Custom data profile that can include all functionality of classic data patterns, and advanced detection methods such as Exact Data Matching (EDM) or custom document types.

√

Audit logs for a comprehensive history of the changes that occurred across Enterprise DLP. They maintain a history of when data patterns and data profiles are created, updated, or deleted.

√

Custom data profile that can include any combination of predefined, regular expression (regex), or file property data patterns.

√

Provides quantifiable metrics to measure the overall data risk for your organization and gives administrators the ability to analyze and take preventative action to strengthen your data risk security posture using the Data Risk Dashboard.

Enterprise DLP performs inline inspection of outbound emails to prevent exfiltration of emails containing sensitive information using AI/ML powered data detections.

Use Endpoint DLP to prevent exfiltration of sensitive data to peripheral devices such as USB devices, printers, and network shares, or to control access to them.

Integrate Enterprise DLP with Cortex XSOAR to use Enterprise DLP End User Alerting, granting your team members the ability to self-service temporary exemptions for file uploads that match your data profiles.

√

Use the Enterprise Data Loss Prevention (E-DLP) Migrator to migrate your Symantec DLP policy rules and convert them into SaaS Security policy rules. This allows you to quickly transition to Palo Alto Networks Enterprise DLP without the need to manually recreate all your Security policy rules designed to prevent exfiltration of sensitive data.

Connect an AWS storage bucket, Azure storage bucket, or SFTP server to Enterprise DLP to automatically store files scanned by the DLP cloud service that match your data profiles. After a file is successfully stored, you can download the file for further investigation.

√

Monitor sharing of sensitive passwords over chat-based applications. Enterprise DLP uses contextual messages to understand instances where a password might have been shared. When Enterprise DLP detects that a password was shared, a DLP Incident is generated that displays a snippet of the response containing the password.

Custom data profile that contains multiple nested data profiles that allows you to consolidate the match criteria to prevent exfiltration of sensitive data to a single data profile that can be used in a single Security policy rule.

√

√

Report false positive detections to Palo Alto Networks to improve Enterprise DLP detection accuracy for yourself and other Enterprise DLP users. False positive detections are reported against the DLP Incident where the false positive detection occurred.

√

—

Test the efficacy of your Enterprise Data Loss Prevention (E-DLP) data profiles before adding them to your Security policy rule and pushing to your production NGFW and Prisma Access tenants. This allows you to validate your data profiles against a file containing known sensitive data to ensure accurate detection by Enterprise DLP.

√