Sensitive data discovery
The sensitive data discovery feature searches a target database for sensitive information located in tables and columns. It works with Oracle and Microsoft SQL Server target databases only.
Before you configure and run a sensitive data discovery scan, complete the following configurations:
- A connection to the target database. See Adding (or modifying) a target connection.
- One or more data discovery policies. See Data discovery policies and policy groups.
Manage sensitive data discovery
Go to Vulnerability Assessment > Sensitive Data Discovery to manage data discovery.
In the list page:
- Status: indicates discovery is running (active) or not(inactive).
- Data Discovery Policy Group: which policy groups are assigned to this discovery.
- Last Discovery: Last discovery time and found result, click to view detail report.
Click 'Target Name' in list to add/modify data discovery:
- Target tab: select database metadata as discovery object(s).
- Policy Group tab: select discovery policy group to assign to this discovery.
- Result tab: after run discovery, check this tab for result summary.
And click Save to save discovery definition.
Running sensitive data discovery
In discovery add/modify page, click Save & Start Scan to save and start discovery.
In discovery list page, select one or more discovery with check box(es), click 'Start Scan' button to start discovery, click 'Stop Scan' button to stop.
Viewing sensitive data discovery reports
There are two pre-defined data discovery reports: detailed and summary.
To view a detailed report, do one of the following:
- On the discovery list page, click the link in the Last Discovery column.
- Go to Report > Pre-Defined VA Reports, click Sensitive Data Discovery Detailed Report, and then select a target and discovery time.
For a summary report, go to Report > Pre-Defined VA Reports, click Sensitive Data Discovery Summary Report, and then select a target and discovery time.