0
1.1.2
Yokohama, Xanadu, Washington DC, Vancouver
Provides out-of-the-box integration to import DLP incidents from Microsoft Purview (OneDrive, SharePoint, Teams, Exchange Online) and other event types as well. This app can be used in combination with Data Loss Prevention Incident Response app to automate DLP incident remediation workflow for incidents generated by Microsoft Purview. This app also provides the ability to automatically release emails quarantined by Microsoft Purview post an approval workflow.
- Import DLP incidents created for OneDrive, SharePoint, Exchange Online, and Teams.
- Ability for DLP analysts to view matched sensitive data types, confidence score, match count, and the text snippet that violated the policy (matched text snippets are not stored in ServiceNow).
- Ability for DLP analysts to download the evidence file/email.
- Added correlation ID within the DLP incident table to map the integration ID to the DLP incidents.
Fixed:
- Microsoft DLP Quarantine Release Error Handling:
- Resolved an issue where attempting to Release Email from Quarantine for incidents that were already released would cause the DLP Microsoft integration to enter an error state. The system now properly detects already released emails and avoids redundant actions, preventing unnecessary errors in the quarantine flow.
- Enhanced Endpoint File Download via Custom Blob Storage:
- Updated the file download mechanism for endpoint artifacts from custom blob storage. Previously, requests were made using the user’s IP address, which could lead to access issues depending on network rules. With this update, download requests are now routed through the ServiceNow instance IP, ensuring consistent access control and improving compatibility with restricted storage configurations.
- Microsoft DLP Ingestion Performance Improvements:
- Optimized the Microsoft DLP ingestion pipeline to address slow performance during peak usage periods. Enhancements include better concurrency handling, improved API response management, and resource allocation tuning to ensure faster and more reliable ingestion even under high-load conditions.
- Required plugins and products.
- Dependencies.
- Properties that need to be created or set to activate the content pack.
- Affected business rules.
- Affected script includes.
- .jar files that need to get uploaded, if applicable.