Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint DLP Predefined Policies and Classifiers > Discovery policies > Indicators of Compromise
Indicators of Compromise
Predefined Policies and Classifiers | Forcepoint DLP | v8.4.x
*
Database Dumps/Backup Files for Discovery
Policy for detecting records of SQL table data extracted from a database. The rules for this policy are:
*
Database Dumps/Backup Files: MySQL-Format Database Dump (Wide)
*
Database Dumps/Backup Files: MySQL-Format Database Dump (Default)
*
Database Dumps/Backup Files: Microsoft Tape Format
*
.REG Files for Discovery
Policy for detecting .REG files (Windows Registry files). The rule for this policy is:
*
.REG File
*
Suspected Malicious Dissemination for Discovery
Policy for the detection of a suspected malicious content dissemination such as: encrypted or manipulated information, passwords files, credit card tracks, suspected applications and dubious content such as information about the network, software license keys, and database files. The rules for this policy are:
*
Counter Malicious: Encrypted Files (Known Format)
*
Counter Malicious: Generic Encryption Detection
*
Counter Malicious: IT Asset Information
*
Counter Malicious: Malicious Concealment
*
Counter Malicious: Password Files
*
Counter Malicious: Password Information
*
Counter Malicious: Suspected Applications (Steganography and Encryption)
*
Suspicious Data Concealment Applications
Policy for detection of data concealment applications. The rule for this policy is:
*
Suspicious data concealment applications: Steganography applications

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint DLP Predefined Policies and Classifiers > Discovery policies > Indicators of Compromise
Copyright 2017 Forcepoint. All rights reserved.