Skip to main content
Skyhigh Security

What's New in 3.2

Skyhigh for Custom Applications

Skyhigh CASB for Custom Applications brings a new way to extend security, compliance and governance capabilities to home grown applications deployed in public cloud such as AWS.

Skyhigh CASB's Custom App solution uses machine learning to detect map application activity without writing a single line of code. It automatically records application interactions, and suggests important application activities to be tracked. Once the activities are mapped, then Skyhigh CASB allows administrators to enforce data loss prevention policies and enable access control policies for managed versus unmanaged devices. A detailed audit trail of end-user activity is also available for forensics and investigations. 

Skyhigh Threat Protection

Superhuman Anomalies

Skyhigh CASB has developed a new method of filtering superfluous Superhuman Anomalies. Superhuman Anomalies are defined as two user-generated events that originate from different geographical locations with a non-human traversable distance, given the time period between events. Many Superhuman Activities can be explained by simple network switching activity. These types of events are known as non-anomalous activities, meaning that they're expected, and aren't concerning. 

New Superhuman Anomaly filters help tune out the superfluous activities from trusted sites, significantly reducing the signal-to-noise ratio. These filters allow you to define trusted ISPs and edge services. In addition, Skyhigh CASB adds a layer of user behavior analysis to sift out the day-to-day non-anomalous activities. As a result, only user-generated events from geographical areas that are not trusted, or from an odd ISPs trigger Superhuman Anomalies, thereby increasing the focus on investigation and remediation of business-critical threats. You can tune each Superhuman Anomalies filter type to suit your organization's distinct network footprint and business model. Superhuman Anomalies appear in the Anomalies page and trigger the Compromised Accounts Threat.

Skyhigh Policy Management

Policy Templates

Skyhigh CASB now provides pre-defined policy templates, making it easier than ever to set up DLP policies. Complicated regulatory policies, as well as several types of data protection policies, are pre-populated, ready to be customized and then deployed.

You'll find Policy Templates for Confidential or Classified Data Protection, Customer and Employee Data Protection, Network Security Enforcement, US Regulatory Enforcement, and UK and International Regulatory Enforcement. Polices that require dictionaries are pre-populated with those dictionary files, which also saves a lot of time. Default Policy Templates can be modified, saved, and exported to other tenants.

Bulk Remediation

Following on the heels of Bulk Status Updates, Bulk Remediation allows you to remediate up to 100 violations at one time. Because remediation can take some time to complete, these tasks are handled on the backend, meaning you're able to continue working while Skyhigh CASB handles violations.

Keyword DLP Policy Improvements

When creating Keyword-based DLP policies, you can now specify the distance between two keywords that still produces a match. For example, entering "ABA routing"~3 allows up to three words to separate "ABA" and "routing" and the file will still match the policy. Additionally, a new Match Criteria menu allows you to choose to Match Any or Match All keywords in a policy.

Cloud Access Policy Naming Improvements

Action names in Cloud Access Policies have been renamed to make the action more descriptive. 

Previous Action Name New Action Name
Register Device Check Cert: Proxy Managed, Block Unmanaged
Register Device (Passthrough) Check Cert: Proxy All
Register Device (Redirect) Check Cert: Redirect Managed, Block Unmanaged
Redirect Skip Cert Check: Redirect All

Skyhigh for Sanctioned IT

Office 365 Security Integrator App

Skyhigh CASB's Security Integrator App is a Azure Web App that allows O365 administrators to configure DLP and activity monitoring for OneDrive and SharePoint sites. In the latest version, administrators can choose to automatically monitor all users/sites, or choose just a subset of specific users for DLP and event monitoring in OneDrive. 

Other improvements include more efficient background loading of OneDrive users, SharePoint sites, and API-based searches, streamlining the user experience. Please note that this application was previously known as the Secure Content Integrator app.

DLP for Office 365 Group Sites

You can easily extend Skyhigh CASB DLP polices as employees collaborate in Office 365 group sites to scan for sensitive content.

Skyhigh for Google Drive Secure Collaboration

Secure Collaboration with Google Drive provides enhanced monitoring of shared activity and sensitive content. In addition to applying DLP policies to modify sharing permissions, you can detect and remove public links, preventing the external sharing of files that contain content that must not leave your cloud. Skyhigh CASB has added several content-aware Collaboration Policy options that are specifically for Google Drive Collaboration.

Skyhigh Device Management

Active Directory Integration for Device Management

The Active Directory Integration enables you to secure mobile-cloud usage while allowing your users to remain productive. Leveraging device information from custom attributes configured in AD allows you to manage access for devices without additional overhead. If you'd like to force users to sign in with two-factor authentication or log in to SSO before accessing CSPs on unsecured networks, you can create Cloud Access Policies to dictate those behaviors and add them on top of this integration.

Registered Device Deletion

You can now delete registered devices from the Device Overview page.

Skyhigh User Management

Detokenization Role 

The Detokenization Privilege user role has been added to RBAC.  As a standalone access level, the Detokenization user is able to reveal user names instead of random tokens. This role must be added to any user who should have the privilege.

Known Issue

On the Firewall/Proxy Integration page, whenever a service is added or removed within a service group, the #URLs and Changes Since Last Sync columns may take a few minutes to update, or may only be updated when you refresh the page. However, the # Services column is updated in real time.

  • Was this article helpful?