Test the Scan

Next, we will run the new scan against the data in your S3 bucket and see if we can find the stolen data.

From the main menu bar, select Policy then On-Demand Scan.
Click the (…) symbol to the right of the scan you created, and select Start.
When asked about scan estimation, click Run Anyway followed by Start.

Your DLP scan will typically take between 3-5 minutes to complete. Take a moment to stretch or grab a coffee—you’ll have your scan results shortly!

When your scan reaches the Completed status, note the difference between the number of incidents between this scan and the one with only regular expressions.
Click on the number in the Last Scan Incidents column for your recently run scan.
Scroll through the list of incidents and note the differences in what situations data was marked as sensitive that perhaps should not have been. Do you have any ideas on how you could improve your data identifiers?
Spend a few minutes seeing if you can find the “true positive” files that were leaked by the disgruntled employee.