Skip to main content
McAfee Enterprise MVISION Cloud

Enable Incident Remediation

Skyhigh CASB provides remediation for DLP incidents that a user has manually deleted. This option is only applicable to DLP policies where quarantine/delete responses are not enabled. Incidents are marked Resolved if a member of your team deletes or removes the file or updates the files and removes sensitive content.

Prerequisites

  • To enable SSO SAML for Skyhigh CASB login, see Configure Skyhigh CASB Login for SSO. For End User Remediation, make sure to authorize all users, not just admin users. If you only have basic authentication for Skyhigh CASB, End User Remediation cannot be enabled. 
  • To configure data storage for remediation, see Data Storage

Enable Incident Remediation

  1. Go to Policy > Policy Settings.
  2. Select the Incident Remediation tab. 
    policy_settings_remediation_5.2.1.png
  3. Toggle Autonomous Remediation to ON.
  4. To enable End-User Input, toggle to ON. If SSO is not configured for your tenant, you will not see this option. Then select the response for Low, Medium, and High Severity incidents. 
  5. Click Save.
     
  • Was this article helpful?