Forum Discussion
Acting on policy alert - Data Exfiltration
Hi we have recently enabled CAS and we have had a "Data Exfiltration to unsanctioned app" alert. One of our users has uploaded a substantial amount of data to Facebook. How do we look into this to ...
rajatm Thanks for your reply.
I am assuming there is no way we can correlate the alert with any Defender ATP info and find out what was uploaded, or at least whether it was corporate data?
I do not think that's possible but my knowledge of MDATP is limited. Apologies.