After a Data Loss Prevention incident occurs, Trend Micro Apex One logs the incident details in a specialized forensic database. Trend Micro Apex One also creates an encrypted file containing a copy of the sensitive data which triggered the incident and generates a hash value for verification purposes and to ensure the integrity of the sensitive data. Trend Micro Apex One creates the encrypted forensic files on the agent machine and then uploads the files to a specified location on the server.
Important
Important
  • The encrypted forensic files contain highly sensitive data and administrators should exercise caution when granting access to these files.
  • Trend Micro Apex One integrates with Trend Micro Apex Central to provide Trend Micro Apex Central users with the DLP Incident Reviewer or DLP Compliance Officer roles the ability to access the data within the encrypted files. For details about the DLP roles and access to the forensic file data in Trend Micro Apex Central, see the Control Manager or Apex Central Administrator’s Guide.
Related information