/
SEU Focus Training

SEU Focus Training

Owned by Alan Nicholson (Unlicensed)
Last updated: Aug 16, 2023
2 min read

Learning Outcomes: SMB Scan, Access Risk, GQL, SMB Tagging, Data Risk Survey & Reporting

Setup SMB/CIFS Scan

  1. Navigate to Administration > Connections > CIFS

  2. Enter credentials provided

  3. Make sure to name the connection

  4. Select folder path (this also tests connection)

  5. Select save

  6. To start scan select the circular scan icon on your desired connection

Access Risk

  1. Navigate to Dashboard > Explore

  2. Choose Source > IP address

  3. Alternatively, choose Alias and the name you gave your connection

  4. In the Risk drop-down, select High

  5. For each file row, the right-most icon opens the File’s Permissions, select this

  6. This modal window displays users and their permission levels

Data Risk Survey

  1. Navigate Dashboard > Data Risk Survey

  2. Here is where information is gathered about the organisation that then feeds into the Data Risk reports

  3. The first 25 questions are compulsory to generate these reports

  4. The questions should be answerable by CIO/CISOs, Heads of Engineering, etc…

  5. Once complete, navigate to Reports

  6. Data Risk reports are performed on individual shares, this allows us to identify remediation options more effectively

  7. Select the desired share (SEU01) and Generate Report

Other Reporting

  1. From Dashboard > Reports

  2. Select Generate on any of the reports

  3. Each has actionable insights

  4. All reports except the Risk Report cover all files or users in the database

GQL

  1. On the Explore page, select Switch to advanced search

  2. Select the text box to begin querying

  3. Using the suggestions or typing directly add fileType=doc AND classification=Confidential AND category=Technical_Documents AND categoryConfidence>=0.7 AND risk=2

  4. Go through different permutations here using != , OR, <=, (), etc…

  5. Search for specific data types that would interest particular customers

  6. An interesting use case to search for, are image files that have been classified with OCR (fileType=jpg OR fileType=png) AND flow=CLASSIFICATION

SMB/CIFS Tagging Global

  1. Navigate to Administration > Connections > CIFS > Tagging rules

  2. Here, enter a GQL filter, at first we can use flow=CLASSIFICATION

  3. Back on the Connections tab, choose the desired share and select the tagging icon on the right

  4. Once the job kicks off, started checking metadata on the documents in the share

SMB/CIFS Tagging Targeted

  1. Unzip and copy the original folder, rename SEU02

  2. Create new CIFS scan

  3. Create a filter to only tag docx files in this folder

Related content

Customer Onboarding Steps
Customer Onboarding Steps
GV-KnowledgeBase
Read with this
Focus Admin Guide
Focus Admin Guide
GV-KnowledgeBase
More like this
Create a new user in Keycloak
Create a new user in Keycloak
GV-KnowledgeBase
Read with this
SMB/CIFS Automatic File Tagging
SMB/CIFS Automatic File Tagging
GV-KnowledgeBase
More like this
Focus Release 22nd March
Focus Release 22nd March
GV-KnowledgeBase
More like this

Classified as Getvisibility - Partner/Customer Confidential