Match Criteria by Rule Type
When you Add a New Policy Rule for Content or you Modify a Policy Rule, you define the match criteria that the policy rule uses when scanning for matches. The Aperture service compares all of the information it discovers against the enabled policy rules and identifies incidents and exposures in every asset across all your monitored SaaS applications. Match criteria is critical for successful discovery of risks in SaaS application usage across your organization so, when you set the match criteria, you must carefully consider the thresholds, types of information, and risks associated with how assets are shared. Use match criteria to enforce compliance with your corporate acceptable use policy.
Select the asset access and modification activities within a selected time frame to match. For example, activities can include Accessed, Not Accessed, Modified, and Not Modified. Time frames include in the past week, in the past month, and in the past 6 months.
Enter the Asset Name to include or exclude in the match results. Select either Equals to match the asset, or Does not Equal to exclude the asset from matching.
Select the managed applications to scan and match. By default, all cloud apps you added to the Aperture service are scanned, but you can Rescan a Managed Cloud App.
Select the available data patterns to match including predefined or custom data patterns or a file property you defined when you Configure Data Patterns. Enter the number of Occurrences required to display a data pattern match.
Select the match conditions for how the asset is shared (Public, External, Company, or Internal).
Enter the File Extension to include or exclude in the match results. Select either Equals to match the asset file extension, or Does not Equal to exclude the asset file extension from matching.
Enter the email address for the asset Owner to Include or Exclude in the match results.
Files are scanned using WildFire analysis to detect and protect against malicious portable executables (PEs) and known threats based on file hash. Enter the Hash (SHA256) details of the file to match. Select Equals (include in matching), or Does not Equal (exclude in matching).
When you Define Untrusted Users and Domains or if you are matching on an assets trust state, all assets shared with a user in the selected Trusted, Untrusted, or Anyone Not Trusted users list are detected as a match. Specify the number of occurrences (such as Any, More than, Fewer than, or Between with whom a file must be shared to trigger a match.
Select the Cloud App and the Project/Subscription in the storage Account to include in the match results.
Begin Scanning a Box App
Begin Scanning a Box App If you plan to Begin Selective Scanning Using Azure Active Directory Groups Add your Azure Active Directory to Aperture to ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
View and Filter Data Pattern Match Results
View and Filter Data Pattern Match Results When you Configure Data Patterns Learn about the three types of data patterns available on the Aperture service—predefined, ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Begin Scanning a Jive App
Begin Scanning a Jive App To begin scanning a Jive app: Add the Jive app. From the Aperture Dashboard , Add a Cloud App . ...
Configure Regular Expressions
To make content matching easy to configure, filter, and assess, you can now use the Aperture regex builder to build basic and weighted regular expressions. ...
Begin Scanning Microsoft Office 365 Apps
Begin Scanning Microsoft Office 365 Apps To begin scanning Microsoft Office 365 apps: Add company.onmicrosoft.com as an internal domain. See Define Your Internal Domains Add ...
Begin Scanning a Slack for Enterprise App
Begin Scanning a Slack for Enterprise App To begin scanning a Slack for Enterprise app: Enable the privileges required for communication between the Aperture service ...
Begin Scanning a Confluence App
Begin Scanning a Confluence App Before you can begin scanning a Confluence app, you must configure the application links required for authentication and communication between ...