Hi All,
I have a client that has a ton of Endpoint Incidents. Was wondering about some best practices that anyone may have based on their experience with DLP or tips on how to manage incidents such as HTTP/ HTTPS for Endpoint. Unfortunatley, for Endpoint there doesn't seem to be a way to summarize by recipient within Enforce. The route that I'm taking so far has been going through the correlations and creating a whitelist.
Hello,
The best way to do is, you need to fine tune the policy, check the below link for best practise
https://www.symantec.com/connect/articles/dlp-policy-tuning
Hope this helps! Mark as solution if this was usefull!