Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Shadow/Web DLP Policy Response Actions

  1. Last updated
  2. Save as PDF

An action taken when a policy is triggered is a response action. By default, each policy creates an incident that appears in Skyhigh CASB. If an event, message, or document triggers more than one policy, an incident is generated for each corresponding policy. Responses to the document reflect more restrictive policies. For more information, see DLP Policy Incident Statuses.

Response Actions can be conditionally executed depending on the triggered Rule Group's severity.

The Shadow /Web DLP supports the following DLP response actions:

Action Description
Incident Incidents are generated by default.
Block Block the sensitive data from being exfiltrated.
Monitor Monitor the sensitive data from being exfiltrated.
Save Evidence Copy of the compromised content associated with your incident can be saved in your data storage. For details, see Save DLP Evidence.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.