Skip to main content
Skyhigh Security

About Service Groups

Service Groups allow services to be categorized into groups for Service Governance purposes. For example, you can build a Service Group based on risk score of cloud services that can help you enforce security policies. 

NEW: You can now leverage Service Groups with integrated edge devices. See Firewall and Proxy Integration for more information on this powerful feature.

To manage Service Groups, go to Governance > Service Groups. From this page you can view details on existing service groups or create a new service group.


The following information is displayed in the Service Groups table:

  • Name. A descriptive name for the Service Group. Set when creating or editing a Service Group. Click to go to the Edit Service Group page. 
  • Active Services. The number of services that have been detected within your traffic logs that have been processed by Skyhigh. Click this number to go to the Services Overview page filtered on the service group, which will contain the full list of services in the group.
  • Pending Approvals. The number of open requests waiting for approval by a user with security administrator privileges.
  • Last Updated. The date when the Service Group was last edited.

Select a Service Group in the table to display a Group Details box on the right of the screen. The Group Details box details the following information:

  • Group Name. A descriptive name for the Service Group.
  • Edit. Click to edit the Service Group. 
  • Delete. Click to delete the Service Group. 
  • Services. Click to download a CSV file report of the Services included in the Service Group. The CSV file includes the following columns: Service, Risk, Category, Current Group Assignment, and URLs. If there is more than one URL for a Service, they are included in the same column in a comma-separated list. 
  • Automatic Assignment. Communicates the status of automatic assignment setting. If on, the service group's inclusion criteria will be evaluated daily against Skyhigh's cloud registry.
  • Approvals. Communicates the status of the approval workflow setting. If on, all changes to service groups must be approved by a user with security admin privileges.
  • Notifications. Communicates the status of notification settings. If on, the emails listed in the notification settings section of the service group will receive updates any time a service is added or removed from the group.
  • Last Updated. The date and time of the last edit to the group.
  • Created. The date and time of the creation of the group.
  • Created By. The user who created the group.

Service groups can also be used in conjunction with egress devices to set policies. For more information on policies, see About Cloud Access Policies

  • Was this article helpful?