---
title: New detection entry type: Document Matching for DLP
description: Upload a document as a detection entry type to be identified in traffic utilizing Gateway or at rest with CASB.
image: https://developers.cloudflare.com/changelog-preview.png
---

> Documentation Index  
> Fetch the complete documentation index at: https://developers.cloudflare.com/changelog/llms.txt  
> Use this file to discover all available pages before exploring further. 

[Skip to content](#%5Ftop) 

# Changelog

New updates and improvements at Cloudflare.

[ Subscribe to RSS ](https://developers.cloudflare.com/changelog/rss/index.xml) [ View RSS feeds ](https://developers.cloudflare.com/fundamentals/new-features/available-rss-feeds/) 

![hero image](https://developers.cloudflare.com/_astro/hero.CVYJHPAd_26AMqX.svg) 

[ ← Back to all posts ](https://developers.cloudflare.com/changelog/) 

## New detection entry type: Document Matching for DLP

Jul 17, 2025 

[ Data Loss Prevention ](https://developers.cloudflare.com/cloudflare-one/data-loss-prevention/) 

You can now create [document-based](https://developers.cloudflare.com/cloudflare-one/data-loss-prevention/detection-entries/configure-detection-entries/#document-entries) detection entries in DLP by uploading example documents. Cloudflare will encrypt your documents and create a unique fingerprint of the file. This fingerprint is then used to identify similar documents or snippets within your organization's traffic and stored files.

![DLP](https://developers.cloudflare.com/_astro/document-match.CcN8pGgR_Z1e3PDm.webp) 

**Key features and benefits:**

* **Upload documents, forms, or templates:** Easily upload .docx and .txt files (up to 10 MB) that contain sensitive information you want to protect.
* **Granular control with similarity percentage:** Define a minimum similarity percentage (0-100%) that a document must meet to trigger a detection, reducing false positives.
* **Comprehensive coverage:** Apply these document-based detection entries in:

  * **Gateway policies:** To inspect network traffic for sensitive documents as they are uploaded or shared.
  * **CASB (Cloud Access Security Broker):** To scan files stored in cloud applications for sensitive documents at rest.
* **Identify sensitive data:** This new detection entry type is ideal for identifying sensitive data within completed forms, templates, or even small snippets of a larger document, helping you prevent data exfiltration and ensure compliance.

Once uploaded and processed, you can add this new document entry into a DLP profile and policies to enhance your data protection strategy.

```json
{"@context":"https://schema.org","@type":"BlogPosting","@id":"https://developers.cloudflare.com/changelog/post/2025-07-17-document-matching/#page","headline":"New detection entry type: Document Matching for DLP · Changelog","description":"Upload a document as a detection entry type to be identified in traffic utilizing Gateway or at rest with CASB.","url":"https://developers.cloudflare.com/changelog/post/2025-07-17-document-matching/","inLanguage":"en","image":"https://developers.cloudflare.com/changelog-preview.png","dateModified":"2025-07-17","datePublished":"2025-07-17","publisher":{"@type":"Organization","name":"Cloudflare","url":"https://www.cloudflare.com/"},"isPartOf":{"@type":"WebSite","@id":"https://developers.cloudflare.com/#website","name":"Cloudflare Docs","url":"https://developers.cloudflare.com/"}}
```
