: Use Exact Data Matching (EDM)
Focus
Focus

Use Exact Data Matching (EDM)

Table of Contents

Use Exact Data Matching (EDM)

Learn how to add exact data matching (EDM) datasets to improve detection accuracy.
See Configure Exact Data Matching (EDM) if you have purchased Enterprise DLP or opted in for a trial.
This feature requires the
Enterprise DLP
add-on license. Afterward, you must Request Enablement from DLP app on the hub.
Enterprise DLP offers Exact Data Matching (EDM) technology. EDM enables you to define actual data that needs to be matched, significantly increasing detection accuracy and minimizing false positives.
Exact Data Matching (EDM) is a method of detecting and protecting your most sensitive content. Unlike data patterns, EDM uses
specific
data—such as a patient’s first and last name or a patient’s social security number or a customer’s bank account number—to identify matches.
Just as you can create data profiles comprised of data patterns, you can add EDM datasets to data profiles too and update them as needed. Before you can create data profiles comprised of EDM datasets, you must enable and configure EDM.
After you configure EDM, author EDM profiles, and add the EDM profiles to asset rules, the EDM profiles on
Data Security
are scanned against all the files in the SaaS application, SaaS Security displays EDM results, including EDM matches and snippets.
  1. Enable EDM using the DLP app on the hub.
  2. Configure EDM.
    • (
      Standalone SaaS Security
      )—Configure EDM using the DLP app the same as on Panorama and
      Prisma Access (Panorama Managed)
      .
    • (
      NGFW or
      Panorama Managed Prisma Access
      with SaaS Security
      )—Configure EDM using the DLP app the same as on Panorama and
      Prisma Access (Panorama Managed)
      ).
    • (
      Cloud Managed Prisma Access
      with SaaS Security
      )—Configure EDM using
      Prisma Access (Cloud Management)
      .
    If you have
    Cloud Managed Prisma Access
    with a SaaS Security add-on, there’s no need to proceed with the remaining steps as you can simply manage EDM from
    Prisma Access (Cloud Management)
    .
  3. Create a data profile with EDM datasets using the DLP app on the hub.
    You can also access the DLP app from SaaS Security for efficient EDM profile authoring.
    Afterward, such data profiles display in SaaS Security:
    Settings
    Data Profiles
    with
    Type
    of
    Advanced
    and
    Updated By
    of
    Enterprise DLP App
    .
  4. Add the EDM profiles to asset rules.
    After the assets are scanned against all the assets in the SaaS application, browse EDM results in SaaS Security, including EDM matches and snippets:

Recommended For You