You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings.mdx
+12-12Lines changed: 12 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,32 +15,32 @@ Match count refers to the number of times that any enabled entry in the profile
15
15
16
16
## Confidence levels
17
17
18
-
Confidence levels indicate how confident Cloudflare DLP is in a DLP detection. The confidence is determined by inspecting the content for proximity keywords around the detection.
18
+
Confidence levels indicate how confident Cloudflare DLP is in a DLP detection. DLP determines the confidence by inspecting the content for proximity keywords around the detection.
19
19
20
20
Low confidence detections are generally based on regular expressions, require few keywords, and will trigger more often. High confidence detections require more keywords, will trigger less often, and have a higher likelihood of accuracy. Setting the confidence to Low will also consider Medium and High confidence detections as matches. Setting the confidence to Medium or High will filter out the lower confidence detections.
21
21
22
-
Confidence level is set on the DLP profile. When you select a confidence in the dashboard, you will see which DLP entries will be affected by the confidence level. Entries that do not reflect a confidence level in the dashboard are not yet supported or are not applicable.
22
+
Confidence level is set on the DLP profile. When you select a confidence in Zero Trust, you will see which DLP entries will be affected by the confidence level. Entries that do not reflect a confidence level in Zero Trust are not yet supported or are not applicable.
23
23
24
-
For inline detections in Gateway, if you would like to see Low and Medium confidence detections but block High confidence detections, Cloudflare recommends using two policies. The first policy should use a Low confidence DLP profile with an Allow action. The second policy should use a High confidence DLP profile with a Block action.
24
+
For inline detections in Gateway, if you would like to display Low and Medium confidence detections but block High confidence detections, Cloudflare recommends using two policies. The first policy should use a Low confidence DLP profile with an Allow action. The second policy should use a High confidence DLP profile with a Block action.
25
25
26
-
## Context analysis
26
+
## Optical Character Recognition (OCR) <Badgetext="Beta"variant="caution"size="small" />
27
+
28
+
Optical Character Recognition (OCR) analyzes and interprets text within image files. When used with DLP profiles, OCR can detect sensitive data within images your users upload.
29
+
30
+
OCR supports scanning `.jpg`/`.jpeg` and `.png` files between 4 KB and 1 MB in size. Text is encoded in UTF-8 format, including support for non-Latin characters.
Context analysis has been superseded by [confidence levels](#confidence-levels). Users who had context analysis turned on will be migrated to confidence levels where applicable.
35
+
Context analysis has been superseded by [confidence levels](#confidence-levels). DLP will migrate users who had context analysis turned on to confidence levels where applicable.
30
36
:::
31
37
32
38
When it was available, context analysis restricted detections based on proximity keywords to prevent false positives. Proximity keywords had to be detected within a distance of 1000 bytes (~1000 characters) from the original detection to trigger an context-aware detection. For example, the string `123-45-6789` only counted as a detection if in proximity to keywords such as `ssn`.
33
39
34
40
DLP applied context analysis to traffic and the content of [supported files](/cloudflare-one/policies/data-loss-prevention/#supported-file-types). Supported detections included the [Financial Information](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/predefined-profiles/#financial-information) and [Social Security, Insurance, Tax, and Identifier Numbers](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/predefined-profiles/#social-security-insurance-tax-and-identifier-numbers) predefined profiles.
35
41
36
-
### How you excluded files from context analysis
42
+
### Exclude files from context analysis
37
43
38
44
You could exclude the content of files from context analysis while still applying context analysis to traffic. For example, if you sent an email containing the string `123-45-6789`, DLP only counted a detection if the string was in proximity to keywords such as `ssn`. If you included a file in an email containing the string `123-45-6789`, DLP matched a detection regardless of keywords.
39
45
40
46
To exclude file content from context analysis, in **Exclude content type**, choose _Files_.
41
-
42
-
## Optical Character Recognition (OCR) <Badgetext="Beta"variant="caution"size="small" />
43
-
44
-
Optical Character Recognition (OCR) analyzes and interprets text within image files. When used with DLP profiles, OCR can detect sensitive data within images your users upload.
45
-
46
-
OCR supports scanning `.jpg`/`.jpeg` and `.png` files between 4 KB and 1 MB in size. Text is encoded in UTF-8 format, including support for non-Latin characters.
0 commit comments