Help Center

Third-party software Contact us

Data discovery rules

Data discovery rule configuration

Data discovery rules define what sensitive content is to be located and use regular expressions and keyword sets to find business-critical information. Users can use the built-in data discovery rules available in DataSecurity Plus to locate credit card numbers, license details, IP addresses, Social Security Numbers, email addresses, citizenship identification card numbers, and more.

There are two steps to locating sensitive data during scans:

  • Creating data discovery rules.
  • Mapping the desired data discovery rules to the relevant policy.

Examples: To locate all files holding credit card information, map the below-listed data discovery rules to a new or existing data discovery policy.

Credit Card - American Express

Credit Card - InstaPayment

Credit Card - Discover

Credit Card - UnionPay

Credit Card - Visa

Credit Card - Visa MasterCard

Find and edit the list of data discovery rules offered by DataSecurity Plus using these steps:

  • Select Risk Analysis from the application drop-down.
  • Go to Configuration > Data Discovery Settings > Rule.
  • The Configured Rules window will list all built-in data discovery rules offered by DataSecurity Plus.
  • Click the edit icon next to the rule that you want to modify.
  • In the Edit Rule Window, update rule name, description, or regular expression pattern as required.
  • Click Save.

Creating new data discovery rules

Admins can create new data discovery rules to locate organization or industry-specific information using regex patterns or keyword sets.

Regular Expression is used when trying to locate a file with content that matches a pattern of text, numbers, or special characters. In contrast, Keyword Set is used when an exact phrase needs to be located within your data stores.

Constructing regular expressions

Regular expressions are useful to locate content that matches a pattern of text, numbers, and/or special characters.

Example: Regex to find URLs present within files.

Conditions required RegEx pattern
Starts with http or https https?
Followed by :// :/\/\
Should then include www. www\.
Followed by a subdomain name with a character count from 2 to 253.

The domain name can include alphanumeric and special characters.

[a-zA-Z0-9$\-_.+!*'(),]{2,253}\.
Finished with the main domain name, with a character count from 2 to 6.

The domain name can include alphanumeric and a few specific, safe special characters.

[a-zA-Z0-9$\-_.+!*'(),]{2,6}

https://www.google.com - https?:\/\/(www\.){1}[a-zA-Z0-9$\-_.+!*'(),]{2,253}\.[a-zA-Z0-9$\-_.+!*'(),]{2,6}

For more information on how to construct a regex, check out our guide.

To create new data discovery rules, follow these steps:

  • Select Risk Analysis from the application drop-down.
  • Go to Configuration > Data Discovery Settings > Rule.
  • Click the +Add Rule button at the top-right corner.
  • Name the rule and include an appropriate description.
  • Select the desired Rule Match Type.
  • Under Rule Expression either type in the regex pattern that needs to be found or the keyword set.
  • Click Add.
  • Under Threshold Value specify the number of times a rule has to be matched. Example: If the threshold value is five, then DataSecurity Plus will report only those files whose content matched with the rule configured five or more times.
  • Click Save.

Mapping rules to data discovery policy

To run a data discovery rule during your data discovery scans, you will have to map the rule to a relevant policy.

Example: The following rules can be linked to the policy "Credit Card Information."

Credit Card - American Express

Credit Card - InstaPayment

Credit Card - Discover

Credit Card - UnionPay

Credit Card - Visa

Credit Card - Visa MasterCard

To map data discovery rules to existing policies, follow these steps:

  • Select Risk Analysis from the application drop-down.
  • Go to Configuration > Data Discovery Settings > Policy.
  • Click the edit icon next to the policy you want to map the data discovery rule to.
  • In the Edit Policy window that opens, click +Add Rule above the table.
  • In the Add Rule to the Policy window that opens, select the rules you want to add.
  • Click Add.
  • Click Save.

Rules can be mapped to policies while creating or editing data discovery policies. To create new data discovery policies, follow the steps listed here.

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     
  • Request additional resources

    Send us your requirements.