Define Data Security Scan Settings
The scan settings for data security allows you to configure scans for additional buckets, view the data profiles and the associated data patterns, and modify what you want to scan.
After you add the cloud accounts that you want to scan using Prisma Cloud, the data security configurations that define what profiles and patterns are used to scan your files stored in the storage bucket, how sensitive information is displayed when there is a pattern match, and any modifications to enable and disable scans for specific buckets are available on
- Select.SettingsDataScan SettingsThe table view displays a list of all storage resources across the cloud accounts that you have added to Prisma Cloud.Bucket additions or deletions after the cloud account is onboarded are not displayed on this page.
The columns display the following information:
- Any buckets which are created after the cloud account is onboarded are not be displayed on this page until you edit the onboarded cloud account (and select the additional buckets.SettingsCloud Accounts
- Any buckets that are deleted after onboarding are not removed from this page.
- The resource name, which is the bucket name as you defined it on the cloud service, cloud storage service name, and cloud service provider, and the cloud account name you provided when you onboarded the account on Prisma Cloud.
- The estimated size of data.Prisma Cloud retrieves the approximateStorage Sizeof the storage bucket and theLast Estimatetimestamp indicates when the data was last retrieved. The estimate is updated once a week, by default, and it starts when you enable Data Security scanning for the cloud account. This size estimate excludes CloudTrail buckets and objects that contain ELB access logs, VPC flow logs, and S3 access logs.From theEstimate Retrievaldropdown, you can set the estimate retrieval schedule to Daily, Weekly (default), or None. This is a tenant-level configuration and the schedule you set will affect all the accounts under that tenant. You can change the schedule once in 24 hours.TheStorage for Sensitive Data ScanningandStorage for Malware Scanningare an estimate of the data to be scanned based on the supported file types and file sizes that are eligible. The estimated size forStorage for Sensitive Data and Malware Scanningmaybe lesser than the sum total for the malware category, and the sensitive data category because of file types that may overlap.For cloud accounts that were onboarded using versions of the CloudFormation template earlier than 21.5.1, the storage size estimate does not display because additional permissions are required to retrieve this estimate.
- Scan configuration. TheScan Statusindicates whether each bucket is enabled or disabled for scanning, and when enabled whether it is performing Forward only, or Forward and Backward scans.
- Configure scanning of buckets.The options to fine-tune your scanning configuration, such as which file extensions to ignore, or to scan only for sensitive date or only malware are not available.
- Select a storage bucket for which toConfigure Scan. You can update the following options for scanning:
- Enable Scanningor toggle to disable scanning.
- Select theScan Type.(Recommended) When you selectForward and Back Scan, the forward scan inspects any new or modified files, and the backward scan is retrospective, which means that it inspects files that exist in the storage bucket. The size and number of Supported File Extensions—Prisma Cloud Data Security that you want to scan within your storage bucket will determine how many Prisma Cloud credits are used for Data Security. However, in the event that you trigger the scan quota threshold and the Prisma Cloud Data Security scan is paused, if you have enabled both forward and backward scan all files will be inspected when you increase the scan quota and scanning resumes. For backward scan, all existing files in the bucket are scanned in a batch operation. Depending on the number of files in your bucket, backward scan can consume more credits.WithForward Scan Only, Prisma Cloud scans all files that are modified or new files added to the bucket after you enable scanning.For forward scan, the scan scope is unknown and therefore an estimate of data to be scanned and the corresponding credit consumption is not displayed onscreen.
- View the list ofData ProfilesandData Patterns.By default, the predefined profiles—Financial Information, Healthcare, Intellectual Property & PII—are enabled. To disable a data profile, toggleEnabledfor one or more data profile. When disabled, the patterns associated with the profile are not used to discover sensitive content in your storage buckets.To create custom data profiles and patterns and generate alerts for data policy violations, see Use Data Policies to Scan for Data Exposure or Malware.
- Select a Data Profile to see all the Data Patterns included within the profile.To add a custom data profile, see Use Data Policies to Scan for Data Exposure or Malware.
- Select each data pattern to learn more.
- Learn how to request for an increase in Data Security scan quota.
With Prisma Cloud Data Security, the
Freemiumexperience offers 300GB per tenant, before you are charged for using the Data Security module.
The default scan quota for each tenant is 10TB; this quota allows you to control how much data is scanned so that you can align your organizational DLP budget with the amount of data that is scanned. This 10 TB limit is adjustable and you can open a support ticket with Prisma Cloud Customer Success to increase it and balance your costs, while also ensuring that you're using Prisma Cloud Data Security to scan the file types that you want to secure.
If you reach the 10TB threshold, you must submit a request to increase the scanning quota. Until you increase it, Prisma Cloud does not perform forward scan of new or modified files. Backward scan is also paused and is resumed only after you increase this scanning quota.
Recommended For You
Recommended videos not found.