Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Using RiskVision to Investigate Cloud App Use : Are there data loss or data theft incidents associated with cloud app access?
Are there data loss or data theft incidents associated with cloud app access?
Investigate Cloud App Use | TRITON RiskVision | 01-June-2016
Most user connections to cloud apps are encrypted. In order for RiskVision to detect data loss or data theft incidents in cloud app transactions, it must be configured to monitor traffic that has first passed through an SSL decryption product (like an F5 or A10 appliance).
If RiskVision is monitoring already-decrypted transactions, use the Transaction Viewer on the Incidents page in the RiskVision Local Manager to find out if Data Analysis has found data loss or data theft incidents associated with cloud app use.
By default, when you select the Cloud App option from the View drop-down list, the table includes columns for cloud app name and risk level, and for data analysis content, violation triggers, and content classifiers (or rules).
To look for correlations, try grouping by Cloud App and Data Content.
You can also try grouping data by Plugins to find incidents with results returned by both Cloud Apps and Data Analysis.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Using RiskVision to Investigate Cloud App Use : Are there data loss or data theft incidents associated with cloud app access?
Copyright 2016 Forcepoint LLC. All rights reserved.