Exact Data Matching (EDM)
Focus
Focus
Enterprise DLP

Exact Data Matching (EDM)

Table of Contents

Exact Data Matching (EDM)

Use the secure Exact Data Matching (EDM) CLI application to configure an EDM profile for Enterprise Data Loss Prevention (E-DLP).
Where Can I Use This?What Do I Need?
  • NGFW (Managed by Panorama or Strata Cloud Manager)
  • Prisma Access (Managed by Panorama or Strata Cloud Manager)
  • Enterprise Data Loss Prevention (E-DLP) license
    Review the Supported Platforms for details on the required license for each enforcement point.
Or any of the following licenses that include the Enterprise DLP license
  • Prisma Access CASB license
  • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
  • Data Security license
Exact Data Matching (EDM) for Enterprise DLP is an advanced detection tool to monitor and protect sensitive data from exfiltration. Use EDM to detect sensitive and personally identifiable information (PII) such as social security numbers, Medical Record Numbers, bank account numbers, and credit card numbers, in a structured data source such as databases, directory servers, or structured data files (CSV and TSV), with high accuracy.
To use EDM, the DLP cloud service relies on the encrypted hash of the sensitive data you upload to the DLP cloud service. The DLP cloud service indexes the encrypted hash of uploaded EDM data sets. To prevent the exfiltration of sensitive data, the DLP cloud service uses the indexed hash data set in the Security policy rule for matching outbound traffic.