Data Security scans and analyzes email assets, settings, and user behavior and applies Security Control policies to identify exposures, risky user behavior, and sensitive documents. The service also performs a deep content inspection for known and unknown malware, data exposure, and data exfiltration. When Data Security determines that the security control is an incident, it creates an incident detail view that you use to Assess Incidents in your managed SaaS applications. These details can include some or all of the following information:

• View the Severity of the incident
• Date when the incident was found
• Sanctioned Application in which the incident occurred
• The user associated with this incident
• The setting name
• The policy rule which was violated
• Actions: Option to Email a message to the email sender, principal owner, or folder owner or Dismiss the incident.