Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Creating Remediation Scripts for TRITON AP-DATA > Data Loss Prevention (DLP)
Data Loss Prevention (DLP)
Creating Remediation Scripts | Data Protection | Version 8.3.x
What is DLP?
Data Loss Prevention (DLP) is the activity of classifying real-time data that is communicated on various channels, by various means. Once classified, the data sent over the communication channel might trigger a policy and generate an incident.
Once an incident occurs, an action plan is executed. The action plan may specify which remediation scripts to run.
Classification is performed by the Policy Engine. This means it can be executed on Windows or Linux policy engines, or executed on servers or endpoints (including Linux endpoints, although this functionality is currently not available).
What is a DLP incident?
An incident is an object that contains information about the file which was matched by a DLP Policy Rule. It also contains information about the rules it matched, and other meta-data such as the source and destination, the policy engine name, and so on
When running remediation scripts, an XML file containing the incident details is generated and the full path name is presented to the script as the first command line parameter.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Creating Remediation Scripts for TRITON AP-DATA > Data Loss Prevention (DLP)
Copyright 2016 Forcepoint LLC. All rights reserved.