Understanding Predefined File type based DLP patterns

Once predefined file type based DLP patterns are enabled on your tenant, the DLP Objects page displays three predefined DLP patterns for standard file types which can be used while configuring inline (ZTNA and CASB), SWG content and API policies to detect or block content based on file types.

Following are the three predefined DLP patterns for standard file types:

Data Pattern Name	Description	File Types
Executable Files	This data pattern matches all executable files.	Windows, linux, and macOS executables .exe .com .bin .o .so .dylib
Rich Internet Application Files	This data pattern matches all Rich Internet Application files.	MacroMedia Flash and Microsoft Silverlight files .swf
Document and PDF Files	This data pattern matches all documents and office-related files.	PDF (.pdf) Microsoft Office Documents (OLE and OOXML) .doc .docx .pptx .ppt .xls .xlsx RTF files (.rtf)

Data Pattern Name

Description

File Types

Executable Files

This data pattern matches all executable files.

Windows, linux, and macOS executables

.exe
.com
.bin
.o
.so
.dylib

Rich Internet Application Files

This data pattern matches all Rich Internet Application files.

MacroMedia Flash and Microsoft Silverlight files

.swf

Document and PDF Files

This data pattern matches all documents and office-related files.

PDF (.pdf)
Microsoft Office Documents (OLE and OOXML)
- .doc
- .docx
- .pptx
- .ppt
- .xls
- .xlsx
RTF files (.rtf)

When you click any of the predefined file type based DLP patterns, then data patterns will only display Test Pattern tab. You can test against the DLP Pattern by uploading file and clicking the Test button. The Test result shows a success or failure of the match against the file type and displays the mime type of the file uploaded.