Review the new features introduced to Enterprise Data Loss Prevention (E-DLP) in October
2024.
New Features
Large File Support
October 30, 2024
Enterprise Data Loss Prevention (E-DLP) now supports large file inspection for the
following application:
Splunk
New GenAI Application Support
October 30, 2024
Enterprise Data Loss Prevention (E-DLP) now supports the following new GenAI
applications:
AI Chatting
Brandmark
Echowin
Frase
PlayHT
Quickchat
Regie AI
Simplified
Staccato
Typeface
New Application Support
October 25, 2024
Enterprise Data Loss Prevention (E-DLP) now supports the following new application:
Grammarly
Upload Inspection Support
October 7, 2024
Enterprise Data Loss Prevention (E-DLP) now supports upload traffic inspection for
the following application:
Microsoft Excel Web
Test an Enterprise DLP Data Profile Using Dry Run Mode
October 24, 2024
To strengthen your organization's data security posture, data security administrators
continuously iterate on data security policies to test and identify detection gaps
in a controlled environment. Now, Enterprise Data Loss Prevention (E-DLP) enables your data
security administrators to test the efficacy of your data profiles
before adding them to your Security policy rule and pushing them to your production
enforcement points. Testing allows your data security administrators to validate
your data profiles against a file containing known sensitive data to ensure accurate
detection by Enterprise DLP. Data Security administrators can run a test on a
data profile currently being configured or on an existing data profile. The data
profile test results show a high-level summary of the type of data profile you're
testing, the number of instances of High, Medium, and Low confidence detections, and
snippets of the sensitive data detected.
There are two types of test results Enterprise DLP can return:
Matched Test Result—Enterprise DLP returns a
Matched verdict and successfully detected
sensitive data matching the sensitive data match criteria configured in the
data profile. There are two types of matched test results:
Successful Test Result—Enterprise DLP successfully
detected all sensitive match criteria configured in the data
profile.
Partial Test Result—Enterprise DLP returns a
Matched verdict and successfully
detected some but not all sensitive match criteria configured in the
data profile.
No Match Test Result—Enterprise DLP returns a Not
Matched verdict result because Enterprise DLP did
not detect any sensitive data in the test file matching the sensitive data
match criteria configured in the data profile.
Forward Syslogs for Enterprise DLP Incidents
October 11, 2024
Security Operations Center (SOC) analysts and incident administrators require
streamlined, automated workflows to effectively triage, review, and resolve data
security risks. Enterprise Data Loss Prevention (E-DLP) now supports syslog forwarding to enable your data
security administrators to integrate Enterprise DLP into your organization’s
automatic incident integration within your established security operations
platforms. Your data security administrator can create a Log Forwarding profile to
automatically forward DLP incident syslogs to your third-party security information
and event management (SIEM), Security Orchestration, and Response (SOAR), or other
automated ticketing systems.
Enterprise DLP syslog forwarding provides substantial flexibility for large
organizations. Your data security administrators can configure a single Log
Forwarding profile for multiple enforcement points, or conversely, create a
different Log Forwarding profile for each channel. They can also associate the same
enforcement channel with multiple Log Forwarding profiles.
Enterprise DLP forwards DLP incident syslogs over a UDP or TCP port and requires
a persistent connection to the receiving endpoint (SIEM, SOAR, or ticketing system).
While Enterprise DLP automatically continues forwarding incident syslogs after
connectivity is restored, the system cannot forward any syslogs that were generated
during the period of disconnection. This integration into established systems allows
teams to quickly incorporate data security risks into their operational cadence.
