The MITRE Dashboard provides a holistic view of different types of activities that are compromised in the infrastructure of cloud services such as Salesforce, Box, Office 365, and more. The MITRE ATT&CK framework identifies compromised activities and evaluates an organization's risk. For details, see About the MITRE Dashboard.
Resources Connections Graph View
The Resource Connections Graph View provides an interactive graph of IaaS and Container Security resource connections and network flow for AWS, Microsoft Azure, and Google Cloud Platform (GCP). If you have enabled Amazon Virtual Private Cloud (VPC) Flow Logs, the connections graph is also overlaid with VPC Flow Logs data. For details see, About Resources.
Connected Apps for Microsoft Office 365
Connected Apps now supports Microsoft Office 365, which is enabled by default when you integrate Skyhigh CASB with O365. For details, see About Connected Apps.
Connected Apps Date Picker and Chart View
The Connected Apps page now includes a date picker, which allows you to select a preset or custom date range to display data for only this date range. It also includes a Chart View, which allows you to display your Connected Apps data in a chart. For details, see Connected Apps Page.
Updated Threats and Anomalies
The Threats and Anomalies pages now have an updated user interface and discrete locations in the Skyhigh CASB menu. Skyhigh CASB's Threat Protection enables real-time threat and anomaly detection and remediation for security, compliance, and data governance across all Sanctioned Cloud Services. For details, see Threats and Anomalies.
Policy Violation Filter to Sanctioned DLP
On the Policy Incidents Summary and Policy Incidents page, as of Unified Cloud Edge 1.5, the Incident Type filter label and Omnibar value Policy Violation is changed to Sanctioned DLP. For details, see Policy Incidents Summary.
ServiceNow File Decryption
ServiceNow file decryption is supported for both single file and bulk file download. For details, see Configure ServiceNow Encryption.
Multi-Geo Model for Office 365
Skyhigh CASB supports the Multi-geo capabilities for SharePoint and OneDrive. For details, see Multi-Geo Model for Office 365.
Tombstone Configuration (Reverse Proxy)
In the Policy Settings page, the Tombstone Configuration (Reverse Proxy) tab allows you to create and upload a custom tombstone file, also called a blocked message file, for specific user actions instead of the default McAfee tombstone file. For details see Tombstone Configuration (Reverse Proxy).
Granular RBAC Report from the Users Page
On the Settings > User Management > Users page, an administrator can export a CSV file of users and roles. This report now includes a list of the user's current roles, access privileges, and resources, as well as information on Shadow, Sanctioned, and Web Jurisdictions. For details, see Export Users and Roles to a CSV File.
Cloud Security Advisor New or Discontinued Metrics
In the Cloud Security Advisor, new metrics are occasionally introduced and old ones are discontinued. For this reason, you may see a drop in your Visibility and Control scores or you will see new behavior in the Quarter comparison graph. For details, see Cloud Security Report.
Container Assets in the Resources Connections Graph View
The Resource Connections Graph View provides an interactive graph of IaaS and Container Security resource connections and network flow for AWS, Microsoft Azure, and Google Cloud Platform (GCP).It also provides visibility of container assets for Azure Container Registry (ACR) and Google Container Registry (GCR), displaying container images stored as resources, and operating system inventory from container images. For details see, About Resources.
Vulnerability Incident Details
On the Policy Incidents page, when you filter for Vulnerability Violations, the Details pane provides an extended view. Incident details include a list of all Vulnerabilities, then a link to the specific CVE you want to investigate. For details, see Vulnerability Incident Details.
Discover Container Assets for ACR and GCR
The Resources page also provides visibility of container assets for Azure Container Registry (ACR) and Google Container Registry (GCR), displaying container images stored as resources, and operating system inventory from container images. For details see About Resources.
Search for Container Assets
On the Resources page, in the Omnibar, you can now search for CVE Numbers, Namespaces, Packages, and Operating Systems. (OS’), & packages. This is supported for ECR and ACR. For details see, CVE Number Search and About Resources.
The Vulnerabilities report for Container Security lists all of the Common Vulnerabilities and Exposures (CVEs) stored in your container images. For details, see Report - Vulnerabilities.