Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Configure DLP Policy to Bypass URLs

NOTE: From the SSE 6.7.1 release, the bypass list is available for new users. To enable the bypass list for existing users, contact Skyhigh Support

 

Skyhigh provides a global bypass list of predefined URLs for web/shadow services to exclude traffic from specific browser telemetry URLs for DLP evaluation. The predefined bypass list named Bypass List for DLP Scanning in Web includes browser telemetry URLs from major cloud service providers such as Google, Microsoft, and more that should not be processed and scanned by Skyhigh for DLP. This bypass list simplifies the process of excluding specific browser telemetry URLs from being scanned for DLP. 

Security Operations Center (SOC) analysts can leverage the bypass list to reduce the number of false positive DLP incidents. This enables SOC analysts to enhance their organization's data protection strategy and increase operational efficiency in incident management.

To configure Web/Shadow DLP policy to bypass URLs:

  1. In Secure Web Gateway Cloud, go to Policy > Web Policy > Policy.
  2. On the Web Policy tree, select Data Protection (DLP).
  3. In the Data Protection (DLP) configuration area, select the Bypass List for DLP Scanning in Web checkbox to exclude web/shadow services from web DLP evaluation.
    clipboard_e510b8f99c48f1733d5f3ade4bd02eae2.png

NOTE: By default, the Bypass List for DLP Scanning in Web checkbox is selected.

 

  1. Click Bypass List for DLP Scanning in Web to view the DLP Bypass URLs cloud card.
  2. The DLP Bypass URLs cloud card provides the following information and action:
    1. Search List. Search for web/shadow services that are excluded from DLP evaluation based on the pre-configured list. 
    2. Regular Expression. View regular expressions for browser telemetry URLs of web/shadow services that are excluded from DLP evaluation based on the pre-configured list. 
    3. Comment. Provides additional metadata for browser telemetry URLs of web/shadow services that are excluded from DLP evaluation based on the pre-configured list. For example, Google, Microsoft, and more.
      clipboard_ee0458eb29699808071a23852f0e458de.png
  3. Click Close.

Your Web/Shadow DLP policy is now configured successfully to bypass DLP scanning for browser telemetry URLs of web/shadow services included in the Skyhigh predefined bypass list.

  • Was this article helpful?