections and Block chunked transfer encoding between client and proxy. For details, see HTTP Protocol.

▶ Explore Navigation Details and User Interface

Navigation Path: To access new menu options, go to  Policy > Web Policy > Policy > Common Rules > HTTP Protocol.

release notes image.png

Remote Browser Isolation

Disable the Skyhigh Logo in Isolated Browsers  GA.png

You can now hide the Skyhigh logo in browsers while using Full and Risky Isolated browsers. By default, the Skyhigh logo is displayed. Select the Disable Skyhigh logo near browser address bar checkbox to hide the logo. For details, see Full Isolation — Use Browser Isolation for Websites Based on Your Own Selection.

▶ Explore Navigation Details and User Interface

Navigation Path: To access Disable Skyhigh logo near the browser address bar checkbox, go to  Policy > Web Policy > Policy > Browser Isolation > Full Isolation > Browser Settings > Disable Skyhigh logo near the browser address bar. 

Disable Skyhigh logo.png

Skyhigh CASB

OCR Support in Microsoft Teams Chats/Channels GA.png

Skyhigh CASB for Microsoft Teams allows security admins to define DLP policies to monitor and remove the sensitive content in images shared in chats/channels by copying and pasting them. For details, see Microsoft Teams Secure Collaboration Use Cases.

▶ Explore Navigation Details

Navigation Path: To identify and remove sensitive content in the pasted images, go to Policy > DLP Policies > Classifications.

Microsoft Intune Company Portal App Support via Reverse Proxy GA.png

Integrate the Intune Company Portal app with Skyhigh CASB to securely access the organization's resources on personal or company-owned devices like smartphones, tablets, and laptops. By enforcing policies that control how data is accessed, shared, and protected across devices and applications, you can prevent sensitive or confidential data exfiltration, ensuring secure and compliant usage of organizational resources. For details, see Microsoft Intune Company Portal App Support via Reverse Proxy.

▶ Explore Navigation Details

Navigation Path: To enroll your device with the Intune Company Portal app via a reverse proxy, go to Policy > Access Control > Access Policies.

Salesforce Winter 2025 Support GA.png

Skyhigh CASB now supports the latest Salesforce Winter 2025 version. For details, see Supported Versions of Structured Apps.

Salesforce-Winter-25-Release.webp

ServiceNow Xanadu Q4 2024 Support GA.png

Skyhigh CASB now supports ServiceNow Xanadu Q4 2024. For details, see Supported Versions of Structured Apps.

Xanadu_Image.png

Filter AI Services by Risk Type GA.png

Use the Artificial Intelligence (AI) Risk Type filter to sort AI services by High, Medium, and Low risk in the Skyhigh Cloud Registry. Sorting AI services by risk type allows you to take necessary actions to strengthen the defense against associated potential risks. SOCs can review and prioritize the AI services and outline remediations quickly, thereby enhancing the ability to secure their most sensitive data from high-risk AI services. For details, see Filtering AI Services by Risk Type.

▶ Explore Navigation Details and User Interface

Navigation Path: To filter AI services by risk type, go to  Governance > Cloud Registry > Filters > Artificial Intelligence Risk Type.

AI_Risk_Column_ForRNs.png

Skyhigh CASB for SAP S/4HANA LA.png

Skyhigh CASB for SAP S/4HANA allows Security Operations Center (SOC) admins to secure and monitor user activities in cloud data and User Authorization Management. Skyhigh aims to secure the registration of SAP S/4HANA business users through certificate-based identifiers for activity monitoring and anomaly detection. For details, see About Skyhigh CASB for SAP S/4HANA.

▶ Explore Navigation Details and User Interface

Navigation Path: To integrate Skyhigh CASB with SAP S/4HANA, go to Settings > Service Management.

SAP HANA_Selected.png

Skyhigh CASB for Google Chat LA.png

Skyhigh CASB for Google Chat provides comprehensive security, enabling IT teams to monitor and protect sensitive content in chat conversations within your organization. Integrate Skyhigh CASB with Google Chat to monitor risky user activities and apply DLP controls to sensitive file uploads or attachments posted in Google Chat. For details, see About Skyhigh CASB for Google Chat.

▶ Explore Navigation Details and User Interface

Navigation Path: To integrate Skyhigh CASB with Google Chat, go to Settings > Service Management.

Instance_Selected.png

Additional Security Measures for Delta APIs LA.png

Skyhigh CASB Delta API Integration for SharePoint Online and OneDrive now supports the following DLP Policy rules for near real-time DLP on sensitive content uploaded to SharePoint Online and OneDrive services:

  • SharePoint Classification
  • Microsoft Azure Information Protection
  • Seclore Digital Rights Management (DRM)
  • Manual and Bulk Remediation

With the new Delta APIs, Skyhigh provides:

  • Uninterrupted near-real-time DLP
  • Improved DLP policy execution
  • Increased control over high-volume API operations

For details, see Skyhigh CASB Delta APIs Early Access Release Notes.

Custom and Sharable Dashboard LA.png

Dashboards summarize the Shadow and Sanctioned cloud services' data configured in your organization using cards. Now, you can create your dashboards, share them with others in your organization, mark them as favorites for easy access. Additionally, set anyone of the dashboards as a home dashboard that appears when you log into the product each time. To customize a dashboard, you can add new cards of various types and rearrange the existing cards.

The default set of dashboards such as My Dashboard, Private Access Dashboard, IaaS Dashboard, Office 365 Dashboard, Web Dashboard, and Isolated Web Dashboards are displayed based on your license.

Using custom and sharable dashboards, you can:

  • Share any dashboard of your choice within your organization.
  • Create dashboards from your preferred Saved Views.
  • Access dashboards easily using thePlusIcon_Without Border - Copy.png icon.

For details, see Custom and Sharable Dashboard.

▶ Explore Navigation Details and User Interface

Navigation Path: To access Custom and Sharable Dashboards, go to Dashboards, and then clickPlusIcon_Without Border - Copy.png.
Next_Gen_Dashboard.png

Collect Logs in Real Time LA.png

The Log Stream collects near real-time Security Service Edge web access data within your network or feeds directly into your reporting and analytics tools. You can save the logs to a local directory or send them to your third-party SIEM systems (Security Information and Event Management) through a Syslog server. You can use these files to investigate or analyze with Skyhigh SSE. For details, see Collect Logs in Real Time.

The Log Stream can:

  • Identify issues as they occur, which helps address problems without delay. 
  • Simultaneously download data originating from different log types such as Secure Web Gateway (SWG), Remote Browser Isolation (RBI), Private Access, and Cloud Firewall. This eliminates running multiple instances to collect data from different log types. A single Enterprise Cloud Connector accommodates downloading multiple log types simultaneously.
▶ Explore Navigation Details and User Interface

Navigation Path: To collect logs in real time, go to Settings > Infrastructure > Cloud Connector > SIEM Integration (Inline) > Log Stream.
 Add_New_Configuration_RecentPic.png

Resolved and Known Issues   

new note.png Click here to view Resolved and Known Issues
  For details, see Skyhigh Security Cloud Bug Fixes and Known Issues.             

View Help Content in your Preferred Language

 
new note.png Click here to learn how to change your language

You can use the Select Language option to select a language and view the help content in that language.

Select language.png

  • Was this article helpful?