Enterprise DLP
Asset Explorer
Table of Contents
Asset Explorer
The Asset Explorer provides comprehensive visibility into all sensitive assets
detected across your organization.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Enterprise DLP license
|
The Asset Explorer eliminates the fragmented approach to data security that leaves
organizations vulnerable. It provides comprehensive visibility into all sensitive files,
messages, and non-file based traffic, referred to as assets, detected by Enterprise Data Loss Prevention (E-DLP) across your data security enforcement channels. The Asset
Explorer allows your data security admins to perform cross-channel asset discovery,
centralize your data security risk assessments, and provides enterprise-wide visibility
into sensitive assets moving to and from apps and peripherals, and across your
network.
The core concept of Asset Explorer is to provide a single pane of glass for viewing and
managing sensitive data assets. It allows admins to:
- Discover and inventory sensitive assets across various platforms and channels
- Analyze data sensitivities, types, and distribution patterns
- Investigate asset metadata, activities, matched policy rules, and incidents
- Visualize data leak paths and potential vulnerabilities
By centralizing this information and functionality, Asset Explorer enables data security
teams to make informed decisions, optimize their Security policy rules, and enhance
their overall data protection strategies. It transforms fragmented data security
management into a cohesive and efficient process to strengthen your organization's
security posture.
You can access the Asset Explorer on Strata Cloud Manager () only.
- FiltersThe Asset Explorer allows you to apply filters to narrow down the scope of sensitive assets the Asset Explorer displays. Apply these filters to more quickly identify the sensitive assets you want to investigate. The Asset Explorer automatically applies any filters you apply are automatically to the Asset Aggregates widget.
- Time Filter—Specify the time frame to narrow down the list of sensitive assets. You can select Past 1 Hour, Past 3 Hours, Past 24 Hours, Past 7 Days, Past 30 Days, or Past 90 Days.
- Region—Select the region where Enterprise DLP blocked sensitive assets. The default Global displays all sensitive assets blocked across all regions. Otherwise, you must select one region at a time.
- GenAI Apps Only—Toggle this filter to display only the GenAI apps supported by Enterprise DLP.
- Add Filter—Add additional filters to narrow down the scope of assets detailed in the Asset Aggregates.
- Reset—Remove any of the additional filters added. This does not remove the time, region, or GenAI apps only filters.
![]()
- Asset Aggregates
- Asset Aggregates WidgetThe Asset Aggregates widget provides an interactive visualization to view aggregated asset information detected by Enterprise DLP. Click on the asset characteristics to automatically apply filters to and narrow down the number of assets displayed. Click on the same characteristic again to remove the filter.The characters described below display only if Enterprise DLP has matching data. For example, you apply the Past 7 Days filter and Asset Type displays Data at Rest and Data in Motion but only displays Data in Motion when you apply the Past 24 Hours. This is because Enterprise DLP inspected traffic for both data at rest and in motion at some point in the last seven days, but only inspected traffic for data in motion in the past 24 hours.
- Applications—App classification for inspected traffic.Can be Sanctioned, Tolerated, or Unsanctioned.
- Data Type—Data asset file type, message, or non-file traffic inspected by Enterprise DLP. The Asset Explorer lists the four data asset types with the largest number of assets and displays Others to combine all other data asset types.
- Asset Type—Type asset traffic inspected. Can be Data at Rest or Data in Motion.
- Policy Action—Action configured in the DLP rule (Strata Cloud Manager), data profile (Panorama) or data asset policy rule (Data Security).Can be Blocked, Allowed, Quarantined, or Deleted.
- Data Profiles—Data profiles containing the match criteria the asset inspected by Enterprise DLP matched against. The Asset Explorer lists the four data profiles with the largest number of traffic matches and displays Others to combines all other data profiles.
- Channels—Data security channel where Enterprise DLP inspection and verdict rendering occurred.Can be NGFW, Prisma Access, Email DLP, Endpoint DLP, SaaS API, or PA Browser.
- Users—Top users who uploaded, downloaded, sent messages, or generated non-file based data assets forwarded to Enterprise DLP for inspection.
- Asset by Risk—Summary of the severity level and total number of data assets inspected by Enterprise DLP as defined in the DLP rule (Strata Cloud Manager) or data profile (Panorama).
- Top Users—Top 3 users who uploaded data assets containing sensitive data based on the currently applied filters and the total number of data assets.
- Top Applications—Top 3 apps where users uploaded, downloaded, sent messages, or generated non-file based data assets containing sensitive data and the total number of data assets.
This Asset by Risk, Top Users, and Top Applications data are a summary of the total assets based on the currently selected time filter. Click the asset value to automatically apply the corresponding filters to the Asset Aggregates widget.![]()
- Asset ListList of all data assets inspected by Enterprise DLP. This list dynamically updates based on the currently applied filters.
- Last Modified—Date and time Enterprise DLP inspected the asset, message, or non-file based traffic.
- Name—Name of the asset inspected by Enterprise DLP. Click the asset Name to view the asset details.
- Channel—Data security channel where the asset was forwarded to Enterprise DLP for inspection.Can be NGFW, Prisma Access, Email DLP, Endpoint DLP, SaaS API, or PA Browser.
- Data Risk Score—A Data risk score assigned to the asset to measure the overall risk the asset poses to your organization.
- Policy Action—Action configured in the DLP rule (Strata Cloud Manager), data profile (Panorama) or data asset policy rule (Data Security)
- (Data Security only) Exposure—Exposure level describing the accessibility of the asset.
- Data Profiles—One or more Data profiles containing the match criteria the asset inspected by Enterprise DLP matched against.
- Application Name—App-ID of the destination or source app.
- User—User, based the Cloud Identity Engine (CIE) configuration, who uploaded or downloaded the asset to the destination or source app.
- File Format—File format of the asset inspected by Enterprise DLP.
- (Email File Format only) Actions—Expand the Actions menu to open the email inspected by Enterprise DLP.
![]()
- Asset DetailsThe Asset Details provides detailed information about the asset inspected by Enterprise DLP.
- General Info—General information of the asset that includes information such as the asset name, type, and the data security channel where the asset was detected,
- Data—Information about the asset that includes information such as the data risk score, the size of the asset if a file, the data profiles containing the match criteria the asset matched against, and the data type of the asset.
- User—Information about the users who uploaded or download the asset, sent a message, or generated non-file-based traffic.
- (SaaS API Channel only) Exposure—Data Security exposure level information.
- Application—Information about the specific source or destination app including the App-ID and classification.
- Matches Within Data Profile—Displays snippets of the asset that matched the data pattern match criteria within the data profile.
- Incidents—List of DLP incidents generated by the asset.
- Policies—Security policy rules with which you associated the data profile that the asset matches against.
- User Activities—Information about the users who uploaded, downloaded, sent messages, or generated non-file based data assets.
