Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 4 Current »

Learning Outcomes: SMB Scan, Access Risk, GQL, SMB Tagging, Data Risk Survey & Reporting

Setup SMB/CIFS Scan

  1. Navigate to Administration > Connections > CIFS

  2. Enter credentials provided

  3. Make sure to name the connection

  4. Select folder path (this also tests connection)

  5. Select save

  6. To start scan select the circular scan icon on your desired connection

Access Risk

  1. Navigate to Dashboard > Explore

  2. Choose Source > IP address

  3. Alternatively, choose Alias and the name you gave your connection

  4. In the Risk drop-down, select High

  5. For each file row, the right-most icon opens the File’s Permissions, select this

  6. This modal window displays users and their permission levels

GQL

  1. On the Explore page, select Switch to advanced search

  2. Select the text box to begin querying

  3. Using the suggestions or typing directly add fileType=doc AND classification=Confidential AND category=Technical_Documents AND categoryConfidence>=0.7 AND risk=2

  4. Go through different permutations here using != , OR, <=, (), etc…

  5. Search for specific data types that would interest particular customers

  6. An interesting use case to search for, are image files that have been classified with OCR (fileType=jpg OR fileType=png) AND flow=CLASSIFICATION

SMB/CIFS Tagging

  1. Navigate to Administration > Connections > CIFS > Tagging rules

  2. Here, enter a GQL filter, at first we can use flow=CLASSIFICATION or a more narrow filter such as above

  3. Back on the Connections tab, choose the desired share and select the tagging icon on the right

  4. Once the job kicks off, started checking metadata on the documents in the share

Data Risk Survey

  1. Navigate Dashboard > Data Risk Survey

  2. Here is where information is gathered about the organisation that then feeds into the Data Risk reports

  3. The first 25 questions are compulsory to generate these reports

  4. The questions should be answerable by CIO/CISOs, Heads of Engineering, etc…

  5. Once complete, navigate to Reports

  6. Data Risk reports are performed on individual shares, this allows us to identify remediation options more effectively

  7. Select the desired share (SEU01) and Generate Report

Other Reporting

  1. From Dashboard > Reports

  2. Select Generate on any of the reports

  3. Each has actionable insights

  4. All reports except the Risk Report cover all files or users in the database

  • No labels

Classified as Getvisibility - Partner/Customer Confidential