DSPM DRA - Enabling Data Risk & Control Features

This documentation provides a step-by-step guide to converting a Rancher deployment to DRA, including prerequisites and enabling DRA features.

Prerequisites

• Rancher-based DSPM deployment version v3.236.0 or above

Enabling DRA Features

To enable DRA features, you need to configure the following components:

• Detectors

• Dashboards

• Data Controls

Enabling DRA Features

Currently certain features and data sets require manual import for brand-new installations done through Rancher. We are actively working to streamline this process and enhance overall usability by introducing the Onboarding Wizard. This wizard will capture information on the organization’s location, size, and regulations. As a result, the system will be configured with a set of Dashboards, Data Controls, Data Assets, and Detectors.

Importing Data

Follow the steps below to import data for a new deployment straight from Rancher.

Dashboards

Steps to Import Dashboards:

1. Download Dashboards: https://drive.google.com/file/d/12VHe7SlLZJq-kJLSWsfeu8R9JwHTFcsV/view?usp=sharing

2. Navigate to Analytics

3. On the left top corner, click on ⨁ Create new Board

4. In the bottom left corner of the new modal window, click on Import from file
   
   

   Open

   

   Import a new dashboard flow

5. Select each file one by one to import.

6. A set of new dashboards will be imported into your environment.

Detectors

Steps to Import Detectors:

1. Download Detectors: https://drive.google.com/file/d/1-08_AmSGQgJtndVt92sv9L62XBsN3JIZ/view?usp=sharing

2. Navigate to Administration → Detectors

3. In the top right corner, select Import from file

4. Select the detectors file to import.
   
   

   Open

   

   Import detectors flow

5. A new set of detectors will be imported into your environment.

Data Assets and Data Controls

Steps for the Data Assets and Data Controls:

1. Download Data Assets and Data Controls Scripts: https://drive.google.com/file/d/1Z9Qa34YuZJPCcl6Gdr__vIWouudH_0SN/view?usp=sharing

2. Replace the content in the jwt_token.txt with your JWT token.

   • Open developer tools in the browser.

   • Log in to the dashboard.

   • In the networking tab, find the item named token and put its value in the jwt_token.txtfile.

   • Note: The token is valid for a few minutes.

Setting Up Data Controls

1. Create Users in Keycloak:

   • Suggested users: finance and hr (assign any email to them).

     • Follow this guideline for creating new users in keycloak – https://getvisibility.atlassian.net/wiki/x/BoDJJg

2. Run the following scripts in order, providing server URL or IP address:

   • getUsers.sh

   • setDepartments.sh

   • setDataControls.sh

Final Steps

After completing the above steps, navigate to:

• Policy Center → Compliance Hub → Departments:

  • It should have HR, Finance, Marketing, Sales, InfoSec, and Engineering departments set up.

• Policy Center → Controls Orchestration:

  • It should have controls for:

    • New Risky Sensitive Data

    • PII Data at Risk

    • Critical Data At High Risk

    • Publicly exposed critical data to the world

    • Overshared internally critical information

    • Critical information shared with 3rd parties

    • PII Files Older than 3 years

    • Externally Shared Data not updated in 1 year

    • Valuable IP Exposure

    • Trade Secret Exposure

By following these steps, you will successfully convert Rancher POC deployments to DRA with all necessary configurations and data imports.