Container Image Control Policies
Container Image Control policies allow you to specify which containers are allowed to run on your infrastructure. These containers can run on Virtual Machines or clusters. In Observe Mode, user activities generate events if a disallowed container runs on the VM. In Enforce Mode, user activities generate events, and containers that are not allowed are also terminated and blocked. For details, see Container Image Control Policies.
Request a Service Automated
The Request a Service email feature is now fully automated. If you use a service that is not part of the Cloud Registry, request a service. When you request to add a Cloud Service, a ticket is automatically opened with Skyhigh CASB Support, and your request is sent to the Service Intelligence team for review. You will receive an automatic email when your request is complete, including details about why the service was added or not to the Cloud Registry. For details, see Request a Service.
Vulnerability Scan Permissions Updated for GCP
The minimum permissions required for Vulnerability Scans for Google Cloud Platform have changed from "Project Viewer" to "Storage Object Viewer". For details, see Create a Vulnerability Scan for Container Images.
Vulnerability Report API Updates
Skyhigh CASB has added Vulnerability responses, alerts, and incident types to the Incidents API. For details, see Incidents API.
Optimized Test Rule Results on Security Configuration Audit Policy
In the Policy > Configuration Audit > Create Security Configuration Policy > Rules and Exception page, when you run the test rule, Skyhigh CASB shows the optimized results with a total count of processed records violating the policy and displays the text and more for the unprocessed records. For details, see Create a Security Configuration Audit Policy.