A user shares a collaborator link with an external user. The shared file contains sensitive information.

External in this context is a person outside the CASB Tenant's Primary or Secondary Domains.
 

Incident Details: REST Action Warning 

Incident History shows: Breaking Content Links Action Skipped

DLP Cloud Detection Service for REST  15.X. & 16.X
CASB SAAS: Securlet Microsoft Office 365\OneDrive

The correct response rules required to remove access or break links may be missing from the policy.

The Data-At-Rest Response rule, "Remove Shared Links in Data-at-Rest" is used when a document is exposed publically, or externally, and the link needs to be removed.
The Data-At-Rest Response rule, "Remove Collaborator Access" can be used to remove collaborator links on files shared with persons identified as external, even when the file itself IS NOT exposed externally.

To be able to remove links for both use cases, an Automated Response Rule for each action should be added to the policy. Alternatively, an Automated Response Rule containing both response rules can be used.

NOTE:  The remediation actions "Remove Shared Links in Data-at-Rest" & "Remove Collaborator Access" will only execute if there was an exposure. As a result the status of the incident history is "Skipped".

See also:
Article ID: 215371 CASB Q&A External Collaborators in CASB
Article ID: 368780 O365 securlet response actions mapped to DLP response actions