AnsweredAssumed Answered

DLP : How to filter custom matches on traffic direction (outbound)

Question asked by C1Z5THKRSAmJx11vFefchRTJoEGE6CQElRI3WmcPaeA= on Nov 30, 2016
Latest reply on Dec 7, 2016 by John Snider



I am going through RSA NetWitness Security Analytics a huge amount of Data Leak matches, but each of them so far are false positive.


For example, how can I filter for "cc.number exists and match traffic flow is outbound?"


Or for customer matches as well.