Fortinet black logo

online help

Home FortiCASB 20.2.0 online help
20.2.0
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Sensitive File

Sensitive File

Description

Sensitive File policy monitors and sends an alert when targeted cloud account files are being accessed. The location of the cloud account file path is configured through Regex.

Policy Configuration

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Click on Policy drop down menu and select Threat Protection.
  3. Locate Sensitive File and click on the right arrow key > button to expand the policy.
  4. Click on General tab, click Status toggle switch button to enable the policy.

  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).
  6. Click Context tab to configure settings.

  7. Enter a valid Regex of the target file path to be monitored. Here are examples of file path Regex:
    1. ".*" targets all files in the cloud account.
    2. "^(?:[\w]\:|\\)(\\[a-z_\-\s0-9\.]+)+\.(txt|gif|pdf|doc|docx|xls|xlsx)$" targets files begin with x:\ or \\ with files ending in the following types of extensions: txt, gif, pdf, doc, docx, xls, xlsx. Here are the file paths that will this file path Regex matches:
      1. \\192.168.0.1\folder\file.pdf
      2. c:\my folder\abc abc.docx

    Reference:

    https://www.codeproject.com/Tips/216238/Regular-Expression-to-Validate-File-Path-and-Exten

  8. Click Save to update the policy configuration.

After the policy is enabled and configured, whenever any file targeted by the file path Regex is accessed on the cloud account, an alert will be triggered in the alert page. For more details, please refer to Alert.

Previous
Next

Sensitive File

Description

Sensitive File policy monitors and sends an alert when targeted cloud account files are being accessed. The location of the cloud account file path is configured through Regex.

Policy Configuration

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Click on Policy drop down menu and select Threat Protection.
  3. Locate Sensitive File and click on the right arrow key > button to expand the policy.
  4. Click on General tab, click Status toggle switch button to enable the policy.

  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).
  6. Click Context tab to configure settings.

  7. Enter a valid Regex of the target file path to be monitored. Here are examples of file path Regex:
    1. ".*" targets all files in the cloud account.
    2. "^(?:[\w]\:|\\)(\\[a-z_\-\s0-9\.]+)+\.(txt|gif|pdf|doc|docx|xls|xlsx)$" targets files begin with x:\ or \\ with files ending in the following types of extensions: txt, gif, pdf, doc, docx, xls, xlsx. Here are the file paths that will this file path Regex matches:
      1. \\192.168.0.1\folder\file.pdf
      2. c:\my folder\abc abc.docx

    Reference:

    https://www.codeproject.com/Tips/216238/Regular-Expression-to-Validate-File-Path-and-Exten

  8. Click Save to update the policy configuration.

After the policy is enabled and configured, whenever any file targeted by the file path Regex is accessed on the cloud account, an alert will be triggered in the alert page. For more details, please refer to Alert.

Previous
Next