Configuring Advanced Threat Protection
Forcepoint ONE SSE provides Advanced Threat Protection (ATP) via partnerships with Crowdstrike and Bitdefender.
Once any of these ATP options have been purchased, you will be able to implement threat protection into your application policies (protecting against both known and unknown malware). Options will appear as predefined data pattern objects that can be used in any of your application policies. You can access these data patterns on the page.
In Forcepoint ONE SSE, Crowdstrike is named as Malware-Crowdstrike and Bitdefender is named as Malware-Bitdefender.
Note: Even if you have not purchased ATP, Forcepoint ONE SSE will still provide
alerts in your logs if our ATP engine identifies malicious files during proxy or API scans (seen as a Bitglass-Malware-Suspect in the log lines). Files identified as malicious will not be
scanned for DLP pattern matching.