Terminology

Forcepoint ONE SSE SWG and Forcepoint DLP share common features, but sometimes use different terms.

The following table maps the terms and definitions for common items you might see in either Forcepoint ONE SSE or Forcepoint DLP.

Forcepoint DLP term Forcepoint ONE SSE term Definition
Action/ Action plan Action The action that should take place in case of a breach. For example: Block, Permit and so on.
Case Alerts An aggregation of incidents (Forcepoint DLP) or alerts (Forcepoint ONE SSE).
Cloud application Managed or Sanctioned Application

An instance of a cloud service.

For example: “My_Company_Box”, “My_Company_AWS”.

Cloud application type Application type

A cloud service.

For example: Box, AWS and so on.

DLP Cloud API API Scanning Leverages an API connection made to the supported cloud application. This option provides near real-time activity analysis after the operation occurs. For example, file creation/modification, and sharing activity.
DLP Cloud Proxy Inline Proxy For cloud applications that connect to Forcepoint ONE SSE through a proxy connection, this option provides immediate action as the breach occurs on the cloud application activities.
Data Protection Service N/A The Forcepoint DLP service that enables analysis and enforcement of sensitive data breaches on cloud applications.
Event Event / Transaction A transaction or event that was monitored and sent for policy analysis.
Incident Action The output of the policy analysis if there is a match in the transaction.
Operation Activity

The atomic activity monitored by Forcepoint ONE SSE that an end user completed.

For example: “Upload a file”, “Download a file”.