Enterprise DLP
End User Alerting with
Cortex XSOAR
requires integration with the
Enterprise DLP
application. You can view responses to file uploads that match your
data filtering profiles and data profiles on
supported applications only. For some
applications, End User Alerting with
Cortex XSOAR
requires IP mapping to email
addresses to furnishing exemption queries to your team members. After you successfully
integrate
Enterprise DLP
with
Cortex XSOAR
and configure the exemption
duration, the team member who uploads a matched file is presented with an automated
message to confirm if the file includes sensitive data that triggers a block verdict
from the DLP cloud service. If the team member responds that the file does contain
sensitive data, they’re given the option request a temporary exception for the specific
file.
If the team member responds that the file doesn’t
contain sensitive information, the DLP cloud service flags the file as a false
positive. However,
Enterprise DLP
continues to block the file
upload.