Test the Scan

Objective: Put your DLP policies to the test

Next, we will run the new scan against the data in your S3 bucket and see if we can find the stolen data.

Tasks

Start your On-Demand Scan

  1. From the main menu bar, select Policy then On-Demand Scan
  2. Click the (…) symbol to the right of the scan you created, and select Start
  3. When asked about scan estimation, click Run Anyway followed by Start.

Take a Quick Break

Your DLP scan will typically take between 3-5 minutes to complete. Take a moment to strech or grab a coffee - you’ll have your scan results shortly!

Examine the results

  1. When your scan reaches the Completed status, note the difference between the number of incidents betwee this scan and the one with only regular expressions.
  2. Click on the number in the Last Scan Incidents column for your recently run scan.
  3. Scroll through the list of incidents and note the differences in what situations data was marked as sensitive that perhaps should not have been. Do you have any ideas on how you could improve your data identifiers?
  4. Spend a few minutes seeing if you can find the “true positive” files that were leaked by the disgruntled employee.