Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Focused View for Policy Incidents

Limited Availability: Focused View and Default View for Policy Incidents are Limited Availability features. To enable Focused View and Default View for Policy Incidents, contact Skyhigh Support

Skyhigh provides a focused view for easy and quick visibility into all the critical sanctioned DLP policy incidents on the Policy Incidents page (found under Incidents > Policy Incidents > Views > Focused View). It is a unified list of the most vulnerable policy incidents within your organization. The focused view automatically displays incidents based on pre-configured filters such as incident status (new, opened, and machine learning status (unassigned)).

This simplified and automated view enables you to gain insights into the relevant policy incidents and perform additional forensics on the generated incidents. You can use the focused view to detect, analyze, and mitigate important policy violations proactively. This predefined view also allows you to monitor and manage policy violations efficiently. 

For example, enabling the Focused View feature allows Security Operations Center (SOC) administrators to streamline investigations and concentrate on critical policy incidents, enhancing their ability to protect sensitive data and respond proactively to security threats.

NOTE: You can set the focused view as your preferred view for the Policy Incidents page. For details, see Select a Default View for Policy Incidents

 

clipboard_eb8e3f62e972341c03ab5df33e0bd59a3.png

► Advantages of Focused View

Security Operations Center (SOC) administrators can leverage the following benefits of the Focused View:

  • Automatic Incident Prioritization. Automatically highlights high-priority incidents that can be potential threats or anomalies.
  • Rapid Incident Response. Quicker response time for vulnerable incidents, such as the latest and unresolved incidents.
  • Reduced Noise. Minimizes the volume of irrelevant incidents, such as old, resolved, and assigned incidents in the incident list.
  • Actionable Insights. Provides actionable insights to accelerate the incident remediation process, such as blocking access, quarantining files, or notifying users.
  • Enhanced User Experience. Set the focused view as your preferred view for the Policy Incidents page. 
  • Trends and Analytics. Includes visualizations of priority DLP incidents to monitor trends or patterns in policy breaches over time.
  • Streamlined DLP Administration. Streamlines DLP management by reducing fatigue, investigation time, and costs in SOC operations.
  • Compliance Adherence. Ensures compliance with data privacy regulations and industry standards. 
  • Was this article helpful?