Skyhigh Security Cloud Release Notes 6.1.0 (July 2022)

User Risk Score

Skyhigh CASB allows you to view the User Risk Score for a Sanctioned Skyhigh CASB user in the Activities page (found under Incidents > User Activity > Activities). You can use the risk score to determine the risk that a user poses to your organization's cloud services and data. It allows you to detect and track any changes in a user's typical usage patterns, to identify risks quickly and accurately. 

User Risk Score is measured based on factors such as variance in user's regular behaviour, variance in user's behaviour compared to other users' behaviour, and metadata about the user. This score is displayed based on threats, anomalies, incidents, and activities and is calculated using a weighted average of multiple attributes. For details, see User Risk Score. You can monitor the trend and change in User Risk Score on the User Details Page.

Classifications Page Redesign 

The redesigned Classifications page (found under Policy > DLP Policy > Classifications) provides all previous Classifications actions, plus new search and filtering features. It also provides access to the redesigned Classifications Editor that is powerful and easy to use. This feature is currently available for new customers only. Existing customers will be migrated to the new user interface in a few weeks. For details see, About Classifications Editor.

Classifications for Email Granularity

In DLP Policies for emails, you can now look for data classifications separately in different email locations, such as Email Subject, Email Header, Email Body, Email Attachment. This secures any location where a user can enter content in an email client. For email, the Service Default applies the Classification rule policy to all email content including the Email Subject with the exception of the headers. For other collaboration services, such as Exchange Online, Skyhigh CASB applies the policy to all possible content and metadata locations to find content matches and secure chat messages, documents, or files. For details see, Classification Location for Email Granularity. 

Additional Forensics API Data Fields

When working with the Forensics API to log data about web filtering transactions for a report, new data fields are available to log, for example, malware filtering results or ingress and egress IP addresses of Points of Presence (PoPs).

For more information, see Reporting Fields.

Syncing User Lists in the Web Policy using Active Directory

User Lists in your Web Policy can now sync with your organization's Active Directory (AD) authentication platform to support the rules of your web policy. This synchronization makes sure that you're always working with the most up-to-date set of user information.

Additionally, the syncing allows you to import user lists that have been set up on the Skyhigh CASB User Groups page into the Web Policy.

For more information, see Import a Synchronized User List. 

New Point of Presence (POP)  

 Expanded the POP availability to Hongkong as well.