Aperture Predefined Content Data Patterns

The predefined data patterns provided by Aperture enable you to discover sensitive content and how that content is being shared or accessed in your managed cloud applications. The service automatically scans your cloud applications when you Add Cloud Apps to the Aperture Service using predefined data patterns, classifies all documents using machine learning, and checks hash on all Microsoft Office documents, PDF, and portable executable files against WildFire rules without requiring you to create any policies. As the service displays match results for the predefined data patterns, you will be able to explore and filter the results to determine if the content poses a risk to your organization. You can then take actions, create a custom data pattern, or modify a predefined data pattern or policy to prevent future violations. The Aperture service supports basic and weighted regular expressions for policy definition and provides the following types of predefined data patterns:
Predefined data patterns cannot be deleted, but you can Enable or Disable a Data Pattern.
Content Category
Scans for
Intellectual Property
Scans files for RSA and AWS secret keys and confidential documents that are at risk of being stored or shared in a way that could result in a loss of intellectual property.
You can specify File Extensions to Exclude. Excluding files that are unlikely to have intellectual property information (information that is public and not at risk of being exposed or shared in non-compliant ways) helps minimize false positives.
Personally Identifiable Information (PII)
Scans for PII data, such as U.S., Canadian, and international social security numbers. It also scans for Tax IDs from the U.S., Australia, Canada, Germany, and the UK for both the Unique Tax Payer ID, (UTR) and National Insurance Number (NINO) formats.
For each type of PII for which the Aperture service scans, you can specify the minimum number of occurrences required to trigger a match. As the number of violations for a specific asset exceeds the specified threshold, the severity of the risk increases.
Financial Information
Scans for financial data including credit card numbers, credit card magnetic stripe data, international bank account numbers, financial accounting, bank statements, personal finance, invoices, and other financial documents. By default, the Aperture service performs strict checking on credit card numbers to reduce false positives.
Healthcare Information
Scans healthcare documents for exposure to sensitive or confidential information, related to Clinical Laboratory Improvement Amendments (CLIA) number, Drug Enforcement Administration (DEA) number, and other healthcare documents.
The Aperture service uses machine learning algorithms to classify information and to detect sensitive information.
Legal Information
Scans legal documents for exposure to sensitive or confidential information related to bankruptcy filings, lawsuits, business agreements, mergers and acquisition information, patents, and other legal documents.
The Aperture service uses machine learning algorithms to classify information and to detect sensitive information.
Scans files using WildFire Analysis to detect and protect against malicious portable executables (PEs), Microsoft Office Files, Adobe Portable Document Format (PDF) files, and known threats based on file hash.
A hash is a unique fingerprint of a file. It is string of letters and digits that is generated as a result of running a file through a cryptographic hash function.
By default, Aperture automatically submits portable executable files to the WildFire service for analysis (Windows executables).

Related Documentation