Option not to capture download events
I have notice that pretty much all our downloads as well as uploads are captured as events by the DLP engine when setting policy for web browsers.
This can mean the controlled items list becomes huge and the central events log is way to big to get anything meaningful in terms of data leaving via web.
All the data loss tools I've used generally only capture outbound events, as this is the nature of Data Loss Prevention.
This happening on on-premise (SEC) too, Sophos will alert and logged on events when download (as well as upload) a file on browser if have data control policy.
Please fix. thanks!
Antonio Cienfuegos commented
This is happening with big customers en South America and only brings problem to actually use the tool.