New Features by Month - Enterprise DLP - August 2025

Prisma Access support added in the Prisma Access 6.1.0 release.

Granular data profiles enhance your Enterprise Data Loss Prevention (E-DLP) detection capabilities by allowing you to apply differentiated inline content inspection requirements and response actions within the same Security policy rule. For example, you can use a single granular data profile to block high-risk data patterns while alerting on lower-risk ones, set varying log severities for different data profiles, and set specific file types for each data profile included in the granular data profile.

Granular data profiles simplify policy rulebase management by consolidating multiple rules into a single, more flexible Security policy rule. Furthermore, they reduce false positive detections and allow your data security admins to achieve a more nuanced approach to data protection that aligns closely with your organization's risk management strategy while maintaining a lean and efficient Security policy rulebase.

Improved Snippet and Report Display for Enterprise Data Loss Prevention (E-DLP) solves the critical challenge data security administrators face when identifying specific data patterns and data profiles that trigger DLP incidents. This enhancement reduces incident resolution times and eliminates the need for additional resources for manual investigation by clearly showing which data patterns and data profiles triggered each incident. With this improved visibility, data security administrators can effectively triage incidents, understand information Security policy rule violations, and efficiently educate users to prevent future violations.

When viewing incident details, you can now see all matched profiles in the report display, with a toggle to filter for only the profiles that triggered the incident. When you select a matched profile, the system shows you the specific data patterns that caused the match, along with their confidence levels and occurrence thresholds. This information remains available even when snippets are disabled, ensuring you always have the context needed to understand the incident. Additionally, the Unified Incident Manager view now enables filtering by triggered data patterns and data profiles, helping you identify trends and recurring issues.

This enhancement supports all supported Enterprise DLP enforcement channels. When examining the DLP incident snippet details, Enterprise DLP displays which data pattern triggered the incident and specific details about the data patterns such as the pattern type, the proximity keywords, and the number of occurrences for high confidence level. For regex patterns, Enterprise DLP displays occurrence counts for each confidence level and examine up to three snippets per confidence level, giving your data security administrators tangible examples of the policy rule violations.

By providing clear insight into which data patterns and data profiles triggered incidents, this feature significantly reduces the operational friction in your security operations center. Data security administrators can quickly understand policy rule violations, take appropriate remediation actions, and provide targeted user education, ultimately strengthening your organization's data security posture and reducing the risk of data exfiltration.

Increased Occurrence Count for Enterprise Data Loss Prevention (E-DLP) Data Patterns and Data Dictionaries enhances Enterprise DLP detection capabilities by supporting up to 1,500 data pattern and data dictionary match occurrences matches in a data profile. This enables more comprehensive scanning of documents containing an extensive number of occurrences of sensitive data. You can configure your data profiles with flexible matching parameters including less than or equal to 1,500 matches, greater than or equal to specific thresholds such as 1000, and range-based detection between defined values like 500 and 1,500. This enables your data security administrators to create DLP rules to detect traffic with a high count of unique pattern matches and traffic with many repeated matches of the same data.

The increase in Enterprise DLP occurrence count detection capabilities enables more precise data loss prevention policy rules that can accommodate complex organizational requirements. Data security administrators can establish detection rules that align with specific compliance needs while maintaining the flexibility to adjust pattern matching thresholds based on your organization's risk tolerance and operational requirements. The enhanced detection capability supports both primary and secondary rules within a data profile enabling your data security administrators to create sophisticated detection logic that meets your security objectives while reducing unnecessary alerts from files containing repetitive but nonthreatening sensitive data.

Note: Additionally, this enhancements enables Enterprise DLP to inspect up to 300,000 cumulative pattern matches within a single file, supporting enterprise-scale document analysis requirements. Your data security administrators can implement the increased data pattern and data dictionary match capabilities across both inline Enterprise DLP and Data Security (SaaS API) to ensure consistent pattern detection capabilities regardless of your deployment architecture.