Forensics for Public Cloud
With Forensics, you can see all the information you need in terms of what your users are doing in the cloud and what you should be looking at. When a violation is found, the object is placed in a forensics folder so you can review the specific types of sensitive data that are exposed. An automated cloud policy enforcement program is necessary for getting to a quick resolution and remediation.
To use forensics, you need to:
Configure API Data Protection for the public cloud service you want to store forensics data.
Create a forensic profile to define the destination folder in which files that violate DLP policies can be stored.
Enable the forensic profile.
Review the violations within specific files and take remedial action by contacting users and managing files in the forensics folder.
To learn more: Getting Started with Forensics for Public Cloud.