Data Loss Prevention Incidents
See the number of data loss prevention incidents that have been detected in the last 24 hours, as well as the following graphs:
- Incident Risk Ranking - Top Cases shows any cases found in the network with risk scores that exceed a configurable threshold.
- Cases are groups of related incidents that, combined, indicate a risk to the organization.
- Cases are assigned risk scores based on sophisticated security analytics.
- The displays uses the risk threshold set on the tab.
Click the chart to view details on each case.
- Incident Risk Ranking - Top Cases (last 7 days) displays the number of cases above the risk threshold detected during each of the last 7 days. The height of the bars and the
value shown inside represent the number of the risky cases for each date.
Click a bar to drill down to the Incident Risk Ranking report for the selected date.
- Incidents by Severity displays the number of incidents that have entered the system in the last 24 hours by severity. These include all incidents that the system has
detected.
Field Description High Number of incidents that have been set to the most severe setting and should be handled immediately. Medium Number of incidents that have been set to the medium severity setting and should be handled soon. Low Number of incidents that have been set to the most lenient severity setting and should be handled. - Top 5 Policies displays the policies that had the most incident violations, and the number of incidents in each of these policy categories.
The Last data loss prevention incident field provides the exact date and time the last incident was logged in Forcepoint DLP.
Click the My data loss prevention incidents link to open the incident summary page, where administrators can view and manage their assigned incidents.