In ITM / Endpoint DLP, a tracked file is a file that is received on the endpoint from a supported entry point. Since currently, File Download is the only supported entry point, a tracked file is a file that is downloaded to the endpoint.
Once a file is downloaded to the endpoint, file activity, such as copy, move, and delete is tracked. The file is tracked until it is exfiltrated from a supported exit point.
Currently supported exit points as tracked files are:
- Copy to USB
- Web File Sunc
- Web File Upload
- Local Sync Folder
- Copy to Network Drive
Related Topic:
ITM / Endpoint DLP Exit Points
Last Updated: 02/20 2025