Name: Forcepoint DLP
Rating: 4.4 (574 reviews)

Overview

Product Information on Forcepoint DLP

Updated 20th May 2022

What is Forcepoint DLP?

The Forcepoint DLP solution prevents exfiltration of sensitive data and delivers unified policy management with centralized control of all channels or security vectors from a single policy. This allows visibility and control of your data everywhere your people work and anywhere your data resides. Forcepoint simplifies DLP deployment and ongoing management with over 1500 pre-defined templates, policies and classifiers that cover the regulatory demands of 83 countries, over 150 regions and every major industry. The Risk-Adaptive Protection helps identify data loss before it occurs. Continuous monitoring of risky behavior and integration of user risk data with policy enforcement delivers zero-trust DLP that streamlines incident management and eliminates risk. Forcepoint DLP simplifies compliance by securing sensitive customer information and regulated data. Forcepoint’s focus on unified policies, user risk, and automation makes data security frictionless and intuitive.

Overall experience with Forcepoint DLP

Network Security Engineer

<50M USD, IT Services

FAVORABLE

“Continuous Security Validation and Automation Enhance Defense Capabilities and Efficiency”

5.0

Apr 10, 2026

This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.

IT Security & Risk Management Associate

3B - 10B USD, Banking

CRITICAL

“Issues With Agent Stability and Application Control Impact Forcepoint Data Loss Prevention”

3.0

Apr 12, 2026

This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.

About Company

Company Description

Forcepoint’s mission is to foster safe and trusting environments through a comprehensive security solution that understands digital identities and their cyber behaviors to protect employees and critical data everywhere. Forcepoint achieves this mission by simplifying security for global businesses and governments. The company’s all-in-one, truly cloud-native platform makes it easy to adopt Zero Trust, Security Service Edge (SSE), and Secure Access Service Edge (SASE), by preventing the theft or loss of sensitive data and intellectual property no matter where people are working. Rather than offering a static one-size fits all approach, Forcepoint solutions inherently understand how people interact with data, providing secure access while enabling employees to create value. Forcepoint creates safe, trusted environments for customers and their employees to achieve their highest potential while reducing risk.

Company Details

Company type

Private

Year Founded

1994

Head office location

Austin, United States

Number of employees

2500 - 4999

Website

www.forcepoint.com

Do You Manage Peer Insights at Forcepoint?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Forcepoint DLP

Reviewer Insights for: Forcepoint DLP

Performance of Forcepoint DLP Across Market Features

Forcepoint DLP Likes & Dislikes

What I like most about Product is its comprehensive and reliable data protection capabilities across endpoint, network and email channel Forcepoint provides deep visibility into sensitive data movement which helps in proactively preventing data breaches and ensuring compliance with organizational policies The centralized management console is very user-friendly and allows seamless policy creation, monitoring and incident management I also really like the availability of pre-defined policy templates which makes initial deployment fast and easy -especially for standard-compliance use cases while at the same time it provides flexibility to create highly granular custom policies based on user behavior, content and context. Additionally, the solutions offer strong endpoint control, USB printing, cloud apps and performs consistently without major impact on system performance, the detailed reporting and incident analysis help in quick investigation and audit readiness. Overall, the product is scalable, stable and integrates well with existing infrastructure making it a dependable and enterprise-ready data loss prevention solution.

The main drawbacks we have experienced with Forcepoint Data Loss Prevention are related to application control, agent deployment, and reliability. Applications installed via Microsoft Store, such as WhatsApp and Telegram, are not properly detected for incident generation. When we contacted support, we were advised to block RuntimeBroker.exe; however, this negatively impacted overall system behavior and resulted in many irrelevant (false positive) incidents. Agent deployment on macOS devices via JAMF MDM is also quite complex and time-consuming. In addition, macOS agents do not always generate incidents reliably. For example, even when browser extensions (such as Safari extensions) are installed, incidents may not be properly captured. Another issue we have observed is related to browser behavior. In some cases, even when there is no specific blocking rule configured, web pages may fail to load correctly or may be unexpectedly blocked when operating in extension mode. This creates inconsistency and negatively affects the user experience

Top Forcepoint DLP Alternatives

Peer Discussions

Forcepoint DLP Reviews and Ratings

4.4

(574 Ratings)

Rating Distribution

5 Star: 45%
4 Star: 46%
3 Star: 8%
2 Star: 1%
1 Star: 0%

IT Security & Risk Management Associate
1B-10B USD
Banking
Review Source
Issues With Agent Stability and Application Control Impact Forcepoint Data Loss Prevention
3.0
Apr 12, 2026
Our overall experience with Forcepoint Data Loss Prevention has been mixed, and I would like to start with the challenges related to the agent. Compared to other solutions we have used, Forcepoint agents are updated very frequently - almost every 1-2 months. It is difficult to rely on a stable agent version, as new issues often arise and are later fixed through patches and new agent releases. One of the biggest challenges this creates is in agent deployment. Unlike other solutions that support seamless in-place upgrades on endpoints, Forcepoint requires us to redeploy agents using additional tools, which is not user-friendly. Another limitation is the lack of real-time visibility into agent status. In other systems, it is easy to see whether an endpoint is connected, disconnected, or has lost connection over time. However, in the Forcepoint management console, it is not always possible to clearly determine whether a device is currently active or if an agent has stopped working. We have also experienced issues with version stability. After the release of version 10.4 (following 10.3), several problems were encountered by organizations that upgraded. Versions were withdrawn, fixed, and re-released, but issues persisted, requiring another rollback and update cycle. In our opinion, such releases should undergo more thorough testing before being deployed to production environments, rather than effectively being tested in customer environments. Additionally, macOS agents have not always performed reliably in our experience. The inline proxy mode, while available, has not proven to be stable. Although it can still capture incidents without browser extensions, it may cause unnecessary browser blocking or create issues when accessing certain websites. Based on our testing, this mode negatively impacts user experience and has not been suitable for our environment. One of the most critical weaknesses is in the Application channel. Forcepoint Data Loss Prevention performs quite poorly in this area, particularly with default Microsoft applications. For example, applications like Link to Windows or apps installed via Microsoft Store (such as WhatsApp or Telegram) are not properly detected for incident generation. The main issue is that Forcepoint relies on identifying applications via .exe files, whereas Microsoft Store applications do not operate in the same way. When we raised a support case, we were advised to block RuntimeBroker.exe for Microsoft Store WhatsApp. However, this process is not specific to a single application - many system components rely on the Runtime Broker. As a result, implementing such a block led to a large number of false positives and user dissatisfaction. Ultimately, we were unable to apply an effective and targeted control for these applications, which we consider to be one of the major limitations of the solution. Another limitation we have encountered is related to file fingerprinting. There is no option to define a custom similarity threshold when detecting matches. The percentage is fixed, and we cannot adjust it to better suit our requirements. Furthermore, when a fingerprint rule is created and applied to the printer channel, it does not function as expected-fingerprinting does not work on the printer channel. We have also observed issues with Pattern and Phrase detection. Even when configuring rules with the "only unique" option enabled, the system treats the same word written in uppercase and lowercase as different entries. This behavior can lead to excessive false positives, especially when specific thresholds are configured.

IT Security & Risk Management Associate

1B-10B USD

Banking

Review Source

Issues With Agent Stability and Application Control Impact Forcepoint Data Loss Prevention

3.0

Apr 12, 2026

Our overall experience with Forcepoint Data Loss Prevention has been mixed, and I would like to start with the challenges related to the agent. Compared to other solutions we have used, Forcepoint agents are updated very frequently - almost every 1-2 months. It is difficult to rely on a stable agent version, as new issues often arise and are later fixed through patches and new agent releases. One of the biggest challenges this creates is in agent deployment. Unlike other solutions that support seamless in-place upgrades on endpoints, Forcepoint requires us to redeploy agents using additional tools, which is not user-friendly. Another limitation is the lack of real-time visibility into agent status. In other systems, it is easy to see whether an endpoint is connected, disconnected, or has lost connection over time. However, in the Forcepoint management console, it is not always possible to clearly determine whether a device is currently active or if an agent has stopped working. We have also experienced issues with version stability. After the release of version 10.4 (following 10.3), several problems were encountered by organizations that upgraded. Versions were withdrawn, fixed, and re-released, but issues persisted, requiring another rollback and update cycle. In our opinion, such releases should undergo more thorough testing before being deployed to production environments, rather than effectively being tested in customer environments. Additionally, macOS agents have not always performed reliably in our experience. The inline proxy mode, while available, has not proven to be stable. Although it can still capture incidents without browser extensions, it may cause unnecessary browser blocking or create issues when accessing certain websites. Based on our testing, this mode negatively impacts user experience and has not been suitable for our environment. One of the most critical weaknesses is in the Application channel. Forcepoint Data Loss Prevention performs quite poorly in this area, particularly with default Microsoft applications. For example, applications like Link to Windows or apps installed via Microsoft Store (such as WhatsApp or Telegram) are not properly detected for incident generation. The main issue is that Forcepoint relies on identifying applications via .exe files, whereas Microsoft Store applications do not operate in the same way. When we raised a support case, we were advised to block RuntimeBroker.exe for Microsoft Store WhatsApp. However, this process is not specific to a single application - many system components rely on the Runtime Broker. As a result, implementing such a block led to a large number of false positives and user dissatisfaction. Ultimately, we were unable to apply an effective and targeted control for these applications, which we consider to be one of the major limitations of the solution. Another limitation we have encountered is related to file fingerprinting. There is no option to define a custom similarity threshold when detecting matches. The percentage is fixed, and we cannot adjust it to better suit our requirements. Furthermore, when a fingerprint rule is created and applied to the printer channel, it does not function as expected-fingerprinting does not work on the printer channel. We have also observed issues with Pattern and Phrase detection. Even when configuring rules with the "only unique" option enabled, the system treats the same word written in uppercase and lowercase as different entries. This behavior can lead to excessive false positives, especially when specific thresholds are configured.

Read All 682 Reviews

Get unlimited access to verified peer reviews and insights

Read unlimited Gartner-vetted product reviews

View and share valuable product insights

Download full product profiles

Review products you use today

Recommended Gartner Insights

Market Guide for Data Loss Prevention