Enterprise Data Loss Prevention (E-DLP)

End User Alerting with

Cortex XSOAR

allows your team members to understand why a file upload was blocked by

Enterprise DLP

and enables self-service temporary exemptions for file uploads that match your

Enterprise DLP

data profiles.

Enterprise DLP

End User Alerting with

Cortex XSOAR

provides an audit trail to better understand the upload and response history for every file scanned by the DLP cloud service. Additionally, enabling End User Alerting with

Cortex XSOAR

prevents malware triggered uploads because an affirmative action is required to request an exemption.

Enterprise DLP

End User Alerting with

Cortex XSOAR

requires integration with the

Enterprise DLP

application. You can view responses to file uploads that match your data filtering profiles and data profiles on supported applications only. For some applications, End User Alerting with

Cortex XSOAR

requires IP mapping to email addresses to furnishing exemption queries to your team members. After you successfully integrate

Enterprise DLP

with

Cortex XSOAR

and configure the exemption duration, the team member who uploads a matched file is presented with an automated message to confirm if the file includes sensitive data that triggers a block verdict from the DLP cloud service. If the team member responds that the file does contain sensitive data, they’re given the option request a temporary exception for the specific file.

The

Enterprise DLP

cloud service preserves the response history for all scanned files after End User Alerting with

Cortex XSOAR

is enabled. For example, your team member uploads

file_A.pdf

that matches a data profile match criteria. The team member is prompted to confirm if the file contains sensitive information, to which they answer

Yes

and request an exemption. A few days later, the team member uploads

file_A.pdf

again. This time they’re only prompted to request an exemption because the DLP cloud service is already aware of the file response history.