Symantec/Broadcom Data Loss Prevention (DLP)
Endpoint Prevent

DLP is not detecting file uploads to Safari.

Files copied to USB are uploaded to the external drive successfully even though the DLP block pop-up prompt appears and a DLP 'block' incident is created.

Using the MacOS 'Console' program, we see this message:

Sandbox: edpa() System Policy: deny(1) file-write-data /Volume/<USB name>/<filename>

MDM profile is missing or out of date on the workstation.

DLP 15.5 MP2

MacOS 10.15.x (Catalina)

Follow steps in TECH256856 to apply or update the MDM profile for the MacOS 10.15.x device.