The Optical Character Recognition (OCR) feature extends the CloudSOC capabilities to be able to inspect 'text' embedded in images by using OCR.
OCR Inspection is not enabled by default on CDS, as a first step, make sure to enable it and to choose the languages needed.
Enable OCR inspection:
• Login to your CMP account (CMP link)
• Navigate to the OCR section (menu or home page)
• Enable OCR inspection
• Select the OCR languages (up to three languages can be selected)
Configure a keyword policy on DLP Enforce:
- Configure a keyword-based policy on DLP Enforce
- Give it enough time to sync
- Test the result by uploading (or downloading) an image file that contains the keyword
An example for a use case:
Customer would like to inspect the data shared externally that contains a specific keyword (like confidential, or 'for internal use only' ...etc)
Tested using a policy like this:
Then uploaded an image file that contains the keyword:
And it triggered a policy violation: