Shadow data refers to the sensitive information that exists within your organization but remains unidentified and unprotected by your current data loss prevention systems. This data includes dynamically and rapidly generated unstructured content such as:

Data security administrators face a significant challenge in identifying and protecting sensitive information within your dynamic, irregular, and contextual data repositories. In many cases, data security administrators can't configure pattern-based matching for all types of sensitive data because each definition lacks the complete contextual understanding of a document or payload. While you have newer machine learning techniques such as trainable classifiers that can grasp contextual nuances, they depend on manual uploads of known sensitive documents that might not always be available, known, or sufficient for training. These limitations create uncertainties in your data security posture, allowing sensitive information to go undetected and leaving it vulnerable to significant risks.

Shadow Data Discovery enables your data security administrators to analyze your organization's data to identify patterns and categories without requiring you to predefine what constitutes sensitive information. When you enable this feature, Enterprise Data Loss Prevention (E-DLP) runs summarization and categorization on your nonsensitive file-based assets, collecting summaries for up to 100,000 documents before training categorization models. Once trained, these models create categories with descriptions that help you understand what types of data exist in your environment. This approach helps you discover and protect sensitive data that would otherwise remain hidden in your environment.

Shadow Data Discovery supports file-based scanning for the following SaaS apps onboarded to Data Security (SaaS API).