Enhanced Security and Efficiency using AI and ML
Limited Availability: ML-driven Potential False Positives is a Limited Availability feature. ML Auto Classifiers and ML-driven Potential False Positives (advanced DLP capabilities) require additional entitlement. Contact Skyhigh Support or your account manager for assistance. |
Skyhigh Security uses Artificial Intelligence (AI) and Machine Learning (ML) in its Security Service Edge (SSE) platform to enhance overall security operations, improve detection accuracy, and streamline administrative workflows across various areas. Our solutions are focused exclusively on Security and Data Protection, ensuring they operate without human and social biases.
These capabilities enable us to:
- Increase Efficiency. AI streamlines Security Operations Center (SOC) workflows by automating alert analysis, prioritizing incidents, and reducing false positives, resulting in faster incident response and reduced analyst fatigue.
- Reduce Complexity. AI minimizes human errors, creates patterns for identifying sensitive data, improves classification accuracy, develops context-aware expressions, and instantly explains new and changing sensitive data types
- Lower Risk. Elevates protection against insider threats by detecting and responding to abnormal user behavior, proactively identifying risks before they escalate. With intelligent anomaly detection it enhances threat visibility and reduces false positives, enabling faster and more accurate responses.
The following key areas demonstrate how Skyhigh Security has utilized AI and ML to develop impactful solutions:
Automate Content Classification with ML-driven Auto Classifiers
Skyhigh uses ML models to process all DLP-scanned content and automatically determine its classification.
Here’s a breakdown of how this process works:
- Classification Process. The ML models analyze both textual and image-based content, determining its classification based on predefined categories. Different models are specifically designed for various types of content, utilizing a combination of statistical methods and neural network techniques.
- Data Privacy. User data is not used in the training of these models, nor retained for that purpose. The models are trained independently using a separate Skyhigh corpus, ensuring data privacy and compliance.
- Operational Boundaries. These models operate exclusively within the confined boundary of the Skyhigh solution, meaning that no content is transmitted outside of these boundaries.
This capability is integrated with DLP, allowing you to automatically detect and classify various types of sensitive files based on Skyhigh pre-trained AI and ML models. For details, see ML Auto Classifiers.
For common queries on ML Auto Classifiers, see FAQs on ML Auto Classifiers.
Simplify DLP Classification with AI Regex Builder/Generator
Skyhigh uses an AI model to build complex regex expressions for DLP classification, and helpful for administrators unfamiliar with the details of regexes.
Here’s a breakdown of how this process works:
- Classification Process. Use the DLP Classification Regex Building Assistant or AI RegEx Generator that seamlessly constructs and comprehends complex Google RE2-compliant regular expressions through a conversation-based interface.
- Data Privacy. All your queries remain confidential and are not used for training. However, responses may rely on standard external large language models that are independently trained.
- Privacy Notice for Data Input. Refrain from entering confidential, personal, or sensitive data into the query field. Information entered is transmitted to an external AI service to generate the required answers. The AI-generated answers are only to aid the expression building.
This capability is integrated with DLP, allowing you to simplify the task of building complex expressions and minimize the chances of inaccuracies. For details, see AI RegEx Generator for Custom Advanced Patterns.
Minimize Potential False Positive Incidents with ML
Skyhigh uses ML models to identify and predict incidents that are most likely to be false positives and ensures data integrity and privacy in user incident prediction models.
Here’s a breakdown of how this process works:
- Data Training and Isolation. The ML models are trained based on users' incident metadata. User data isolation and security are maintained through strict tenant separation. Each user's data remains completely segregated, ensuring that analytics and predictions for one tenant are exclusively based on their data, without any cross-tenant data sharing or influence on outcomes.
- Operational Boundaries. These models operate exclusively within the confined boundary of the Skyhigh solution, meaning that no content is transmitted outside of these boundaries.
This capability is integrated with DLP, allowing you to automatically detect and classify sanctioned DLP incidents that may be false positives. It also provides actionable insights, including the statistics for ML-driven Potential False Positives and a comprehensive list of potential false positive incidents. For details, see About ML-Driven Potential False Positives.
Enhanced Threat Detection and Remediation with UEBA
The Skyhigh CASB Threat Protection offers real-time detection and remediation of threats and anomalies, ensuring enhanced security, compliance, and data governance across sanctioned cloud services. As AI becomes integral to applications, sensitive data faces growing vulnerabilities, demanding robust security at every level. To address these challenges, Skyhigh Security delivers purpose-built solutions that empower organizations to maintain control, prevent data leaks, and safeguard users in the evolving AI era.
Here’s a breakdown of how this process works:
- Data Training and Isolation. Skyhigh models train on tenant-specific data to derive threat vectors and pinpoint anomalies. User data isolation and security are maintained through strict tenant separation. Each user's data remains completely segregated, ensuring that analytics and predictions for one tenant are exclusively based on their data, without any cross-tenant data sharing or influence on outcomes.
- Operational Boundaries. These models operate exclusively within the confined boundary of the Skyhigh solution, meaning that no content is transmitted outside of these boundaries.
Enhanced Content Classification with GAM
Skyhigh processes all Generalized Additive Models (GAM) scanned content through its ML models to automatically determine the classification of the content.
Here’s a breakdown of how this process works:
- GAM Model Techniques. Different models are specifically designed for various attack vectors, utilizing a combination of statistical methods and neural network techniques.
- Data Privacy. User data is not used in the training of these models, nor retained for that purpose. The models are trained independently using a separate Skyhigh corpus, ensuring data privacy and compliance.
- Operational Boundaries. These models operate exclusively within the confined boundary of the Skyhigh solution, meaning that no content is transmitted outside of these boundaries.