Use the secure Exact Data Matching (EDM) CLI application to configure an EDM profile for
Enterprise Data Loss Prevention (E-DLP).
Where Can I Use This?
What Do I Need?
NGFW (Managed by Panorama or Strata Cloud Manager)
Prisma Access (Managed by Panorama or Strata Cloud Manager)
Enterprise Data Loss Prevention (E-DLP) license
Review the Supported
Platforms for details on the required license
for each enforcement point.
Or any of the following licenses that include the Enterprise DLP license
Prisma Access CASB license
Next-Generation
CASB for Prisma Access and NGFW (CASB-X) license
Data Security license
Exact Data Matching (EDM) for Enterprise DLP is an advanced detection tool to
monitor and protect sensitive data from exfiltration. Use EDM to detect sensitive and
personally identifiable information (PII) such as social security numbers, Medical
Record Numbers, bank account numbers, and credit card numbers, in a structured data
source such as databases, directory servers, or structured data files (CSV and TSV),
with high accuracy.
To use EDM, the DLP cloud service relies on the encrypted hash of the sensitive data you upload
to the DLP cloud service. The DLP cloud service indexes the encrypted hash of uploaded
EDM data sets. To prevent the exfiltration of sensitive data, the DLP cloud service uses
the indexed hash data set in the Security policy rule for matching outbound traffic.
