Forum Discussion

Dean_Gross's avatar
Dean_Gross
Silver Contributor
Jun 13, 2022

Finding exfiltrated file names,

A client has an employee that has uploaded 53mb via gmail and 41mb to google drive over the past few months and is leaving the company. They may have taken company sensitive data, how can we see the file names using MDCA?

  • Hi,

    With discovery it will provide the volume of traffic that was uploaded/downloaded but won't include that level of detail. App connectors provide details on the data coming from audit logs, but this would only be for enterprise instances of GCP.

Resources