Microsoft DLP creditcard too many false positive
Hi all, I am new to the DLP world and performing some tests in my company. I wanted to discover if/who is sharing credit card numbers, cvv, data expiry, full name and address, because with all the information someone can harm the victim, right? The problem I am having is when people share bank statements containing just credit card numbers, it gets triggered, which is so annoying too many false positives. Is anyone there experiencing the same thing and can assist? I created two policies and enabled both at the same time. The first one is using just the SIT Credit Card Number The second one I am using SIT Credit Card Number, All Full Names, All Physical Addresses Please let me know if you need more information. Thanks in advance TZBuilt-in SSN sensitive info type - excluded values
Does Microsoft's built-in SSN sensitive info type exclude any values by default or do we need to customize it to remove potential false positives for scenarios like the following: SSNs beginning with the number "666" in positions 1-3 SSNs beginning with the number "9" SSNs beginning with the number "000" in positions 1-3 SSNs with the numbers "00" in positions 4-5 SSNs with the number "0000" in positions 6-9 SSNs with repeating values. All 1's, 2's, 3's, etc. SSNs in a predictable sequence; 123456789 or 987654321
