1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administrator’s Guide
    4. Configure Enterprise DLP
    5. Enterprise DLP End User Alerting with Cortex XSOAR
    6. About Enterprise DLP End User Alerting with Cortex XSOAR

    About Enterprise DLP End User Alerting with Cortex XSOAR

    About
    Enterprise data loss prevention (DLP)
     End User Alerting with
    Cortex XSOAR
    .
    Enterprise data loss prevention (DLP)
     End User Alerting with
    Cortex XSOAR
    allows your team members to understand why a file upload was blocked by
    Enterprise DLP
     and enables self-service temporary exemptions for file uploads that match your
    Enterprise DLP
     data profiles.
    Enterprise DLP
     End User Alerting with
    Cortex XSOAR
    provides an audit trail to better understand the upload and response history for every file scanned by the DLP cloud service. Additionally, enabling End User Alerting with
    Cortex XSOAR
    prevents malware triggered uploads because an affirmative action is required to request an exemption.
    Enterprise DLP
     End User Alerting with
    Cortex XSOAR
    requires an active XSOAR license and integration with the
    Enterprise DLP
     application. You can view responses to file uploads that match your data filtering profiles and data profiles on supported applications only. For some applications, End User Alerting with
    Cortex XSOAR
    requires IP mapping to email addresses to furnishing exemption queries to your team members. After you successfully integrate
    Enterprise DLP
     with XSOAR and configure the exemption duration, the team member who uploads a matched file is presented with an automated message to confirm if the file includes sensitive data that triggers a block verdict from the DLP cloud service. If the team member responds that the file does contain sensitive data, they’re given the option request a temporary exception for the specific file.
    If the team member responds that the file doesn’t contain sensitive information, the DLP cloud service flags the file as a false positive. However,
    Enterprise DLP
     continues to block the file upload.
    The
    Enterprise DLP
     cloud service preserves the response history for all scanned files after End User Alerting with
    Cortex XSOAR
    is enabled. For example, your team member uploads
    file_A.pdf
     that matches a data profile match criteria. The team member is prompted to confirm if the file contains sensitive information, to which they answer
    Yes
     and request an exemption. A few days later, the team member uploads
    file_A.pdf
     again. This time they’re only prompted to request an exemption because the DLP cloud service is already aware of the file response history.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo