0
2.1.20
Yokohama, Xanadu, Washington DC, Vancouver
Allows DLP analyst team to view and manage DLP incidents from multiple sources in a single workspace and provides the ability for end users to view incidents assigned to them, request release of emails quarantined, and submit their response to incidents. This app also allows line managers or compliance teams to review escalated incidents and requests for email release from quarantine and respond to the incidents. DLP admins can define administrative controls to automatically assign incidents, create email templates for communication, manage incident response options, define approval workflow for quarantined email release requests and so on.
- Automatically assign incidents to end users, managers, or DLP analyst groups based on a criteria
- Escalate incidents automatically to managers
- A workspace for end users to review Data Loss Prevention (DLP) incidents assigned to them and respond to the incidents by specifying a remediation action and comments.
- Attach assessments automatically and allow end users to respond to assessments
- Define end user instruction templates to coach/educate end users within the incident response workspace
- Define email templates to send emails (digest or per incident) for incident assignment notification, due date notification, escalation notification etc.
- Define the approver hierarchy, allow end users to request for the release of quarantined emails, and automatically release emails from quarantine post approval.
- A workspace to let managers or other escalation reviewers to review escalated DLP incidents and respond to them appropriately.
- Ability for DLP analysts to view reports on open DLP incidents by severity, policy, top offenders, and so on.
- Ability for DLP analysts team to view, edit, assign, and close DLP incidents across multiple sources such as endpoint, network, and email.
- Ability for DLP analysts to view match content/snippet that violated the DLP policy without storing the sensitive content in ServiceNow.
- Ability for DLP analysts to download the evidence file that violated DLP policy.
- Group incidents from the same user and matching a given criteria in a given period of time under one parent incident.
- Define field-level and record-level restrictions to control who can see what data in DLP incidents.
- Define delegates to handle incident response for executives.
- Define repeat offender rules to automatically identify users violating the same policy multiple times.
Fixed:
1. Accessibility defects:
- Tab elements now visible and accessible.
- Assessment text no longer overlaps with the number in the Assessment tab within the DLP IR Analyst Workspace.
2. Default target state issue in Incident Response Options Rule resolved.
3. UI Elevation and Theme issues:
- Assessment heading now properly visible in Coral Dark theme.
- In the Preview File tab, the body is now visible and borders are correctly displayed in Coral Dark theme.
4.Performance defects addressed to improve overall responsiveness and stability.
5. Security defects fixed to enhance system protection and compliance.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable