Skip to main content
McAfee Enterprise MVISION Cloud

Enable Incident Remediation

MVISION Cloud provides remediation for DLP incidents that a user has manually deleted. This option is only applicable to DLP policies where quarantine/delete responses are not enabled. Incidents are marked Resolved if a member of your team deletes or removes the file or updates the files and removes sensitive content.

Prerequisites

  • To enable SSO SAML for MVISION Cloud Dashboard login, see Configure MVISION Cloud Login for SSO. For End User Remediation, make sure to authorize all users, not just admin users. If you only have basic authentication for the MVISION Cloud dashboard, End User Remediation cannot be enabled. 
  • To configure data storage for remediation, see Data Storage

Enable Incident Remediation

  1. Go to Policy > Policy Settings.
  2. Select the Incident Remediation tab. 
    policy_settings_remediation_5.2.1.png
  3. Toggle Autonomous Remediation to ON.
  4. To enable End-User Input, toggle to ON. If SSO is not configured for your tenant, you will not see this option. Then select the response for Low, Medium, and High Severity incidents. 
  5. Click Save.
     
  • Was this article helpful?