NewMicrosoft Purview · Data Loss Prevention
Microsoft Purview: Data Loss Prevention - User Based Aggregation of DLP Alerts
Microsoft Purview DLP will consolidate multiple alerts triggered by the same user into a single aggregated alert when multiple rules match, reducing alert noise and simplifying investigation workflows.
Key dates
- — preview (Feature currently in development; no preview or GA date specified)
Microsoft's description
Enable aggregation of DLP alerts based on common entities user even when multiple rules are matched. This feature should consolidate related alert events into a single alert object to: Reduce alert noise, simplify investigation workflows, enhance contextual understanding of violations.