Skip to main content
Skyhigh Security

4.0 Release Notes (September 2018)


AWS Dashboard

The Amazon Web Services Dashboard provides a summary of the AWS data you care about at a glance using cards, which are based on Saved Views. To access the Amazon Web Services, go to Dashboards > Amazon Web Services.  For details, see About the AWS Dashboard

Dashboard Card Options

The Storage Card type has been added for use with AWS, and the Add New Card user interface has been updated. For details, see Add a New Card.  

Sanctioned Apps

DLP Support for Google Team Drives

Skyhigh CASB now allows you to extend DLP control to content shared or uploaded in Google Team Drives. Google Drive DLP policies are automatically expanded to include Google Team Drives, including content-aware policies. As content is shared or uploaded by internal team members, Skyhigh CASB scans the files and compares them to DLP policies. 

User Management

IP Whitelists

Administrators and User Managers can create IP Whitelists, which allow access to Skyhigh CASB from a defined list of IP addresses only. This feature supports SAML and non-SAML workflows.  For details, see Create an IP Whitelist

Policy Management

Delete Incidents 

On the Incidents > Policy Incidents page, you can now select the checkbox(es) for incidents you want to delete. Then click Delete in the confirmation dialog. This action cannot be undone. Large requests may take a few moments to process. For details, see Policy Incidents Page

Policy Incidents Summary Updated User Interface

The user interface for the Policy Incidents Summary page has been updated and improved. For details, see Policy Incidents Summary

New Policy Templates for AWS 

Following is a list of the new policy templates for AWS provided in Skyhigh CASB 4.0 release:

  • Untagged Resources
  • AWS Config is not enabled
  • AWS DNS service must not be used
  • Nearing regional limit for elastic IP addresses
  • AWS CloudFront CDN not in use
  • Insecure Ciphers in CloudFront distribution
  • EBS volume does not have recent snapshot
  • EBS volumes detected and unattached
  • EC2 instance IAM role not enabled
  • Single IAM administrator detected
  • Custom IAM policy grants too many privileges
  • Default access keys in use
  • IAM support role check
  • RDS event subscription not enabled
  • S3 object versioning enabled
  • SNS cross account access
  • VPC Private Gateway IPSec Limit
  • NAT gateway not used

For descriptions of these new policy templates, see the Policy Templates for AWS page.  

Service Governance

Updated Audit Log  

The Audit Log, located at Settings > Audit Log, provides a list of all events performed by registered application users. It has been updated to allow you to drill down and perform detailed Audit Log analysis using extensive filter and search tools. Then export your findings to a CSV file for accurate reporting. For more information, see About the Audit Log

  • Was this article helpful?