New AI Usage Content Sharing Rule
This feature is currently available in NextGen only.
We have introduced a new AI Usage Content Sharing rule that allows you to detect and take action on sensitive data shared through AI web applications.
This capabilities rollout begins with ChatGPT Web, Gemini Web, and Claude Web tracking, enabling you to enforce data loss prevention (DLP) rules whenever users share content in AI prompts or via file uploads and downloads within these browser-based AI sessions.
How It Works
Whenever a user sends an AI prompt, uploads a file, or initiates a download, the Agent inspects the content against your configured behavior rules in real time. If a matching rule with a Block action is triggered, the connection is instantly terminated, ensuring the sensitive content never reaches AI servers.
How to Use the Feature
Enable the AI Usage channel by navigating to Configurations > Monitoring Profiles.
Select ChatGPT Web, Gemini Web and/or, Claude Web from the AI Usage settings panel.
Create a new rule.
Select Content Sharing as your Rule Type from the Rule Editor’s General Settings tab. Then, select AI Usage under Select the type of content.
Select target users, computers, department, etc. from the Employees tab.
Configure your content definitions from the Content tab.
From the AI Usage tab, select ChatGPT Web, Gemini Web and/or, Claude Web for the AI App rule criteria.
Choose one or more actions from the Actions tab.
For more information about behavior rules, check out our NextGen Rules Guide.
Known Limitations
AI App Support: This initial release exclusively supports inspection for ChatGPT Web, Gemini Web, and Claude Web. Additional AI platforms will be integrated in subsequent updates.
Content Definitions: Currently, only Predefined Classified Data and Data Content are supported on the Content tab.
File Size Thresholds: For file uploads/downloads larger than 5 MB, content inspection is applied only to the first 1 MB of file content. Files smaller than 5 MB are fully scanned.
Support for Korean Keystrokes
We’ve enabled support for Korean characters typed via IME (Input Method Editor). Previously, Korean input was incorrectly logged as the underlying English key mappings. With this release, the Agent correctly intercepts composed Hangul characters, ensuring keystroke logs and content-based rules reflect the actual Korean text entered by the user.
Other Improvements and Updates
Improved Support for File Upload Tracking in IM Apps: We have updated our IM tracking to support new APIs across several major platforms, including Microsoft Teams (Desktop and Web), LinkedIn, Google Chat, WhatsApp (Desktop and Web), and Slack (Desktop and Web). This resolves a previous limitation where behavior rules configured to track file uploads were not consistently enforced by some of these applications. File upload tracking now works correctly across all of these IM platforms.
Accurate Threshold Detection in Advanced Mode Action: File detection rules configured with Advanced mode thresholds (e.g., Frequency > 5, Set action: Block) now trigger with precise accuracy. This grants administrators finer control over action triggers based on frequency and risk severity-based thresholds.
Support for Hostname Resolution for Network Rules: Network behavior rules now support hostname resolution in addition to IP addresses. This upgrade makes it much easier to define rules targeting specific domains and web services.