| 主权项 |
1. A method, comprising:
at a computing platform comprising at least one processor, a communication interface, and a memory:
receiving, via the communication interface and from a network device located at a boundary between a private network associated with an organization and a public network, a message identifying data that was transmitted by a user device located in the private network, destined for a network address associated with the public network, and included one or more images;generating, by the at least one processor, a record corresponding to the message;storing, by the at least one processor and in the memory, the record corresponding to the message;sending, to an analysis platform, the one or more images;receiving, via the communication interface and from the analysis platform, data indicating whether the one or more images comprise content that violates a data leak prevention (DLP) policy of the organization;identifying, by the at least one processor and from amongst a plurality of records corresponding to messages previously received from the network device, the record corresponding to the message;updating, by the at least one processor, the record corresponding to the message to reflect whether the one or more images comprise content that violates the DLP policy of the organization;determining, by the at least one processor and based on the data indicating whether the one or more images comprise content that violates the DLP policy of the organization, that the data that was transmitted by the user device violates the DLP policy of the organization; andresponsive to determining that the data that was transmitted by the user device violates the DLP policy of the organization, identifying, by the at least one processor, one or more previous violations of the DLP policy of the organization that are associated with the user device. |
