Hi AKcyber,
As you know DLP is only responsible to prevent sensitive data from leaving the organization.
But for incoming mails/traffic there is no way to monitor that in DLP. Protocol and endpoint monitoring is only monitor outgoing traffic.
I would suggest, to monitor incoming traffic you can try with Symantec Email.Security.Cloud, it will give you all content filtering functionalities like DLP. You can make Policies which looks for PCI/PII data in attachments. You can discover and Protect sensitive data and help address legal and compliance requirements through tight integration with Symantec Data Loss Prevention.
- Discover, monitor, and protect sensitive data wherever it's used—in email, on endpoints, in your network, in storage, and even in cloud apps.
- Accurately identify confidential data with advanced detection technologies including vector machine learning, exact data matching, and indexed document matching etc.
Hope this is usefiul information.
Regards
Axay Cumar