Skyhigh Security Reviews

My main use case for Skyhigh Security is primarily for CASB functionality, SaaS security visibility, cloud data protection, and policy enforcement across enterprise collaboration platforms. The platform helps us to monitor and control data movement across Microsoft 365, Teams, OneDrive, SharePoint, and other cloud applications used globally by different business units.

On a daily basis, I mainly use Skyhigh Security for monitoring cloud applications activities, reviewing risky user behavior, and enforcing data protection policies across SaaS platforms. A common use case is monitoring external file sharing activities in Microsoft 365 environments, especially OneDrive, SharePoint, and Teams. The platform helps identify when sensitive files are shared externally, for example, or when users attempt actions that violate internal security policies.

Another frequent use case I have is Shadow IT visibility. The platform helps identify cloud applications being used without formal approval, allowing the security team to evaluate risk levels and decide whether the application should be allowed, restricted, or monitored more closely. From a governance perspective, the DLP capabilities are used daily to monitor sensitive data movement and enforce compliance-related controls across cloud collaboration platforms.

The best features Skyhigh Security offers, in my view, include centralized cloud visibility combined with strong data protection controls. It gives security teams a clear view of how users interact with SaaS applications while also allowing granular policy enforcement for sensitive data across platforms such as Microsoft 365, Teams, OneDrive, or SharePoint.

Regarding the centralized visibility, it makes it much easier to understand what is happening across cloud platforms without needing to jump between separate admin consoles, for example. Instead of manually reviewing activities inside each SaaS application individually, security teams can monitor user behavior, file sharing activities, policy violations, and risk actions from a more unified view. This improves investigation speed because analysts can quickly correlate events and identify unusual behavior patterns without losing time gathering information from different tools.

From a management perspective, it also improves communication between security, compliance, and infrastructure teams because everyone is working from a more consistent set of visibility and reporting data.

Skyhigh Security is, in my view, a strong platform. Of course, there are still areas where the user experience and operational workflows could be improved. One area for improvement is simplifying the initial deployment and policy tuning process. In large enterprise environments, configuring CASB and DLP policies across multiple SaaS platforms can become complex and time-consuming, especially when trying to balance security controls with user productivity.

Another improvement in my view is related to the platform improving dashboard usability and investigation workflows. While the amount of data and visibility is valuable, some reporting and navigation areas can feel less intuitive than newer cloud-native security platforms.

Another improvement opportunity, in my view, is alert tuning and noise reduction. Many security monitoring solutions require achieving the right balance between visibility and excessive alerting through continuous optimization. More intelligent prioritization and contextual risk scoring could help reduce analyst fatigue.

I have been using Skyhigh Security for around two to five years.

Skyhigh Security is stable.

Scalability has been one of the stronger aspects of Skyhigh Security in our experience. The platform handled large enterprise environments reasonably well, including distributed users, multiple SaaS applications, and hybrid infrastructure scenarios.

The customer support, in my experience, has generally been good, especially for enterprise-level cases and platform-related troubleshooting.

I previously relied more heavily on native security controls combined with multiple separate monitoring and governance tools before expanding the use of a more centralized CASB. As cloud adoption increased, especially around Microsoft 365 workloads, it became more difficult to manage security monitoring and DLP-related controls through disconnected tools and individual applications. An important factor was improving visibility into Shadow IT, external collaboration risks, and user behavior across multiple cloud applications from a single platform. The transition was also driven by the need to standardize cloud security operations and reduce the operational complexity associated with managing multiple tools.

In our environment, Skyhigh Security is primarily used in a hybrid cloud environment in our organization. Most of the focus is around protecting public cloud services and SaaS, especially collaboration platforms such as Microsoft 365, Teams, OneDrive, and SharePoint, while still integrating with existing on-premises security and governance processes. The environment includes a combination of cloud-native applications, remote users, and traditional enterprise infrastructure, so the hybrid approach works well for centralized visibility and policy enforcement across different types of environments.

The solution was not purchased through the AWS Marketplace. It was handled through the organization's standard enterprise procurement and vendor management process, which is more common for large enterprise security platforms and multi-license agreements.

I have seen a positive return on investment mainly through improved operational efficiency, better cloud visibility, and stronger governance across SaaS environments.

My experience with pricing, setup cost, and licensing is generally in line with what you would expect for an enterprise cloud security and CASB platform. Licensing can become complex depending on the number of users, integrations, data protection requirements, and other features. From a setup perspective, the biggest investment was not necessarily in the platform deployment itself, but the time required for policy design, governance alignment, integration planning, and operational tuning, for example. The organization should be prepared for ongoing operational effort related to policy optimization, alert tuning, and governance management after the deployment.

Before I evaluated Skyhigh Security, I evaluated other solutions. The evaluation included a mix of native cloud security capabilities and enterprise CASB platforms. Some of the main alternatives considered were Microsoft Defender for Cloud Apps, Netskope, Broadcom Symantec, and other cloud security solutions.

My main advice would be to spend enough time planning governance, policy design, and operational workflows before enabling aggressive enforcement controls. Skyhigh Security platform, in my view, is powerful, but in most enterprise CASB and DLP solutions, the success of the deployment depends heavily on proper planning and policy tuning. Another recommendation is to invest time in alert tuning and governance processes to reduce noise and avoid unnecessary operational overhead for security analysts. The organization should think beyond technical deployment. The biggest value from the platform usually comes from improving overall cloud governance, visibility, and operational maturity across the environments rather than simply enabling individual security features. I would rate this review a seven out of ten.

I primarily use Skyhigh Security for CASB in a Cloud Access Security Broker, and it has been integrated with Trellix DLP. Both Trellix and Skyhigh Security are utilized as on-premise solutions to secure clouds and emails.

Skyhigh Security is used as a cloud service for all mail, with Microsoft Exchange integrated through Skyhigh Security, which is also integrated with Trellix. All policies applied on Trellix are applicable on Skyhigh Security, and traffic flows through Skyhigh Security, creating incident logs that are reviewed and acted upon accordingly with the user.

With 18,000 users, Skyhigh Security has proven beneficial in reducing incidents. Two members manage Skyhigh Security CASB completely, which is sufficient for our organization.

Skyhigh Security is a good product that is very easy to integrate with any tools, and the dashboards are user-friendly and easy to understand. One valuable feature is the ability to identify SSL certificate expirations within one tool, which most other tools do not offer.

Skyhigh Security has positively impacted the organization by helping manage DLP incidents, allowing for customizable dashboards based on requirements, and preventing unauthorized access.

One major challenge is that downloading incidents during the investigation process takes a very long time, and this issue should be resolved. More customized columns and filtering options in incident review would be beneficial. File types should be included, such as file names along with file extensions, which are not currently available to my knowledge.

Overall, Skyhigh Security is very good and just needs to improve in terms of the latency of downloading incidents.

I have been using Skyhigh Security for one year.

Skyhigh Security provides awesome support, and I can call anytime if I face any challenges. Weekly setup calls are conducted with all clients to discuss ongoing issues and resolutions. The customer experience has been very nice, and I appreciate this support. I have worked with Forcepoint previously but really prefer the support provided by Skyhigh Security.

Customer support is very nice and has been very prompt. I rate customer support 10 out of 10 because of the weekly calls regarding raised tickets and immediate responses from support, which has been really useful.

Previously, I was working on Forcepoint DLP, which was also on-premise. In the CASB area, this is the first time using Skyhigh Security as a CASB product.

I was not involved in the setup cost details, but generally, it aligns with standard on-premise costs.

I was not present during the evaluation of other options before deploying Skyhigh Security.

I chose a rating of 9 out of 10 because of the downloading issues with incidents, which take longer times to complete. Sometimes incidents need to be downloaded immediately, but the process takes a long time. I definitely recommend using Skyhigh Security, and my overall review rating is 9 out of 10.

My main use case for Skyhigh Security is securing critical SaaS platforms, namely Salesforce and Office 365.

A specific example of how I use Skyhigh Security with Salesforce and Office 365 is limiting access to the service from managed devices only.

In addition to my main use case, we also provide restricted access to Salesforce from unmanaged devices that keeps the data in Salesforce safe while enabling necessary access.

The best features Skyhigh Security offers are their Shadow IT visibility and Cloud Catalog, which are probably the best in the industry. Their ability to agentlessly enable access for managed devices is great.

The Shadow IT visibility and Cloud Catalog have helped my team by allowing us to move faster with allowing access from all different types of devices, phones and computers, because the agentless portion was beneficial since we did not have to deploy an agent. Their cloud catalog has over 30,000 cloud services and detailed risk ratings and helped us surface use cases that we did not know about that we needed to address.

Skyhigh Security has positively impacted my organization by helping fill a need that was unaddressed at the time, especially as Cloud Access Security Brokers came out and were very popular around 2018. We did not have a standardized set of tools for visibility and control of cloud services, so aggregating Shadow IT logs in one place for visibility was new and powerful.

Skyhigh Security can be improved because their administrative dashboard frequently has issues; it is unresponsive, unusable, or very slow often. The anomalies and threats that are generated are investigated, and they are generally benign or noise. We do not really get actionable anomalies or threats, unfortunately. Sometimes Skyhigh Security does not integrate well or compete well with native capabilities of clouds, such as email DLP because it does not support Microsoft Purview encryption, which blinds Skyhigh Security's DLP, creating a large hole. Additionally, the cloud access controls are not fine-grained, so a product like Entra ID can provide fine-grained access to different sub-services of Microsoft, which is better. Furthermore, the DLP policies for Skyhigh Security were never as good as they sounded on paper; lots of trial and error was needed to help put a policy in place, and ultimately, we could not move forward with some policies just because they never worked the way that we thought they should.

They do listen to customers, so that does help there. If you provide feedback, they do address it, which somewhat mitigates the issues.

I have been using Skyhigh Security since 2018.

Their support is somewhat inexperienced and there is a fair amount of turnover within the company that we experienced, which we found challenging; but that may not be atypical for security vendors.

Regarding Skyhigh Security's AI capabilities, I do not have much experience with their AI capabilities. They did have a regex generator that was built in, which was novel, and they helped us surface the use of AI in other platforms, but I have not used any Skyhigh Security AI services.

In terms of Skyhigh Security's AI capabilities, I would characterize them as not mature.

Skyhigh Security is deployed in my organization as a SaaS platform. We only use the Cloud Access Security Broker, so it was all in Skyhigh Security's SaaS.

We did host the cloud connector in Azure, but that is not necessary for the operation of Skyhigh Security, just to help with Shadow IT log processing.

I would advise others looking into using Skyhigh Security to consider the goals of implementing a Cloud Access Security Broker, as a lot of cloud services such as Microsoft and Salesforce have invested heavily in native capabilities. Therefore, it is possible that third-party tooling is not needed. I would rate this product a 4 overall.

My main use cases for Skyhigh Security were securing internet access for people working remotely before the COVID pandemic, and helping prevent data loss through people uploading files and sensitive information to web-based services and online storage drives.

A specific example of a scenario where I used Skyhigh Security for one of these use cases is when the agent was installed on all of our laptops. This meant that even when we were working from home and not on the VPN, whenever we were browsing the web, all of the content that we were seeing and all of the URLs we were trying to visit were going through the cloud instances of the Skyhigh Security scanners to ensure we did not go to prohibited websites and that there were no malicious files downloaded to our laptops.

Skyhigh Security worked reasonably well, I very rarely had issues, and their uptime was good enough that we did not experience any outages.

The best features that Skyhigh Security offers are their newer Zero Trust access so that you do not need VPNs and you can access your files from anywhere without having to go through a lot of configuration by the end user.

The Zero Trust feature specifically helped my team or organization before we thought about putting sensitive information onto SharePoint in the cloud, so we wanted all of the sensitive information on-premise. By going through their Zero Trust interface, we effectively had single sign-on to the internal network remotely without a VPN, so it reduced the overhead and gave us faster access to the files.

Skyhigh Security positively impacted my organization by allowing us to get rid of the VPNs, which reduced the overhead for IT, and it meant we did not need as many licenses for the VPN software for all of the laptops. With the vast majority working remotely, this was a significant cost saving.

Skyhigh Security can be improved, and the biggest problem they have is that they are still owned by private equity, which is a massive drain on them financially because of the debt burden that they share with their sister company, Trellix. They need to somehow get out from under that private equity or get a better investment model so that they do not keep losing experienced staff without being able to replace them.

Most of what I have heard is related to the business side, and from the feedback I have received from people I know that still work there, when they are allowed to focus on delivery, they are still able to deliver. However, the lack of staffing is slowing down their ability to innovate and push features out that customers may want.

I have used Skyhigh Security for an extended period.

Skyhigh Security is stable; they do have scheduled downtimes, as most offerings do, but they have multi-tenancy and multi-locations. If your primary location is down, you just get diverted to the other one. Around 14 years ago, there were problems with stability on Skyhigh Security products when they were part of McAfee and Intel, but they addressed those problems by about 2014, so since then, everything has been good.

Skyhigh Security's scalability is good, as their cloud auto-scales. They have peering agreements with a lot of the major ISPs where their data centers are, which allows them to get a really good bandwidth allocation. Because they dynamically scale, I did not experience them becoming overloaded and causing lag.

Customer support has been at times mixed; however, I think it has improved. They had a reasonable amount of staff turnover as a result of all of the structural changes that the company went through. Last I heard, it is a lot better than it was, and they have some really technical people in there. If there is a complex problem that needs to be worked through, when it reaches the right people, they are very good and able to get through it. There is also some really good diagnostic information built into their web gateways that they deploy on-premise if you want to do hybrid, so they get a lot of information before you even know something might be wrong.

Skyhigh Security was the one we used and we did not previously use a different solution.

Before choosing Skyhigh Security, we did not evaluate other options because we were a sister company, so we had no choice.

Skyhigh Security is deployed in my organization in a hybrid cloud setup.

My company does not have a business relationship with Skyhigh Security other than being a customer; we were a sister company, both owned by the same private equity.

I have seen a return on investment, and while I cannot share specific metrics, there are fewer gateways needed to be deployed on-premise. I suspect we would have lost one or two heads in our IT support team or IT deployment team, though I do not know for definite. I do know that by moving to having more in the cloud, their cloud is automatically updated as part of a SaaS solution, which reduces the responsibility on the company to do the updates themselves. Their support system worked reasonably well, and because there were not many problems with their agent on the laptops, we did not need a great deal internally to manage that.

My experience with pricing, setup cost, and licensing is that it was not too bad. I do not know the figures, but it was not as painful as it could have been, and I think it was reasonable. I was not involved in the negotiations because they can always be painful.

Skyhigh Security deserves an eight out of ten rating because they are one of the better companies in the web security business that are focused primarily on hosting in the cloud rather than putting a lot of infrastructure onto a client's site. They are getting decent reviews within the standard competitive analysis areas; however, they cannot implement at the rate they need to, which is what brings them down to an eight.

Skyhigh Security can be improved, and the biggest problem they have is that they are still owned by private equity, which is a massive drain on them financially because of the debt burden that they share with their sister company, Trellix. They need to somehow get out from under that private equity or get a better investment model so that they do not keep losing experienced staff without being able to replace them.

Most of what I have heard is related to the business side, and from the feedback I have received from people I know that still work there, when they are allowed to focus on delivery, they are still able to deliver. However, the lack of staffing is slowing down their ability to innovate and push features out that customers may want.

My advice to others looking into using Skyhigh Security is to seriously consider it because they have some really good features and excellent data residency options. You can choose which location you want your filtering to be done in if you are using their cloud solution, which means if you are in Europe, you can choose to use the European data centers rather than the US ones. This provides reduced latency, and your data remains inside the EU, making it a really valuable feature. I believe they are competitive feature-wise with all the others in the market.

I am currently working on Cisco Email Security Gateway, ESA, and I am also exploring Trellix Skyhigh proxy. I have been working with Skyhigh Security for the last six to seven months. My customer is using the solution, and we are supporting the client location as well. They have a vendor in the Bangalore area of southern India from which they procured on-premises servers.

In security posture, we have integrated Skyhigh Security with IBM QRadar, which is quite helpful to know how the activities are going. If any critical or security events occur in Skyhigh Security, we are able to get those to our IBM QRadar, making it very much easier to monitor all the security events in our environment. This is a major use case compared to other tools, as Skyhigh Security is the most useful for our security posture.

We have nearly 900 plus branches here, where we have rerouted our traffic through proxy like Trellix Skyhigh Security. We operate in a major financial sector in India, and that is why we use Skyhigh Security to reroute all our traffic via proxy for our security. Only then will it reach our gateway. We monitor all the URLs and the plant IPs in our proxy.

We are tracing those IPs to see whether they have a valid code or not. We also check with Trellix Sandbox to determine whether the URL is malicious or not. Additionally, we have included our Cisco Umbrella with our proxy, so the DNS resolution happens on our Umbrella side. We continuously monitor the traffic on our proxy side.

The threat protection feature is a major useful thing because for our 900 branches we monitor with this proxy only. If any issue or any URL does not reach, it is quite helpful to check whether the issue is in the proxy side or in the actual end-user side. It is quite easy to monitor. We do not get all those things from the firewall end, and it is quite easy to gather that information from the proxy, which is a major benefit here. It also majorly helps to hide our actual IPs, as we have directed all the IPs from the proxy, making it very helpful to hide our internal servers.

When compared to other technologies, Skyhigh Security is quite simple, but if there is any improvement in the GUI, it will be quite easy for us because it looks a legacy interface. This is the major thing; if there is any improvement on the GUI side, it will be more helpful.

We do not have a DLP in Trellix on our side, as we are using Windows.

I have been working with Skyhigh Security for the last six to seven months.

We did not face any downtime on that site, so it is quite reliable. We also have internet clustering in that area, so there is no significant downtime. There is no downtime in the proxy side, which is a major benefit here. If any box faces any issue, it is clustered, so there is no issue on that side.

Scalability is very good, and I can give a rating up to nine out of ten for scalability.

Till now there is no issue in the proxy side or in customer support. We are quite satisfied with that product.

In Trellix trial portal, we have raised cases for any escalations or issues. With that, we can know the case severity such as P1, P2, or P3, allowing easy interaction from the customer support side. It is much easier compared to other support portals.

Negative

Recently we have just migrated our servers to new on-premises servers with the latest version. For deployment, we have worked with our deployment team who provided good support from Trellix team as well. It was not disruptive at that time; we went live within two to three days without any disturbance in that area, making it much quicker compared to other tools. Migration is easier, and deployment is quite straightforward.

For IAM, we are using other tools, as we are a financial institution, so we do not go with a single vendor platform. We need to work with multiple vendors for guidelines provided by our government.

For an enterprise customer, Skyhigh Security is quite good for them to use. I think it is not fit for small and medium-sized enterprises, but for enterprise customers, it is much more cost-efficient and also very secure for that environment. I would rate this review overall as ten out of ten.

My main use case for Skyhigh Security is for data security, where I use it as a CASB product.

I use Skyhigh Security day-to-day by integrating it with our different cloud components, creating policies for data leakage or data discovery, and receiving alerts for policy violations.

The best features of Skyhigh Security are the screen share, the policy part, and the visibility it provides for the integration part, giving us good visibility while using Skyhigh.

These features help me in my daily work by reading from the back-end and giving us full control on the analyzing part, which keeps the visibility for the incidents.

Skyhigh Security has positively impacted my organization by enabling us to discover the Shadow IT concept and identify unauthorized cloud applications or integrations, helping us maintain compliance and governance.

The impact of Skyhigh Security can be seen in improved analytics, governance, and the identification of shadow IT parts, leading to fewer security incidents.

Skyhigh Security can be improved by addressing the current challenges we face with complex DLP policies that are difficult to manage, particularly in managing the exception rules in a large environment.

The challenges I face remain with the CASB and DLP parts, focusing on the DLP policies and exception handling.

I have been using Skyhigh Security for around three years.

Skyhigh Security is stable.

Regarding scalability, since it is majorly SaaS-based, I am not entirely certain about its scalability.

I currently get support via our vendor, so I find it hard to comment on the direct support from Skyhigh Security, but I can say it is good and not bad; it is acceptable.

I did not previously use any other solution; this is the first CASB we have used.

My experience with pricing, setup cost, and licensing indicates it is high, but it is negotiable.

We are the end users and do not have a business relationship with this vendor beyond being a customer.

While I cannot calculate the ROI directly since it is a security product, Skyhigh Security has helped maintain compliance and save resources, particularly in terms of time.

My experience with pricing, setup cost, and licensing indicates it is high, but it is negotiable.

Before choosing Skyhigh Security, we evaluated Zscaler and Netskope.

Skyhigh Security is deployed in a SaaS-based environment as we take services from them and integrate it with cloud components, including a hybrid approach where we directly integrate from the SaaS to components like Salesforce and use Skyhigh Security with in-house AD integration.

Skyhigh Security is a good product with better features compared to other CASB and DLP products in the market, especially if you are looking for a combined solution with SASE features. I would rate this product an 8 out of 10.

My main use case for Skyhigh Security is preventing cloud access and user activity, especially around SaaS applications, DLP, web security, and visibility into risky user behavior.

I have a recent example of how I use Skyhigh Security for protecting cloud access and monitoring risky user behavior. The workflow was to identify the risk activity, validate if it was legitimate by the proper DLP policy, and then use the visibility to support the security team of the client, reducing the exposure.

Mainly, I use Skyhigh Security to monitor cloud and web activity, validate risk, and help the security team understand where sensitive data may be exposed or leaving the environment.

In my opinion, the best feature Skyhigh Security offers is the DLP capabilities and visibility into cloud. The CSPM was a good feature, and app control for SaaS applications was also good.

The visibility and EAP capabilities help provide a clear view of user activity. For example, it made it easier to identify risk access patterns, understand which users were interacting with sensitive data, and apply the right controls before the risk becomes a bigger issue on the client.

The best description is that it helps the security team respond faster to risk behaviors and give more confidence when managing sensitive data across SaaS applications.

Some applications lack integration because applications such as WhatsApp are difficult to intercept due to point-to-point encryption. I think an enterprise browser would be a good improvement. I am not certain if Skyhigh Security has this offering, but I think it would be a good addition.

I chose seven out of ten because Skyhigh Security has some problems with frequent updates on the SCP client, and there are some bugs.

I have been using Skyhigh Security for the last five years.

Skyhigh Security has been stable today.

Skyhigh Security has good scalability, and I do not have any problems with it.

I think customer support is generally helpful and professional, but the time to reach a final resolution could be improved. In some cases, the first responses are useful, but complex issues can take longer than expected to fully resolve, especially when an escalation is needed.

Previously, we used a Forcepoint solution. We switched because we needed better visibility across SaaS applications, stronger cloud activity monitoring, and a more centralized way to manage DLP and risky user behavior. The other product was not giving us the visibility we needed and had a lot of uptime problems.

My advice would be to plan the deployment carefully, especially around the DLP policy, user groups, and business exemptions. Skyhigh Security is a strong platform, but the policy tuning, a clear use case, and good alignment between the security, IT, and business teams are important. I recommend starting with the critical SaaS apps and sensitive data flows first, then expanding gradually.

My company does not have a business relationship with this vendor other than being a customer.

We saw return on investment. For example, before using Skyhigh Security, a security analyst could spend around two to three hours manually investigating a potential data exfiltration incident, checking logs, users, applications, and file activity across different tools. With Skyhigh Security, that same analysis could often be reduced to around ten minutes because the platform provides centralized visibility into the users, applications, and data involved. I think it was a good investment and we have seen ROI.

The pricing and licensing was generally aligned with the number of users and the models, and the cost depends on the scope, but I think Skyhigh Security has great pricing for the market.

We checked other options such as Check Point SASE before choosing Skyhigh Security.

One example was a user trying to upload sensitive internal files to an unsanctioned cloud storage app. Skyhigh Security helped us quickly see the user, the application, and the type of data involved. That visibility helped us take action before another attempt occurred. Because of that visibility, the team was able to block the upload and validate the activity with the user and adjust the DLP policy to prevent similar incidents in the future. I rated this review seven out of ten.

I am familiar with Skyhigh and Symantec. The customer's AWS environment is being used, so that understanding is correct. I help customers install and maintain policies and also provide deployment for my customers. They use Threat Protection and the categories, and the antivirus in the Web Proxy as part of the solution they use. I only work with Security Web Gateway, so that is my experience.

In my opinion, the best features of Skyhigh Security are that it is easy to recommend because it is not expensive like Symantec, and second is antivirus, and third, I think it is not heavy. It is actually very flexible, so I think that is the opportunity since it is not resource-intensive. This price is reasonable, so what I mean is their strength, what they can tell the customer is that they have this technology, but it is not that expensive, and something like that can be their strength compared to other proxies because today, everything is so expensive.

So far, only the certification part caused me some issues and some challenges. The certification requires some improvement to not cause so many troubles. The UI is another area where there is room for improvement in the product. It is actually an old style, so I actually prefer the Symantec UI, so the UI might need a refresh, but the rest of them are satisfying and not hard.

I have worked in the security part for four years, so I think almost three years with Skyhigh Security.

It has many gaps, so I think some customers take three months and up to six months for the deployment of Skyhigh Security, and after the deployment, they use it for years.

I would rate customer service as nine out of ten, because there is only one Korean speaker for the technical support of Skyhigh Security.

Positive

This is my first job as an engineer, so I have not worked with other vendors or used some alternatives, but I am now working for Symantec Proxy, Skyhigh Security, and Menlo RBI.

Installing was not hard, but talking with the customer about the certification was difficult, so making them understand is hard, but the installation was actually easy.

There were three engineers, but now only me, so only one person from my side takes part in this deployment process.

This is my first job as an engineer, so I have not worked with other vendors or used some alternatives, but I am now working for Symantec Proxy, Skyhigh Security, and Menlo RBI.

It depends on the environment, I think, and I am saying that not all, but in Korea, most of the customers prefer on-premise. The setup and configuration process for Skyhigh Security can be short as a month, but regularly three months, and long as six months. The deployment may last up to half a year.

I think analytics are better for understanding security posture, but actually, I was using the Web Gateway, so all the analysis and logs were made by Linux, which I do not prefer because they have so many things to do. It is good for the customer, but not for me.

I think with the cloud, cloud SWG, anyone can access through the proxy, which is the good part, and it is something they can tell someone that is their strength. My overall rating for this product is seven out of ten.

My main use case for Skyhigh Security is working in a Skyhigh Security Secure Web Gateway that is an on-premises proxy at Gail India Limited. In that environment, I use Skyhigh Security as an on-premises proxy, so its job is to act as a proxy between the user and the internet and maintain the security of the overall organization.

Skyhigh Security supports various day-to-day tools in today's cybersecurity world, including the GAM engine and GTA engine, which is a very good feature in Skyhigh Security on-premises proxy. Previously, I worked on a CASB solution with an API-based DLP integration.

The best features Skyhigh Security offers in my experience would be its user interface, which is very good among other competitors. In addition, its support team and the real-time GTA engine are working very well.

The user interface is simple and easy to understand, and we can handle it well when compared to other competitors. The support team provides day-zero and day-one resolution much quicker, and they assist us in an easier manner.

Since Skyhigh Security was implemented one year ago, I have noticed positive impacts on my organization. Although there were a few challenges, the support team and the Professional Services team managed them well. I see many challenges regarding day-to-day use cases where we need to fine-tune those policies and a few exceptional challenges where the support team and Professional Services team have helped us.

Regarding compliance, Skyhigh Security met all the compliance requirements at Gail, and it is very well managed by the Professional Services team initially. After that, there were a few challenges regarding minor and major issues, but those were handled and executed well.

One improvement I can suggest for Skyhigh Security is that a better resolution from the Professional Services team, apart from the support team, is needed because sometimes during the weekend, resolution takes time, and reaching out to the Professional Services team is complicated.

The user experience is good and performance is also best among other competitors. However, I would suggest using it to maintain a cloud posture in a simpler way. The backend part could be improved based on other competitors.

I have been using Skyhigh Security for more than one and a half years.

In my experience, Skyhigh Security is stable.

Regarding scalability, I find Skyhigh Security easy to scale. We upgraded with a plan for the next five to seven years to run with this solution because this easy scalability is what we are able to achieve with Skyhigh Security for our environment.

I am satisfied with the help and response I receive from customer support. I would rate the customer support a ten.

My advice to others looking into using Skyhigh Security would include its user interface, its support, and the scalability, which are very good. These three points are what I appreciate most about Skyhigh Security, and every time I meet others, I suggest that. Skyhigh Security is well managed, and its user interface is simple and easy to use for a security solution; it is a very good solution. I would rate this product a nine overall.

My main use case for Skyhigh Security is blocking malicious websites, blocking non-DLP acceptable websites, preventing data sharing, enforcing DLP, preventing access to unpleasant websites, and preventing people from using YouTube, advertisement applications, or LinkedIn. We mainly use it to make the work environment dedicated to work without giving employees entertainment that is not allowed.

In my opinion, the best feature Skyhigh Security offers is its ability to perform deep TLS interception to take action based on that analysis. Deep TLS inspection is a very valuable technology to have with your device.

Skyhigh Security has positively impacted my organization by providing more compliance and more regulatory adherence.

It would be beneficial to have an API for Skyhigh Security. We also experienced some troubleshooting issues when we were troubleshooting our rules, which was not pleasant to manage.

Skyhigh Security can be improved as it lacks debugging capabilities. The main issue is that if we have a website that is blocking Skyhigh Security's proxy, for example a bank website, we will not be able to tell until someone calls us. They do not know enough about our technology because they do not need to be technical experts. Some people are in sales, and some people use their computers for only basic tasks and do not understand that they are being blocked by us or do not know who to contact. We are unable to determine that a banking website is blocking Skyhigh Security through our proxy because the bank is not accepting Skyhigh Security's proxy. Another issue is the lack of API. There is no API available. We tried to contact support about this, and they said there would be an API at the end of quarter one, maybe quarter two, but I am not sure what happened. They did not get back to us.

I chose a rating of eight for Skyhigh Security because of the issues I mentioned, including the lack of API, the lack of troubleshooting and debugging for websites that are blocking us or the end users because of the proxy, and we have to perform a proxy bypass to allow access. Additionally, it does not allow HTTP/3 interception, which is an issue.

I have been using Skyhigh Security for around six months or more. I am Ahmed, a security information specialist at Nornet, and I have been working there for three years, starting last August.

Skyhigh Security is not stable.

Skyhigh Security's scalability is affected by the fact that you make rules that become less maintainable over time because it is like documentation, and it is difficult to document the patches. This is the most frustrating part of everything in technology, as documentation and patching issues are always challenging.

The customer support for Skyhigh Security is great. They are helpful and responsive.

I did not previously use a different solution. We did not have a comparable solution in the past, though we may have had Zscaler or similar offerings, but nothing comparable to Skyhigh Security so far.

I have not seen a return on investment from Skyhigh Security yet. I do not have numbers for this, but it is a sound investment idea. We should develop metrics to measure this.

Before choosing Skyhigh Security, we evaluated some other options but decided to stick with Skyhigh Security. We are also aware of Trellix, but we chose to remain with Skyhigh Security.

Regarding Skyhigh Security's AI capabilities, I have not tried them. I did not hear about Skyhigh Security's AI capabilities, and I only used Skyhigh Security without AI. This is the first time I have heard that Skyhigh Security has AI capabilities.

Skyhigh Security is deployed throughout our organization. According to our engineer, it should be on-premises, and it is deployed on-premises.

My advice to others considering Skyhigh Security is that it has more capabilities than you might initially think. You should make sure to explore everything before you start using it so you can understand all the areas where you can utilize Skyhigh Security, as you might find many other useful options for deployment. An important consideration is to ensure that Skyhigh Security will not negatively affect the daily work of your engineers and employees. You should plan for a smooth implementation of Skyhigh Security because it might block access to resources that it was not intended to restrict.

I have rated Skyhigh Security with a score of eight out of ten.