Monitoring of custom executables in DLP

What is a one sentence summary of your feature request?

It should be possible to define your own applications in Content Aware Policies that are to be monitored, as data exfiltration is still possible via unsupported applications.

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

We use HP Sure Click to secure our web browser. It is based on Chrome but uses its own executables for protected traffic, which are not supported by Netwrix EP. As a result, it is possible to bypass the DLP filtering settings via the protected browser. Since this affects the default browser in our case, it creates a large blind spot that cannot be used to prevent data leakage.
It would be very helpful if we could define our own applications that are not completely blocked (as in application deny lists), but only denied access to the relevant files.

How do you currently solve the challenges you have by not having this feature?

There is currently no workaround to this issue.

Hello Florian,

Apologies for the delayed response. We appreciate your interest in enhancing our product.

Currently, our product does not support the inclusion of custom applications for CAP monitoring due to foundational reasons. Allowing ‘all process’ injections could compromise stability, performance, and may lead to generating false positives.

Taking that into account and as a workaround, any custom application you wish to introduce should be registered and submitted as a new Feature Request. This approach ensures we maintain stability for our customers while minimizing potential performance issues or other OS processes/services related problems.

Thank you for your understanding and collaboration.

Kind Regards,
Simona