Skip to main content
Skyhigh Security

4.0.2 Release Notes (November 2018)


On-Demand Scanning Improvements

On-Demand Scans provides a great deal of flexibility to inspect different aspects of your deployment. Now, the entire On-Demand Scan workflow has a new UI, with better information about in-progress scans, new set-up flow, and improved usability. For details, see About On-Demand Scans

Email Notification for Proxy-based Deployments

Customers who have implemented Skyhigh CASB via proxy can now choose an option when creating DLP Policies to send an email to a predefined address or distribution list that contains details regarding the anomalous action. See DLP Policy Response Actions.

HIPAA Policy Templates for Security Configuration

To make it easier than ever to enforce HIPAA policies in AWS, we've grouped together HIPAA-related policy templates under a new category in the Policy Templates page.

Policy Incidents Notes (Beta)

On the Incidents > Policy Incidents page, in the Details pane, you can now add notes to your incidents. Each note added is visible separately below the Notes field. For notes that you have added, you can Edit or Delete them. For notes written by other users, you may only view them. The default limitation is 10 notes per incidents, and 300 characters per note. For details, see Policy Incidents Details

Data Identifier Updates  

Many new Data Identifiers have been added, especially for European Personal Identity numbers. The Data Identifier for U.S. Passports has also been added to North American Personal Identity. For complete details, see Data Identifiers

Custom Keywords for Data Identifiers

You can now create custom keywords for use with Data Identifiers in DLP Policies. For custom keywords, you can use a predefined dictionary or manually enter keywords. The maximum number of custom keywords allowed is 10. For details, see DLP Policy Rules and Rule Groups



New Notifications Pages

The new Global Notification Settings page allows administrators to enable or disable preexisting System Notifications or create custom notifications using Saved Views. For details, see Global Notifications Settings

When enabled, notifications are on by default for all users of a tenant. Users can then disable notifications they are not interested in receiving on the User > Notification Settings page. For details, see User Notification Settings

New Users Page

The Users page provides a unified location for managing existing users and adding new users. This page is only displayed for users with User Management permissions. It's located at Settings > User Management > Users. This page is a refresh of the existing (classic) Users page, which is deprecated.

Preferences Page Deprecation

As part of our continuing efforts to secure Skyhigh CASB, we are deprecating the Preferences page. All user-configurable options have been moved to the User menu.

Service Governance

Audit Log Updates

The Audit Log has been updated to include events from the Policy Incidents page and the Policy Incident Summary page. For details, see Audit Log Events

McAfee Integrations

McAfee ePO Email DLP Integration

The McAfee DLP/McAfee Skyhigh CASB Security Cloud integration has two parts. McAfee DLP synchronizes classification definitions to the McAfee Skyhigh CASB Security Cloud server. This operation takes place automatically when a McAfee DLP classification definition is added or changed if synchronization is enabled in the DLP Settings. Users working in the cloud can use the McAfee classifications used in McAfee Skyhigh CASB Security Cloud policy rules to identify classified files that were uploaded to cloud services, or classified files that were sent as email attachments using Exchange Online.

Cloud-based files that trigger incidents due to McAfee Skyhigh CASB Security Cloud protection rules and are available as incidents in McAfee Skyhigh CASB Security Cloud Incident Manager are pulled into the McAfee ePO database with a regularly scheduled server task and appear in DLP Incident Manager.

McAfee Web Gateway Cloud Service Integration

McAfee WGCS can now automatically exports log files to McAfee Skyhigh CASB Security Cloud, where an Enterprise Connector user can view and process the logs. When McAfee WGCS users are accessing cloud services that are not allowed, a Compliance Manager user can add the services to existing Service Groups or create new groups. Skyhigh CASB exports Service Groups to McAfee WGCS, which imports the Service Groups as subscribed lists. Administrators can add the lists to Access Protection policies as rules.

  • Was this article helpful?