You have used our provided Symantec Data Loss Prevention (DLP) data identifiers (DI) and some detections are missed.
Symantec provides many data identifiers (DI) with DLP
There are three levels to each DI: Wide, Medium, Narrow
If you are using Narrow you will miss some incidents because it is very strict. Try switching to Medium or Wide then test to make sure you don't get too many false policies.
If you are using Medium switch to Wide. Again test to make sure you don't get too many false positives.
Once you create a policy check that the policy is actually applied to a configuration with the endpoints you are monitoring.
If the DI has been edited, it is possible it no longer works as intended. You can check with support to have them review the DI to see if it is still as Symantec intended.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.