Where is the sensitive data on your network? Sure you know where your main databases are, but what about all the megabytes of unstructured data each of your users create every day? Out of all the file shares on your network, which ones do you really need to worry about? Where has personally identifiable information (PII) like birth dates and social security numbers, credit card data, account numbers, and other sensitive data leaked out into PDFs and other documents?
The core technology for finding information like this is Regular Expressions (aka RegEx), which are a powerful but hideously cryptic way to match data against patterns. Some people call regular expressions “wild cards on steroids”. For instance this is a pretty good regular expression for recognizing email addresses:
\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b.
I warned you RegEx is cryptic!
In this webinar we will show you how regular expressions work and how you can use them to find the sensitive data on your network using PowerShell. I’ll explain how things like character classes, character sets, tokens, grouping, and word boundaries work. There is no doubt that regular expressions are powerful, and no matter what kind of data classification or search tool you use, RegEx is a key component.
But, I’ll also share some proven examples of regular expressions for common types of data like social security numbers and the like. Kevin Foisy from our sponsor, STEALTHbits, will be helping me with this topic. Kevin is a regular guru for regular expressions and he will show us some of the top patterns they use for finding sensitive information and explain how those regular expressions work.
You’ll take away:
- the basics of regular expressions
- top regular expressions for detecting common sensitive data
- how to use PowerShell to scan files with regular expressions
Then Jonathan Sander will briefly demonstrate how StealthSEEK goes far beyond regular expressions to seek out and secure the sensitive information lurking in the ever-growing repositories of unstructured data. He will further provide Use Cases of the solution regarding how recent data breach events could have been avoided with StealthSEEK. These will correlate to a wide variety of industry compliance standards the solution currently supports, such as PCI-DSS, HIPAA, and ITAR. I think you’ll be impressed how their solution compares to traditional DLP solutions.
This is real training for free™. Don’t miss it! Please register now.