Vulnerability assessment (VA) policies : Data discovery policies and policy groups
 
Data discovery policies and policy groups
The FortiDB sensitive data discovery feature uses the data discovery policies to search a target database for sensitive information located in tables and columns. You use data discovery policy groups to add these policies to the sensitive data discovery configuration for a target database.
For information on running sensitive data discovery, see “Sensitive data discovery”.
Managing data discovery policies
Go to Policy > Data Discovery Policies to perform data discovery policy tasks such as adding or enabling a policy.
To edit a policy, click its name.
To create a policy, click Add.
The Data Discovery Policies and Edit Alert Policy pages display the following columns and settings.
Column/settings
Descriptions
Status (policy list only)
(enabled)
(disabled)
To enable or disable policies, select the checkbox for one or more policies, and then click Enable or Disable.
Policy Name
Policy name
Policy Type
Either BUILT_IN or USER_DEFINED.
You cannot delete built-in policies.
Match Rule
Specifies the type of data FortiDB searches for:
TEXT — Simple text
CREDIT_CARD — 16-digit number
EMAIL — Email address
SSN — 9-digit Social Insurance number (SSN)
FortiDB searches for this criteria after any specified Column Name Pattern and Data Pattern criteria.
Column Name Pattern
Specifies the pattern FortiDB searches for in table column names.
Can be a specific value or a regular expression.
If left blank, FortiDB does not search table column names.
Data Pattern
Specifies the pattern FortiDB searches for in the first 40 rows of the database.
Can be a specific value or a regular expression.
If left blank or the value is .+ (decimal followed by plus sign), FortiDB does not search the sample set of rows.
(checkbox) If checked, either column name pattern or data pattern matched lead to result. Or, both matched lead to result. (edit policy only)
Specifies whether search results include matches for either the value of Column Name Pattern and Data Pattern, or matches for both patterns.
Description (edit policy only)
A description of the policy.
To export a policy as an XML format file, select the checkbox for one or more policies, and then click Export. Your web browser downloads the file.
To import a policy, click Import, use the file selection option to navigate to and select an XML format file, and then click Import.
Data discovery policy groups
You add data discovery policy groups to a target’s Sensitive Data Discovery configuration to specify the types of data FortiDB searches for.
Go to Policy > Data Discovery Policy Groups to manage data discovery policy groups.
Click a group name to edit group or Add to add new group.
To delete a group, select the check box for one or more groups, and then click Delete.
See also
Sensitive data discovery