File Attachments

List view

Quick Start
Welcome
Console & Settings
Release Notes
November 25, 2025 WitnessAI Update
November 18, 2025 WitnessAI Update
November 11, 2025 WitnessAI Update
October 28, 2025 WitnessAI Update
October 23, 2025 WitnessAI Update
October 9, 2025 WitnessAI Update
October 2, 2025 WitnessAI Update
September 30, 2025: WitnessAI Update
September 23, 2025: WitnessAI Update
August 12, 2025: WitnessAI Update
July 31, 2025: WitnessAI Update
July 18, 2025: WitnessAI Update
June 23, 2025: WitnessAI Update
June 9, 2025: WitnessAI Update
April 11, 2025: WitnessAI Release v2.0
Supported Applications & LLMs
User Guide
Home
Discovery
Discovered Apps
App Catalog
Analytics
Conversations
Users
Alerts
Policies
Lists
Private Applications
Settings
Configuration
Access Control
System
Secure AI Portal
User Menu
Policies & GuardRails
Policy Creation
Policy Precedence
File Attachments
GuardRail: Behavioral Activity
GuardRail: PCI DSS
GuardRail: Data Protection
GuardRail: Harmful Response Prevention (Beta)
GuardRail: Model Identity Protection
GuardRail: Model Protection
GuardRail: Organizational Behavior (Beta)
GuardRail: Risk Analysis
Witness Anywhere: Remote Device Security
WA: Remote Device Security
Stunnel
Azure Intune: Single-User VDI
Azure Intune: Multi-User VDI
CrowdStrike (Windows)
GPO (Windows)
Jamf (macOS) (Beta)
SentinelOne
Witness Anywhere: FAQ
Witness Anywhere Overview
Witness Attack
Witness Attack: AI Red Teaming 
Administrator Guide
Accessibility
Identity: Microsoft Entra ID (Azure AD)
Identity: Okta Identity
Integrations: Identity Providers
Identity: Microsoft Entra ID (Azure AD)
Identity: Okta Identity
Integrations: Network Security
Netskope SWG
Palo Alto Networks NGFW
Prisma Access: DNS Sinkhole
Prisma Access: Explicit Proxy
Zscaler Internet Access
Zscaler Beta
Status Page
API Reference
Input API
Complete API
Text-Completion API
Prompt-Protect API
Encryption
 

File Attachments

💡
Note: In order for scanned attachments to be blocked for an AI App, there must be a Policy with the Data Protection guardrail enabled, the Inspect Attachments checkbox checked, the AI App included as a Destination, and a Guardrail Action of Block. Read below for details.

File Attachments Configuration

To view and configure the ABP, Navigate to the Policy Console, and click on the Attachment Block Policy row.
notion image
 
At the top of the ABP console is a list of AI Applications, that can be individually configured to block or allow attachments.
When attachments are allowed for an individual application, the files will be scanned for content in violation of your Data Protection Guardrails. GuardRail Actions can be chosen to block or allow file attachments that match your GuardRail settings.
File attachments for all apps are allowed by default. This is displayed at the bottom of the ABP console labeled “For all other applications:”. Currently you can not configure ABP to block all applications.
 
notion image

Blocking File Attachments With Policies

💡
Note: When the Inspect Attachments feature is enabled in the Data Protection GuardRail, the Warn and Route GuardRail Actions do not function, and Warn messages are not displayed in the AI Application. Block and None are the only valid and functional GuardRail Actions in the initial release.
In order for scanned attachments to be blocked for an AI App, there must be a Policy with the Data Protection guardrail enabled, the Inspect Attachments checkbox checked, the AI App included as a Destination, and a Guardrail Action of Block. See the File Attachments documentation for details.
notion image
After attachments are scanned, prompts continue to be processed by the rest of your Policies.

File Attachments In Conversations

The Conversation Details slide-out sidebar displays information on files processed. Files less than 100MB are supported. Larger files and files containing malware are blocked.
Responses from applications containing files are not scanned or blocked, allowing users to save them as needed.
 
notion image
 

File Attachments In Alerts

Blocked attachments will generate alerts in the Alerts console. Alerts with blocked file attachments will display the text “Confirm File Upload” in the Intent column.
The sidebar displays the details of the alert.
notion image
 

File Attachments Supported

Currently all text-based files can be scanned. For example, all files that can be opened and read with a text editor. Examples include:
  • Plain Text: .txt, .log, .eml
  • Source Code: .c, .cpp, .java, .js, .html, .css, .py etc...
  • Markup and Data: .xml, .json, .csv, .tsv
  • Documents: .rtf, .docx , .md (Markdown)
  • Configuration: .ini, .cfg, .rc, .reg
  • Other: .sh (shell scripts), .ps (PostScript)
  • MS Office: .docx .pptx .xlsx
  • PDFs