Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Advance Threat Detection with Skyhigh SSE

  1. Last updated
  2. Save as PDF

To provide sophisticated security intelligence and reputation services, Skyhigh Security leverages extensive integrations with several strategic partners:

Skyhigh collaborates with Trellix

The Skyhigh Cloud Platform utilizes Intelligent Virtual Execution (IVX) and Global Threat Intelligence (GTI) to deliver robust protection. Our threat labs analyze data from millions of sensors worldwide to distribute real-time intelligence through GTI, enabling precise defenses against both established and nascent threats via contextual reputation data. Additionally, Skyhigh SWG antimalware employs dynamic sandboxing, machine learning, and static code analysis to bolster the detection of zero-day vulnerabilities.

Integration with Third-Party Intelligence
Skyhigh enhances its native detection capabilities by allowing clients to integrate feeds from external intelligence providers. This flexibility extends to any source that follows open standards like STIX and TAXII, ensuring that organizations can leverage specialized threat data tailored to their specific industry or geographic risk profile.

Additionally, Skyhigh Security has a robust API framework that consists of Outbound APIs that use HTTP Clients through which the Skyhigh Security engine integrates with third-party threat feeds & uses these feeds directly in the Advanced Threat Detection policies. Skyhigh's outbound APIs have the capability to integrate seamlessly with third-party threat feeds such as IBM X-Force Exchange, ThreatConnect, Digital Element, AlienVaultOTX, CrowdStrike Falcon Intelligence, CSID, Fire Eye Intelligence, Talos, Cyware, Cisco (Kenna), Tenable, Rapid7, Qualys, Recorded Future, Trend Micro, and Cyber Threat Intelligence. Skyhigh can also integrate with both open-source and government threat intelligence.

Additionally, to deliver advanced security intelligence and reputation capabilities, Skyhigh Security maintains deep integrations with several key partners:

  1. Skyhigh and Trellix Collaboration

The Skyhigh Cloud Platform features native integration with Trellix Global Threat Intelligence (GTI) and Advanced Threat Defense (ATD). By leveraging data from millions of global sensors and an expert research team, our threat labs deliver real-time intelligence via GTI. This ensures precise protection against both known and emerging threats through contextual reputation metrics and threat determination. Furthermore, Skyhigh SWG antimalware utilizes a combination of machine learning, dynamic sandboxing, and in-depth static code analysis to enhance the detection of zero-day threats.

2. Cloud Cyber Incident Sharing Center (CloudCISC)

Skyhigh leverages crowd-sourced reports from CloudCISC, an initiative of the Cloud Security Alliance that includes major cybersecurity enterprises and vendors. This allows threats detected by Skyhigh to be cross-referenced against CloudCISC data, including vertical-specific malware incidents, IP reputation, and command-and-control sites.

3. Open Sharing and Public Feeds

Additionally, Skyhigh utilizes open sharing platforms like VirusTotal and other public feeds. These sources are used to ingest Indicators of Compromise (IOC) and determine the status of URLs or hashes associated with phishing attacks, spam, or malicious downloads.

Skyhigh Security's cloud security solutions offer adaptive policies for robust threat protection through advanced threat intelligence and detection mechanisms. The platform integrates Global Threat Intelligence (GTI) and Intelligent Virtual Execution (IVX) to provide real-time defenses against known and emerging threats.

Utilization of Open Sharing and Public Feeds
By ingesting Indicators of Compromise (IOCs) from numerous public platforms and open feeds, Skyhigh can effectively identify whether specific hashes or URLs are linked to malicious activities such as spam, phishing, or malware downloads. This wide-reaching ingestion ensures that even broadly distributed threats are flagged before they can impact the network.

Cloud Cyber Incident Sharing Center (CloudCISC)
Through the Cloud Security Alliance, CloudCISC facilitates the sharing of crowd-sourced incident reports from cybersecurity firms and major enterprises. Skyhigh correlates its own findings with CloudCISC data to gain deeper insights into IP reputation, command-and-control infrastructure, and industry-specific malware trends, providing a community-driven layer of defense that evolves alongside the threat landscape.

 

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.