The Agent can detect and prevent exfiltration based on the true file type.
Supported for Windows from version 1.9.0.55.
Supported for Mac from version 2.1.0.129
True file type identifies the file by its internally registered data type. Users cannot manipulate the true file type so it provides a more accurate identification of the file even if a user has changed the file extension.
| Name | Media-Type | Extension |
| 3GPP | video/3gpp | .3gp |
| Bitmap | .bmp | |
| Excel | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet | .xlsx |
| Excel 97-2003 | application/vnd.ms-excel | .xls |
| Exe (Windows) | application/octet-stream | .exe |
| GIF | image/gif | .gif |
| JPEG | image/jpeg | .jpeg |
| MP4 | video/mp4 | .mp4 |
| Outlook Message | application/vnd.ms-outlook | .msg |
| application/pdf | ||
| PNG | image/png | .png |
| PowerPoint | application/vnd.openxmlformats-officedocument.presentationml.presentation | .pptx |
| Powerpoint 97-2003 | application/vnd.ms-powerpoint | .ppt |
| QuickTime | video/quicktime | .mov |
| Rich Text Format | .rtf | |
| TIFF | image/tiff | .tif |
| Visio | application/vnd.visio | .vsdx |
| Visio 97-2003 | application/vnd.visio | .vsd |
| Webp | image/webp | .webp |
| Word | application/vnd.openxmlformats-officedocument.wordprocessingml.document | .docx |
| Word 97-2003 | application/msword | .doc |
| Zip | application/zip | .zip |
[
{
"match": {
"sequence": {
"segments": [
{
"offset": 0,
"value": {
"data": [ "0x49", "0x53", "0x4F", "0x2D", "0x31", "0x30", "0x33", "0x30", "0x33", "0x2D" ],
"kind": "array",
"base": 16
}
}
]
}
},
"settings": {
"extension": "stp",
"description": "stp",
"mimeType": "application/STEP"
}
},
{
"match": {
"sequence": {
"segments": [
{
"offset": 0,
"value": {
"data": [ "0x43", "0x41", "0x44", "0x20", "0x56", "0x61", "0x6E", "0x74", "0x61", "0x67", "0x65", "0x20" ],
"kind": "array",
"base": 16
}
},
{
"offset": 13,
"value": {
"data": [ "0x2E" ],
"kind": "array",
"base": 16
}
}
]
}
},
"settings": {
"extension": "dwg",
"description": "application/CAD Vantage drawing",
"mimeType": "application/x-autocad"
}
}
]