To take a proactive approach to DLP, being able to block exfiltration events is of the essence. The Reveal Cloud agent can now intercept uploads and block threats, taking input from Reveal Cloud’s policy engine and leveraging built-in smart inspection patterns – including personally identifiable information and MIP-labeled data.
This feature is supported on Windows and macOS for Chromium-based browsers. Reveal Agent 7.7.4 or later is required. Browser upload blocking is part of the Next DLP Configurable Policy Templates V3.0.9 (login required).
Reveal Cloud’s new Nodes and Users dashboards allow administrators to classify and audit users and nodes across any deployment. Both of these smart inventories include advanced search and filtering functionalities, leveraging node and user attributes for quick classification, tagging, and navigation.
The Nodes dashboard allows stateful archiving or unarchiving nodes, manually or automatically. Through the Nodes interface, operators can audit their Reveal Cloud deployment and control the visibility of active and redundant nodes by changing their state.
Using quick navigation buttons, operators can also apply and release actions like isolating or locking machines in a heartbeat.
The new Nodes interface simplifies the tracking of different types of endpoints (virtual and physical), and it allows scaling and managing configurations more easily. So it is now easier to manage complex Reveal Cloud deployments. For instance, the Nodes dashboard allows monitoring of elastic deployments where Reveal Cloud agents are enrolled or deleted dynamically on virtual instances.
The new Users dashboard is now the main place for search, audit, management, and tracking of user profiles on Reveal Cloud.
Its quick search and advanced navigation features allow searching users by their LDAP attributes as well as their machine properties, so now managers can tailor policies to different user groups and adapt them to specific business functions or behaviors.
With the new Nodes and Users dashboards, operators can now manage Reveal deployments of any size more effectively. These new interfaces make investigations seamless with better visualization and activity tracking, connecting entity and user attributes to forensics data displayed in Next DLP’s investigation tools.
Configurable policy templates v3.0.10
Reveal Cloud Configurable Policy Templates V3.0.10 (login required) are now available.
These enhanced templates allow operators to customize and fine-tune security policies by expanding the set of customizable policy features and parameters to reduce false positives.
For instance, the new policies allow accounting for sanctioned system account file activity when users attempt to open sensitive files. Also, when Reveal Cloud detects users installing new applications, these new policies take into account authorized software publishers. Finally, you can now fine-tune those policies detecting authorized use of advanced system tools like Powershell.
For full details, refer to the Reveal Cloud Configurable Policy Templates Reference Guide (login required).