Data Breach Risk Scans - Data Ruleset

Rulesets are groups of regular expressions (regexs) that define a search pattern. In our regexs, we look for patterns of alpha-numeric strings with common keywords to identify data, specifically Personally Identifiable Information (PII).

These Data Rulesets apply to the Data Breach Risk Scan and Expanded Data Breach Risk Scan, and in this section we will cover how to manage these rulesets in a custom scan. Covering:

• Data Rules Dialog
• Add Ruleset
• Add Custom Rule

Data Rules Dialog

The "Data Rules" dialog displayed when creating a custom rule lists each "Data Ruleset" configured for the scan along with an indication of whether they are a custom or pre-defined rule. The selection automatically populates with a range of default Data Rulesets. For example Credit Cards, International Bank Accounts, Date of Birth etc.

From here you can opt to Customize (pre-defined ruleset), Edit (custom ruleset) or Remove the existing rulesets as well as Add Ruleset.

This dialog also includes a Reset All Rules to Default option restores the Data Ruleset section to its original selection. Any added rulesets are removed and customized rulesets are returned to their original values.

Add Ruleset

Add additional Data Rulesets via the Add Ruleset button. We have over 70 pre-defined sets to choose from. Select one or more rules from the “Choose a Pre-defined Rule” list then click Add Selected Rules to include them in the rulesets for this scan.

Add Custom Rule

To create your own unique ruleset, click on the Add Custom Rule button in the “Choose a Pre-defined Rule” section. The returned dialog is also used when customizing or editing a ruleset.

In the returned form enter the "Ruleset Name", we would suggest providing a meaningful name for easy identification.

Optionally you can choose a "Validator" from the dropdown. These include Credit Card, International Bank Account Number and Social Security checks.

File Rules

When creating the ruleset, specify the non-mandatory "File Rules". These terms are associated with the rules that we will search for in the files. Where a file does not contain one of the file rules strings the rules are not applied to that file.

For example, if you are configuring a Credit Card based rule you may want to look for instances of “Credit Bank Debit Charge Company Card(s) Number Num No Info American Express Visa Mastercard Discover JCB Diners” in a file.

To add a File Rule click Add, enter the "Regular Expression" then Done to save.

Rules

The next step is to set up the Rules themselves. These are the data string that to search for, for example, the number formats associated with the various credit cards.

To add Rules click Add, provide an identification "Name", enter the "Regular Expression" then Done to save.

To include multiple Files Rules and Rules in the same ruleset, simply click Add to populate. Once configured the ruleset, click Done to save. In the Data Ruleset page click Next to review the scan configuration settings.

Customize and Edit Rules

Where changes are required for a Data Ruleset these can be achieved by using either the Customize (pre-defined Ruleset) or Edit (custom Ruleset) button. Amend the settings as required and click Done to save.

Due to the potential complexity of building a regex pattern, we would suggest that only users with experience of regex attempt to modify or create Data Rulesets. Please note that unfortunately the Technical Support team are unable to support custom or customized regex Data Rulesets.

What do you want to do?

• Create a Risk Intelligence Policy
• Enable Risk Intelligence and select Policy

• Access the Risk Intelligence dashboard

• Navigate the Risk Intelligence Dashboard
• Manually run a Risk Intelligence Scan

• View Scan Results

• Learn about the Trend and Baseline Reports