Views:
Rule scanning criteria allow you to specify the conditions that the rule applies to messages scanned by Cloud Email Gateway Protection.
The available criteria are shown in a list in the center of the screen. Some of these criteria have links to screens where you specify the associated details.

Basic Criteria

Criteria
Filter Based on
Available in
Virus ScanVirus Policy
Specify at least one detection type
Detected malware, worms, and other threats by pattern-based scanning.
Inbound and outbound protection
Specify Predictive Machine Learning settings
Detected unknown threats by Predictive Machine Learning.
Inbound and outbound protection
Specify advanced settings
Detected threats by the Advanced Threat Scan Engine.
Inbound protection
Spam FilteringSpam Policy
Spam
Detected spam.
Inbound and outbound protection
Business Email Compromise (BEC)
Detected BEC attacks.
Inbound protection
Phishing and other suspicious content
Detected phishing and other suspicious content.
Inbound and outbound protection
Graymail
Detected graymail messages.
Inbound protection
Web reputation
Detected URLs on the web or embedded in email messages that pose security risks.
Inbound and outbound protection
Social engineering attack
Detected social engineering attacks.
Inbound protection
Correlated IntelligenceCorrelated Intelligence Policy
Security risks
Anomalies
Correlation rules that consist of detection signals from various sources such as Virus Scan and Spam Filtering.
Inbound protection
Content FilteringContent Policy
No criteria
All messages.
Inbound and outbound protection
All Match
Any Match
Specific attribute and content targets.
Inbound and outbound protection
Data Loss PreventionData Loss Prevention (DLP) Policy
Select fields to scan
Selected Templates
Detected DLP incidents.
Inbound and outbound protection