search cancel

Office365 Securlet fails to generate alerts for Policies relating to document exposures

book

Article ID: 252706

calendar_today

Updated On:

Products

CASB Securlet SAAS

Issue/Introduction

Office365 Securlet fails to generate alerts for Policies relating to document exposures. Other attributes such as recipient or sender can be specified; however, the underlying issue pertains to Exposure type. 

 

Cause

• By default for Office 365, policy alerts are generated only in case of violation detection.
• Customers can have a data exposure CASB policy without any violation rule selected.
• Currently alerts are missing for such non-risk policies.

 

Resolution

• The 'Post Eval Param' feature is not currently enabled for all tenants by default; however, a request can be submitted by Support on your behalf.

• Engineering's answer to why the feature isn't enabled for all tenants by default is that a planned rollout is being considered. This is to help mitigate potential impact/slowdown of related services in the CloudSOC operating environment.