Define Data Security Scan Settings

The scan settings for data security allows you to configure scans for additional resources (buckets), view the data profiles and the associated data patterns, and modify what you want to scan.
After you add the cloud accounts that you want to scan using Prisma Cloud, the data security configurations that define what profiles and patterns are used to scan your files stored in the storage bucket, how sensitive information is displayed when there is a pattern match, and any modifications to enable and disable scans for specific buckets are available on
Settings
Data
.
  1. Select
    Settings
    Data
    Scan Settings
    .
    The table view displays a list of all storage resources across the cloud accounts that you have added to Prisma Cloud. Buckets that are deleted after onboarding are not removed from this page.
    The columns display the following information:
    1. The resource name, which is the bucket name as you defined it on the cloud service, cloud storage service name, and cloud service provider, and the cloud account name you provided when you onboarded the account on Prisma Cloud.
    2. The estimated size of data.
      Prisma Cloud retrieves the approximate
      Storage Size
      of the storage bucket and the
      Last Estimate
      timestamp indicates when the data was last retrieved. The estimate is updated once a week, by default, and it starts when you enable Data Security scanning for the cloud account. This size estimate excludes CloudTrail buckets and objects that contain ELB access logs, VPC flow logs, and S3 access logs.
      From the
      Estimate Retrieval
      dropdown, you can set the estimate retrieval schedule to Daily, Weekly (default), or None. This is a tenant-level configuration and the schedule you set will affect all the accounts under that tenant. You can change the schedule once in 24 hours.
      The
      Storage for Sensitive Data Scanning
      and
      Storage for Malware Scanning
      are an estimate of the data to be scanned based on the supported file types and file sizes that are eligible. The estimated size for
      Storage for Sensitive Data and Malware Scanning
      maybe lesser than the sum total for the malware category and the sensitive data category because of file types that may overlap.
    3. The
      Scan Status
      indicates whether each bucket is enabled or disabled for scanning, and when enabled whether it is performing Forward only, or Forward and Backward scans.
    4. You cannot configure a scan for log buckets, for your awareness,
      Configuration Status
      displays
      Contains logs
      . If
      Configuration Status
      displays
      Recently configured
      , you cannot configure another scan for the next 24 hours since it was last configured.
      If Configuration Status displays Missing Permissions, see troubleshoot-data-security-errors.xml[Troubleshoot Data Security Errors].
  2. Configure scanning of buckets.
    1. Select storage bucket(s) for which you want to
      Configure Scan
      .
    2. Enable Scanning
      or toggle to disable scanning.
  3. Select
    Scan
    capabilities. You have the option to fine-tune your scanning configuration. You can choose whether you want to scan objects for public exposure only or for all (public exposure of sensitive data and malware).
    • Public Exposure Only in All Objects
      scan detects objects that are publicly exposed (5 credits).
    • Sensitive Data and Malware in Publicly Exposed Objects
      scan detects which publicly exposed objects contain sensitive data and malware (5 credits for exposure scan on all objects and extra 25 credits for full scan on only publicly exposed objects).
    • Public Exposure, Sensitive Data and Malware in All Objects
      scan detects public exposure, sensitive data, and malware on all objects (5 credits for exposure scan on all objects and extra 25 credits for full scan on all eligible objects based on file types and sizes.
  4. Select the
    Scan Mode
    .
    • (
      Recommended
      ) When you select
      Forward and Backward Scan
      , the forward scan inspects any new or modified files, and the backward scan is retrospective, which means that it inspects files that exist in the storage bucket.
    • With
      Forward Scan Only
      , Prisma Cloud scans all files that are modified or new files added to the bucket after you enable scanning. For forward scan, the scan scope is unknown and therefore an estimate of data to be scanned and the corresponding credit consumption is not displayed in the UI.
      The size and number of files that you want to scan within your storage bucket will determine how many Prisma Cloud credits are used for Data Security.
  5. Depending on your
    Scan Capabilities
    and
    Scan Mode
    selection, the results will be displayed accordingly on the
    Data Inventory
    page.
  6. View the list of
    Data Profiles
    and
    Data Patterns
    .
    By default, the predefined profiles—Financial Information, Healthcare, Intellectual Property, and PII—are enabled. To disable a data profile, toggle
    Enabled
    for one or more data profile. When disabled, the patterns associated with the profile are not used to discover sensitive content in your storage buckets.
    To create custom data profiles and patterns and generate alerts for data policy violations, see Use Data Policies to Scan for Data Exposure or Malware.
  7. Select a Data Profile to see all the Data Patterns included within the profile.
  8. Select each data pattern to learn more.
  9. Select Mask Sensitive Data on Prisma Cloud to control the exposure of sensitive data.
  10. Learn how to request for an increase in Data Security scan quota.With Prisma Cloud Data Security, the Freemium experience offers 3 credits per tenant, before you are charged for using the Data Security module.
    The default scan quota for each tenant is 1500 credits; this quota allows you to control how much data is scanned so that you can align your organizational DLP budget with the amount of data that is scanned. This 1500 credits limit is adjustable and you can open a support ticket with Prisma Cloud Customer Success to increase it and balance your costs, while also ensuring that you’re using Prisma Cloud Data Security to scan the file types that you want to secure.

Recommended For You