Quarantine action does not appear to trigger on policy violation for AWS Securlet

book

Article ID: 193825

calendar_today

Updated On:

Products

CASB Security Advanced

Issue/Introduction

The Quarantine rule appears to have fired in external DLP. The CASB violation noted that quarantine was the action taken, however, the API request to drop a marker file and move the file to a quarantine folder does not appear to be honored.

Cause

When DLP and CASB are integrated the policies created in DLP do not reflect the available remediation options for each securlet.  The DLP remediation options remain the same for all securlets

Environment

CASB\DLP integration

Resolution

AWS Securlet does not support quarantining files