Configuring Advanced Threat Protection

Forcepoint Data Security Cloud | SSE provides Advanced Threat Protection (ATP) via partnerships with an antimalware provider.

After purchasing the ATP, you will have the ability to implement threat protection in your application policies, protecting against both known and unknown malware.

Predefined data pattern objects will be available for use in any of your application policies. You can access these data patterns on the Protect > Objects > DLP Objects page.

In Forcepoint Data Security Cloud | SSE, the antimalware provider is referred to as Malware-Scan.

Note:

Even if you have not purchased ATP, Forcepoint Data Security Cloud | SSE will still generate alerts in your logs if our ATP engine detects malicious files during Proxy or API scans.
These incidents will be marked as Bitglass-Malware-Suspect in the log entries. The files identified as malicious will not undergo DLP pattern matching scans.