AnsweredAssumed Answered

DLP : How to filter custom matches on traffic direction (outbound)

Question asked by C1Z5THKRSAmJx11vFefchRTJoEGE6CQElRI3WmcPaeA= on Nov 30, 2016
Latest reply on Dec 7, 2016 by John Snider

Hi,

 

I am going through RSA NetWitness Security Analytics a huge amount of Data Leak matches, but each of them so far are false positive.

 

For example, how can I filter for "cc.number exists and match traffic flow is outbound?"

 

Or for customer matches as well.

 

Thanks

Outcomes