Enterprise Data Loss Prevention (E-DLP) now automatically provisions and enables Exact Data Matching (EDM) on your Enterprise DLP tenant when your data security administrator enables the service on Strata Cloud Manager. Automating EDM enablement for your Enterprise DLP tenant streamles the deployment process significantly and eliminates the workflow bottlenecks where you had to wait for manual enablement by Palo Alto Networks to help significantly reduce Enterprise DLP deployment times. The automated enablement process allows your data security administrators to rapidly deploy Enterprise DLP to protect specific sensitive data records such as customer databases, employee information, or proprietary datasets with pinpoint accuracy. Automating EDM enablement ensures that your data security administrators can quickly safeguard your organization from data exfiltration and that they can quickly respond to emerging data protection requirements while maintaining precise control over sensitive information without the operational overhead of manual provisioning workflows.

Improved Snippet and Report Display for Enterprise Data Loss Prevention (E-DLP) solves the critical challenge data security administrators face when identifying specific data patterns and data profiles that trigger DLP incidents. This enhancement reduces incident resolution times and eliminates the need for additional resources for manual investigation by clearly showing which data patterns and data profiles triggered each incident. With this improved visibility, data security administrators can effectively triage incidents, understand information Security policy rule violations, and efficiently educate users to prevent future violations.

When viewing incident details, you can now see all matched profiles in the report display, with a toggle to filter for only the profiles that triggered the incident. When you select a matched profile, the system shows you the specific data patterns that caused the match, along with their confidence levels and occurrence thresholds. This information remains available even when snippets are disabled, ensuring you always have the context needed to understand the incident. Additionally, the Unified Incident Manager view now enables filtering by triggered data patterns and data profiles, helping you identify trends and recurring issues.

This enhancement supports all supported Enterprise DLP enforcement channels. When examining the DLP incident snippet details, Enterprise DLP displays which data pattern triggered the incident and specific details about the data patterns such as the pattern type, the proximity keywords, and the number of occurrences for high confidence level. For regex patterns, Enterprise DLP displays occurrence counts for each confidence level and examine up to three snippets per confidence level, giving your data security administrators tangible examples of the policy rule violations.

By providing clear insight into which data patterns and data profiles triggered incidents, this feature significantly reduces the operational friction in your security operations center. Data security administrators can quickly understand policy rule violations, take appropriate remediation actions, and provide targeted user education, ultimately strengthening your organization's data security posture and reducing the risk of data exfiltration.

Enterprise Data Loss Prevention (E-DLP) introduced new app support for the following:

The Enterprise Data Loss Prevention (E-DLP) Unified Incident Manager now displays the proximity keywords that generated a high confidence traffic match. This feature provides the specific context your data security administrators need to understand a high confidence detection. Administrators can now see exactly which proximity keywords appeared near sensitive data matches that triggered the high-confidence detection.

Your data security administrators can now see exactly which proximity keywords appeared near sensitive data matches that triggered the high confidence detection. When data security administrators review DLP incidents, Enterprise DLP displays the proximity keywords directly within the Matches within Data Profiles. This enables your data security administrators to quickly and more effectively triage incidents since they can immediately understand why a detection is high confidence based on the surrounding proximity keywords. Instead of manually reviewing entire documents to determine what elevated the alert priority, data security administrators can quickly validate high-priority exposures where sensitive data appears alongside risk-indicating language. This capability helps data security administrators focus their data security response efforts on genuinely critical detections while reducing time spent investigating high-confidence alerts, ultimately improving your data security posture and accuracy.