From 3dcea7efc3d72ea16853c3520f8b8c190d149240 Mon Sep 17 00:00:00 2001
From: drormikdash <101096999+drormikdash@users.noreply.github.com>
Date: Tue, 17 Dec 2024 11:28:31 +0200
Subject: [PATCH] Update anomaly-detection-policy.md

removed the paragraph  about "Data exfiltration to unsanctioned apps"  (deprecated)
---
 CloudAppSecurityDocs/anomaly-detection-policy.md | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/CloudAppSecurityDocs/anomaly-detection-policy.md b/CloudAppSecurityDocs/anomaly-detection-policy.md
index 21eeeea011..4713ec14d9 100644
--- a/CloudAppSecurityDocs/anomaly-detection-policy.md
+++ b/CloudAppSecurityDocs/anomaly-detection-policy.md
@@ -141,10 +141,6 @@ These policies look for activities within a single session with respect to the b
 
 * This detection identifies users that failed multiple login attempts in a single session with respect to the baseline learned, which could indicate on a breach attempt.
 
-### Data exfiltration to unsanctioned apps
-
-* This policy is automatically enabled to alert you when a user or IP address uses an app that is not sanctioned to perform an activity that resembles an attempt to exfiltrate information from your organization.
-
 ### Multiple delete VM activities
 
 * This policy profiles your environment and triggers alerts when users delete multiple VMs in a single session, relative to the baseline in your organization. This might indicate an attempted breach.