Versions Compared

Version Old Version 2 New Version Current
Changes made by

Alan Nicholson (Unlicensed)

Alan Nicholson (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Navigate to Dashboard > Explore

  2. Choose Source > IP address

  3. Alternatively, choose Alias and the name you gave your connection

  4. In the Risk drop-down, select High

  5. For each file row, the right-most icon opens the File’s Permissions, select this

  6. This modal window displays users and their permission levels

Data Risk Survey

  1. Navigate Dashboard > Data Risk Survey

  2. Here is where information is gathered about the organisation that then feeds into the Data Risk reports

  3. The first 25 questions are compulsory to generate these reports

  4. The questions should be answerable by CIO/CISOs, Heads of Engineering, etc…

  5. Once complete, navigate to Reports

  6. Data Risk reports are performed on individual shares, this allows us to identify remediation options more effectively

  7. Select the desired share (SEU01) and Generate Report

Other Reporting

  1. From Dashboard > Reports

  2. Select Generate on any of the reports

  3. Each has actionable insights

  4. All reports except the Risk Report cover all files or users in the database

GQL

  1. On the Explore page, select Switch to advanced search

  2. Select the text box to begin querying

  3. Using the suggestions or typing directly add fileType=doc AND classification=Confidential AND category=Technical_Documents AND categoryConfidence>=0.7 AND risk=2

  4. Go through different perputations permutations here using != , OR, <=, (), etc…

  5. Search for specific data types that would interest particular customers

  6. An interesting use case to search for, are image files that have been classified with OCR (fileType=jpg OR fileType=png) AND flow=CLASSIFICATION

SMB/CIFS Tagging Global

  1. Navigate to Administration > Connections > CIFS > Tagging rules

  2. Here, enter a GQL filter, at first we can use flow=CLASSIFICATION or a more narrow filter such as above

  3. Back on the Connections tab, choose the desired share and select the tagging icon on the right

  4. Once the job kicks off, started checking metadata on the documents in the share

Data Risk Survey

  1. Navigate Dashboard > Data Risk Survey

  2. Here is where information is gathered about the organisation that then feeds into the Data Risk reports

  3. The first 25 questions are compulsory to generate these reports

  4. The questions should be answerable by CIO/CISOs, Heads of Engineering, etc…

  5. Once complete, navigate to Reports

  6. Data Risk reports are performed on individual shares, this allows us to identify remediation options more effectively

  7. Select the desired share (SEU01) and Generate Report

Other Reporting

...

From Dashboard > Reports

...

Select Generate on any of the reports

...

Each has actionable insights

...

SMB/CIFS Tagging Targeted

  1. Unzip and copy the original folder, rename SEU02

  2. Create new CIFS scan

  3. Create a filter to only tag docx files in this folder