Predefined Data Patterns on SaaS Security API

Learn about how SaaS Security API categorizes predefined data patterns.
Use one of the following topics:
We are in the process of replacing SaaS Security DLP (Classic) with SaaS Security DLP. During this process, use the topic that matches your tenant. If you purchased SaaS Security with Enterprise DLP, opted in for a trial of SaaS Security with Enterprise DLP, or have a new tenant with SaaS Security DLP, use SaaS Security API Data Profiles; otherwise, use SaaS Security API Data Patterns—SaaS Security DLP (Classic).

SaaS Security API Data Patterns—SaaS Security DLP (Classic)

SaaS Security API provides predefined data patterns that enable you to discover sensitive content and uncover how that content is being shared or accessed in your managed cloud applications. The service automatically scans your cloud applications when you Add Cloud Apps to SaaS Security API using predefined data patterns, classifies all documents, and checks hash on all Microsoft Office documents, PDF, and portable executable files against WildFire rules without requiring you to create any policies.
As the service displays incidents that match the predefined data patterns, you can explore and filter the results to determine if the content that the service reported poses a risk to your organization. Then, you can do any of the following to prevent future violations:
SaaS Security API categorizes predefined data patterns as follows:
Content Category
Scans for
Intellectual Property
Scans files for RSA and AWS secret keys and confidential documents that are at risk of being stored or shared in a way that could result in a loss of intellectual property.
You can specify
File Extensions to Exclude
. Excluding files that are unlikely to have intellectual property information that is public and not at risk of being exposed or shared in non-compliant ways helps minimize false positives.
Personally Identifiable Information (PII)
Scans for PII data, such as U.S., Canadian, and international social security numbers. It also scans for Tax IDs from the U.S., Australia, Canada, Germany, and the UK for both the Unique Tax Payer ID, (UTR) and National Insurance Number (NINO) formats.
For each type of PII that SaaS Security API scans for, you can specify the minimum number of occurrences required to trigger a match. As the number of violations for a specific asset exceeds the specified threshold, the severity of the risk increases.
Financial Information
Scans for financial data including credit card numbers, credit card magnetic stripe data, international bank account numbers, financial accounting, bank statements, personal finance, invoices, and other financial documents. By default, SaaS Security API performs strict checking on credit card numbers to reduce false positives.
Healthcare Information
Scans healthcare documents for exposure to sensitive or confidential information, related to Clinical Laboratory Improvement Amendments (CLIA) number, Drug Enforcement Administration (DEA) number, and other healthcare documents.
SaaS Security API uses machine learning algorithms to classify information and to detect sensitive information.
Legal Information
Scans legal documents for exposure to sensitive or confidential information related to bankruptcy filings, lawsuits, business agreements, mergers and acquisition information, patents, and other legal documents.
SaaS Security API uses machine learning algorithms to classify information and to detect sensitive information.
Malware
Scans files using WildFire Analysis to detect and protect against malicious portable executables (PEs), Microsoft Office Files, Adobe Portable Document Format (PDF) files, and known threats based on file hash.
A hash is a unique fingerprint of a file. It is string of letters and digits that is generated as a result of running a file through a cryptographic hash function.
By default, SaaS Security API automatically submits portable executable files to the WildFire service for analysis (
Windows executables
).

SaaS Security API Data Profiles

SaaS Security API provides predefined data profiles, which include predefined data patterns, that enable you to discover sensitive content and how that content is being shared or accessed in your managed cloud applications. Predefined data patterns use either machine learning or regex based detection for scanned files. The service automatically scans your cloud applications when you Add Cloud Apps to SaaS Security API using predefined data patterns, classifies all documents, and checks hash on all Microsoft Office documents, PDF, and portable executable files against WildFire rules without requiring you to create any policies.
The predefined data patterns and data profiles that come with DLP (Data Loss Prevention) work automatically: you don't enable, configure, or create data policies to use them, unless you want to open incidents. After your end users upload files that include social security numbers or credit card numbers, for example, and SaaS Security API scans theses assets, SaaS Security API evaluates, identifies, then exposes those assets. These tools are built into SaaS Security API—they’re automatically provisioned and protect your data.
  • SaaS Security with Enterprise DLP—
  • SaaS Security DLP—
SaaS Security with Enterprise DLP provides you exclusive access to predefined data patterns and data profiles. SaaS Security web interface displays all predefined data patterns and data profiles irrespective of your having SaaS Security with Enterprise DLP, and uses a lock icon to highlight data patterns and data profiles that require the license.
As the service displays incidents that match the predefined data patterns, you can explore and filter the results to determine if the content that the service reported poses a risk to your organization. Then, you can do any of the following to prevent future violations:
SaaS Security API categorizes predefined data patterns as follows:
Predefined Data Profile
SaaS Security with Enterprise DLP Required?
Bulk CCN
Yes
CCPA (California Consumer Privacy Act)
Yes
Corporate Financial Docs
Yes
Financial Information
No
GDPR (General Data Protection Regulation)
Yes
GLBA (Gramm-Leach-Bliley Act)
Yes
Healthcare
No
Intellectual Property
Yes
Legal
Yes
Malware
No
PII (Personally-Identifiable Information)
Yes
Profanity
Yes
Self Harm
Yes
Sensitive content
Yes
U.K. PIOCP
No

Recommended For You