Glossary of Terms

A worker process, installed locally or on a remote VM, capable of scanning and evaluating locations for sensitive data.

The on-premise agent interface that an end user can launch on an endpoint.

An Agent Policy is a set of rules for the agent to follow.

The action of applying a label to a location via the file system, directly within the file metadata, or within the SDP database.

Defined data structures that represent different types of sensitive data, such as a credit card number, password, or social security number.

An end-user provided list of terms Sensitive Data Engine (SDE) can use to look for.

The action of scanning a file system to find files and folders OR databases / blob stores to identify data locations.

A group of agents configured to scan targets and collectively work to complete that scan.

A group of agents configured to scan targets and collectively work to complete that scan.

A group of agents configured to scan targets and collectively work to complete that scan.

Previous term used for Target.

A simple data type that is an exact case-sensitive match.

An end-user who is directly logged into a given computer (that is, "At the keyboard" and not through Remote Desktop/RDP).

A scan match result such as "c:\temp\chat.docx".

A Location can have one to many matches.

An instance of Sensitive Data, such as a single credit card number, found in a Location.

Each individual match is unique.

Personally Identifiable Information. Any information that can identify a person.

Examples include: name, address, social security number, telephone number, email address, gender, race, birth date, medical, educational, financial and employment information

A sequential set of rules which define the action(s) to be taken when performing a scan.

For example, refer specific matches to a specific department for review and remediation.

The administrative view for creating and defining a playbook.

The end user view for investigation and remediation of matches.

Settings that determine how an agent operates at its base state.

A common method of finding patterns within blocks of text.

Remediation refers to the process of identifying and correcting data issues, such as errors, inconsistencies, or inaccuracies, to improve data quality, security, and compliance.

It's a proactive approach to addressing vulnerabilities and ensuring data is accurate, complete, and consistent, thereby mitigating risks and adhering to regulations.

Scans are the searches that agents perform on endpoints (targets) to find either the file locations (Discovery Scan) or find specific data types (Sensitive Data Scan) within the files and folders.

The action of scanning a file system to find files and folders OR databases / blob stores to identify data locations.

See Sensitive Data Scan below.

Settings that determine what is scanned, where scans occur, which agents perform the scan, and what configuration options are used during that scan.

For Sensitive Data Scans this includes a Playbook.

The action of scanning within a file, folder, database, or blob stores for specific data type matches.

This type of scan enables you to search for sensitive data, such as a credit card number, password, or social security number, within defined Targets and take actions on them based on the playbook rules defined for them.

Search engine logic created by end-users to find custom data types with accuracy.

Search engine used for classification comprised of various modules (for example, RegEx, Dictionary, Keyword, and so on).

Settings that are required but not configurable by the user.

Settings that are used until changed by a user.

A Tag is a kind of container. A Tag is a manual or dynamic group of Targets (such as Marketing Laptops or HR Databases). Three are three types of Tags: IP Range, Manual, Conditional. You can select the Targets for your Tag manually, or you can define the conditions that determine which Targets are placed into your Tag. See Tag Management.

Any data location that SDP can scan.

For example, a physical machine such as a local laptop or desktop or a cloud asset with data such as Amazon S3 or SharePoint.

User Level Remediation.

Empowers the end user to address sensitive data policy violations, issues or risks and resolve them.

For example, a physical machine such as a local laptop or desktop or a cloud asset with data such as Amazon S3 or SharePoint.

Job for the agent to do (for example, Discovery, Classification, Remediation).

The logic and actions to be performed automatically when matches are validated.