2020 StealthAUDIT® Sensitive Data Discovery Add-on User Guide StealthAUDIT®
TOC
Sensitive Data Discovery Add-On Overview 3
Sensitive Data Criteria Editor 4
Navigation Pane 4
Configuration Pane 5
Criteria Tester Window 9
Add Sub-Criteria 10
Sensitive Data System Criteria 17
Default Metadata Tag Values 25
Supported Formats for Scanning & Metadata 27
Scan-able Formats 27
Archive 27 Document 28 Email & Messaging 28 Other 28 Presentation 30 Raster Image 30 Spreadsheet 30 Text & Markup 31
Metadata Only Formats 32
Image Files 32 Vector Image 32
Scans Against Files with no Extensions 33
Exempted File Extensions 35
More Information 36
Appendix 37
Doc_ID 652 2
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Sensitive Data Discovery Add-On Overview The Sensitive Data Discovery Add-On allows StealthAUDIT to scan file content for matches to the sensitive data criteria. There are several pre-defined criteria, but users can also customize existing criteria or create new criteria.
The Sensitive Data Discovery Add-on can be used with any of the following StealthAUDIT solu- tions:
l AWS Solution
l Dropbox Solution
l Exchange Solution – Only with specific data collectors:
l EWSMailbox Data Collector
l EWSPublicFolder Data Collector
l ExchangeMailbox Data Collector
l File System Solution
l PostgreSQL Solution
l MongoDB Solution
l MySQL Solution
l Oracle Solution
l SharePoint Solution
l SQL Solution NOTE: Changes made in the Sensitive Data Criteria Editor are global for Sensitive Data Dis- covery in StealthAUDIT. In other words, any changes to criteria will affect all solutions using the Sensitive Data Discovery Add-on.
See the StealthAUDIT Sensitive Data Discovery Add-On Installation Guide for installation inform- ation and prerequisites.
Doc_ID 652 3
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Sensitive Data Criteria Editor The Sensitive Data Criteria Editor is accessed from the Criteria Tab in the Settings > Sensitive Data node. Use the Sensitive Data Criteria Editor to view pre-defined criteria and to customize or create user-defined criteria. Sensitive Data Criteria can be configured in individual data collectors that use the Sensitive Data Discovery Add-On or can be configured to inherit Sensitive Data Criteria set- tings from the Settings > Sensitive Data node. See the Sensitive Data section of the StealthAUDIT User Guides v11.0 for additional information.
The Sensitive Data Criteria Editor contains two sections:
l Navigation Pane – User-configured criteria can be added and removed in the Navigation Pane using the Add or Remove options. See the Navigation Pane section for additional information.
l Configuration Pane – Displays configured settings for the currently selected criteria in the Nav- igation Pane. See the Configuration Pane section for additional information.
Navigation Pane The Navigation Pane lists all user-created and pre-configured Sensitive Data criteria.
Doc_ID 652 4
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The options in the Navigation Pane are:
l Add Criteria [1] – Adds a new criteria under the User Criteria list
l Remove Criteria [2] – Removes a user-created criteria from the User Criteria list
l User Criteria – Lists all user-created criteria
l System Criteria – Lists all pre-configured criteria. For a list of pre-configured System Criteria, see the Sensitive Data System Criteria section for additional information.
l System Criteria cannot be modified or removed. To use existing System Criteria con- figurations in a User Criteria, right-click on a System Criteria and select Duplicate from the right-click menu. A configurable copy of the System Criteria appears under User Criteria.
Configuration Pane Use the Configuration Pane to view sub-criteria information for System Criteria and to view, add, edit, and remove sub-criteria information for User Criteria.
Doc_ID 652 5
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The information in the Configuration Pane changes based on the criteria currently selected in the Navigation Pane.
Doc_ID 652 6
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The options at the top of the Configuration Pane are:
NOTE: Configuration settings for System Criteria cannot be modified.
l Navigation Path [1] – Displays information on current location within the Sensitive Data Criteria Editor
l Name [2] – Name of the criteria as it is shown in the Navigation Pane
l Test Criteria Button [3] – Opens the Criteria Tester window to test current criteria con- figurations. See the Criteria Tester Window section for additional information.
l Confidence Level [4] – Displays the current confidence level which indicates to users how accur- ate a match is for a criteria
l The Confidence Level is reported on a scale from 0 - 100. The closer the number is to 100, the more accurate a match is for a criteria.
l Risk Score [5] – Displays the general level of risk a criteria represents when found in a file that is not properly secured
l The Risk Score can be set to Low, Medium, or High.
l Click the Risk Score button to change the Risk Score for user-configured criteria.
l Required matched criteria list [6] – Lists sub-criteria configured for currently selected top-level criteria in the Navigation Pane. The columns in the table are:
l Name – Name of the sub-criteria
l Type – Type of sub-criteria: Keywords, Regex, or Summary
l Content – Values associated with sub-criteria
l Minimum Matches – Minimum number of match hits required for a sub-criteria match hit
l Match Type – Displays whether the sub-criteria Must Match or Must Not Match
Doc_ID 652 7
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The options at the bottom of the Configuration Pane are:
NOTE: Configuration settings for System Criteria cannot be modified.
l Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria that can be added are Keyword, Regular Expression (Pattern), and Summary. See the Add Sub- Criteria section for additional information.
l Remove – Remove sub-criteria from the Required matched sub-criteria list
l Edit – Edit the currently selected sub-criteria
l Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must be matched for the sensitive data criteria to be reported
l The minimum value is 1
l The maximum value is the number of sensitive data sub-criteria that has been added to the required matched criteria list CAUTION: The character distance feature does not account for summaries that are nested within other summaries
l Matches should be within this proximity of characters – Match hits for this criteria should be within this many characters of one another in order for there to be a match. Adjust the slider to set the default character distance required for match hits.
l The minimum value is 0
l The maximum value is 200
Doc_ID 652 8
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
l Using this feature requires any combination of two or more Regular Expression (Pattern) and Keyword sub-criteria
l Include keywords as part of match hits – Check this box to enable the inclusion of keywords as part of match hits
l Metadata for this criteria – Click the green (+) button to add a new metadata type for the cri- teria. Delete a metadata type by clicking the X in the gray metadata tag button.
l For a list of available out-of-the-box metadata tags, see the Default Metadata Tag Values sec- tion for additional information.
l Cancel – Exit the Sensitive Data Criteria Editor without saving changes
l Save – Save changes made to the current criteria
Criteria Tester Window Use the Criteria Tester window to test current criteria configurations.
Doc_ID 652 9
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The options in the Criteria Tester are:
l Use the following sample text – Enter sample text to test against current configured criteria in the Use the following sample text textbox
l Use the following file – Click Browse to import a file as sample text to test against currently con- figured criteria
l Test Data – Click Test Data to test the sample text against currently configured criteria. Match hits will appear in the Test Results section.
l Test Results – Displays match hits for the sample text typed into the text box. The two tabs under Test Results are:
l Criteria – Displays the specific criteria for which the sample text is considered a match
l Matched Data – Displays the sample text that was matched for the configured criteria
Add Sub-Criteria There are three types of sub-criteria that can be added to a top-level criteria in the Sensitive Data Criteria Editor. The following sections summarize configuration option for each sub-criteria. Regular Expression (Pattern) Criteria
Regular Expression criteria are a set of pattern matching rules that provide a concise and flex- ible means for matching strings of text. This criteria type can be used to verify a series of numbers as potentially valid, e.g. credit card numbers.
Doc_ID 652 10
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The options on the Regular Expression window are:
l Name – Name of the Regular Expression sub-criteria as it appears in the Configuration Window
l Expression – Enter the Regular Expression in the Expression text box
l Case Sensitive Expression – Check the box for Case Sensitive Regular Expression pattern matching
l Validation – Select a validation method from the Validation drop-down. The default value is No validation required.
l Sample Value – Text entered into the Sample Value text box will be used to test pattern matches for the expression in the Expression text box
Doc_ID 652 11
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
l Test Match – Click the Test Match button to test the expression entered in the Expression text box against the text in the Sample Value text box
l Match Type – Choose whether pattern matches for the Regular Expression criteria Must Match or Must Not Match
l Must Match – The Regular Expression must be matched for there to be a match
l Must Not Match – If the Regular Expression is matched and is designated Must Not Match, then the potential match is invalidated
l Apply this expression to these file components – Select which file components the expres- sion will apply to:
l Name
l Contents
l Metadata
l Look for at least this many occurrences – Adjust the slider to configure how many occur- rences are required for a match hit
l The minimum value is 1
l The maximum value is 10
Keyword Criteria
Keywords criteria consist of a list of comma-separated words. If any word in the list is found in the file, it is considered a hit.
Doc_ID 652 12
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The configurations on the Keywords window are:
l Name – Name of the keyword sub-criteria as it appears in the Configuration Window
l Add Keyword – Add a keyword to the Value list
l Remove Keyword – Remove a selected keyword from the Value list
l Import Keyword File – Import keyword(s) from a file
l Export Keyword File – Export keyword(s) as a file
l Match Type – Choose whether keyword matches for the Keyword criteria Must Match or Must Not Match
l Case Sensitive Keywords – If enabled, checks letter case when matching Keywords
Doc_ID 652 13
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
l Count only distinct occurrences – Check the box to enable only distinct occurrences to be counted during scan jobs
l Apply these keywords to these file components – Select which file components the keyword(s) will apply to:
l Name
l Contents
l Metadata
l Look for at least this many occurrences – Adjust the slider to configure how many occur- rences are required for keyword criteria to match
l The minimum value is 1
l The maximum value is 10
Summary Criteria
Summary criteria are designed as a way of combining Regular Expression Criteria and Key- words Criteria.
Click Add and select Summary to add a new Summary criteria to the Required matched cri- teria list. Select the new criteria and click Edit to configure the new Summary Criteria.
Doc_ID 652 14
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
The options on the Configuration Pane > Summary Criteria Configuration are:
l Name – Name of the Summary sub-criteria
l Test Criteria – Opens the Criteria Tester window to test current Summary criteria con- figurations
l Required matched criteria – Lists sub-criteria configured for currently selected criteria in the Navigation Pane. The columns in the table are:
l Name – Name of the sub-criteria
l Type – Type of sub-criteria (Keyword, Regex, or Summary)
l Content – Values associated with sub-criteria
Doc_ID 652 15
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
l Minimum Matches – Minimum matches required for a match hit
l Match Type – Displays whether the sub-criteria Must Match or Must Not Match
l Add – Add a sub-criteria to the required matched criteria list. The three types of sub-cri- teria that can be added are Keyword, Regular Expression (Pattern), and Summary.
l Remove – Remove a sub-criteria from the Required matched sub-criteria list
l Edit – Edit the currently selected sub-criteria
l Match Type – Choose whether match hits for the Summary criteria Must Match or Must Not Match
l Must match at least this many criteria – Adjust the slider to configure how many sub-cri- teria must be matched for the top-level criteria to be considered a match
l The minimum value is 1
l The maximum value is the number of sensitive data sub-criteria that has been added to the Required matched criteria list CAUTION: The character distance feature does not account for summaries that are nested within other summaries
l Matches should be within this proximity of match hits – Adjust the slider to set the default character distance required for match hits.
l The minimum value is 0
l The maximum value is 200
l Using this feature requires any combination of two or more Regular Expression (Pat- tern) and Keyword sub-criteria
l Include keywords as part of match hits – Check this box to enable the inclusion of keywords as part of match hits
l Cancel – Exit the Sensitive Data Criteria Editor without saving changes
l Save – Save changes made to the current selected criteria
Doc_ID 652 16
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Sensitive Data System Criteria The following is a list of default Sensitive Data System Criteria:
Criteria Metadata Category Validation
ABA Routing Number U.S., Financial Data Financial ✓ Data
Austrian IBAN Austria, Financial Data, GDPR, IBAN ✓ IBAN
Austrian National ID Austria, GDPR, National ID, PII National ID
Austrian SSN Austria, GDPR, National ID, PII National ID
Authorized Keys Credentials Credentials
AWS Connection Strings Credentials Credentials
Belgian IBAN Belgium, Financial Data, GDPR, IBAN ✓ IBAN
Belgian National ID Belgium, GDPR, National ID, PII National ID
Belgian SSN Belgium, GDPR, National ID, PII National ID
Bulgarian IBAN Bulgaria, Financial Data, GDPR, IBAN ✓ IBAN
Bulgarian National ID Bulgaria, GDPR, National ID, PII National ID
Canada SIN Canada, National ID, PII National ID ✓
CPT Codes U.S., HIPAA, Medical Medical
Credit Cards Financial Data, PCI Financial ✓ Data
Credit Card Magnetic Stripe Financial Data, PCI Financial Data
Doc_ID 652 17
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
Croatian IBAN Croatia, Financial Data, GDPR, IBAN ✓ IBAN
CUSIP Number U.S., Financial Data, SOX Financial ✓ Data
Cypriot IBAN Cyprus, Financial Data, GDPR, IBAN ✓ IBAN, PII
Czech Birth Number Czech Republic, GDPR, National National ID ID, PII
Czech IBAN Czech Republic, Financial Data, IBAN ✓ GDPR, IBAN, PII
Czech National ID Czech Republic, GDPR, National National ID ID, PII
Czech Passport Czech Republic, GDPR, Passport, Passport PII
Danish IBAN Denmark, Financial Data, GDPR, IBAN ✓ IBAN, PII
Danish National ID Denmark, GDPR, National ID, PII National ID
DEA Registration Number U.S., Medical Medical ✓
DSA Private Key Credentials Credentials
DSA Private Key (Encrypted) Credentials Credentials
EC Private Key Credentials Credentials
EC Private Key (Encrypted) Credentials Credentials
Employer Identification Num- U.S., Financial Data Financial ber (EIN) Data
Estonian IBAN Estonia, Financial Data, GDPR, IBAN ✓
Doc_ID 652 18
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
IBAN
Estonian National ID Estonia, GDPR, National ID, PII National ID
Financial Documents Financial Data, SOX, U.S. Financial Data
Finnish IBAN Finland, Financial Data, GDPR, IBAN ✓ IBAN
Finnish Personal ID Finland, GDPR, National ID, PII National ID
French Drivers License France, Driver's License, GDPR, PII Driver's License
French IBAN France, Financial Data, GDPR, IBAN ✓ IBAN
French INSEE (SSN) France, GDPR, National ID, PII National ID
French National ID France, GDPR, National ID, PII National ID
French Passport France, GDPR, Passport, PII Passport
French Tax ID France, GDPR, National ID, PII National ID ✓
French VAT France, Financial Data, GDPR, VAT Financial Data
Generic Certificate Credentials Credentials
Generic Private Key Credentials Credentials
Generic Public Key Credentials Credentials
German Driver's License Germany, Driver's License, GDPR, Driver's PII License
German IBAN Germany, Financial Data, GDPR, IBAN ✓ IBAN
Doc_ID 652 19
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
German National ID Germany, GDPR, National ID, PII National ID
German Passport Germany, GDPR, Passport, PII Passport
German SSN Germany, GDPR, National ID, PII National ID
German Tax ID Germany, GDPR, National ID, PII National ID ✓
German VAT Germany, Financial Data, GDPR, Financial VAT Data
Google Cloud Keys & Con- Credentials Credentials nection Strings
Greek IBAN Greece, Financial Data, GDPR, IBAN ✓ IBAN
Greek National ID Greece, GDPR, National ID, PII National ID
HCPCS Codes U.S., HIPAA, Medical Medical
Hungarian IBAN Hungary, Financial Data, GDPR, IBAN ✓ IBAN
Hungarian National ID Hungary, GDPR, National ID, PII National ID
Hungarian Personal ID Hungary, GDPR, National ID, PII National ID
Hungarian SIN Hungary, GDPR, National ID, PII National ID
ICD-10 Insurance Codes U.S., HIPAA, Medical Medical
IPv4 Address Networking Networking
IPv6 Address Networking Networking
Irish IBAN Ireland, Financial Data, GDPR, IBAN ✓ IBAN
Irish National ID Ireland, GDPR, National ID, PII National ID
Doc_ID 652 20
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
Italian IBAN Italy, Financial Data, GDPR, IBAN IBAN ✓
Italian SSN Italy, GDPR, National ID, PII National ID
ITAR Foreign Nationals U.S., ITAR ITAR
ITAR Restricted Munitions U.S., ITAR ITAR
ITIN Number U.S., National ID, PII National ID
Kerberos Tickets Credentials Credentials
Latvian IBAN Latvia, Financial Data, GDPR, IBAN IBAN ✓
Latvian Personal ID Latvia, GDPR, National ID, PII National ID ✓
Legal Documents U.S., Legal Documents Legal Docu- ments
Lithuanian IBAN Lithuania, Financial Data, GDPR, IBAN ✓ IBAN
Lithuanian Personal ID Lithuania, GDPR, National ID, PII National ID
Luxembourgian IBAN Luxembourg, Financial Data, IBAN ✓ GDPR, IBAN
Maltan IBAN Malta, Financial Data, GDPR, IBAN IBAN ✓
Medical Diagnoses U.S., HIPAA, Medical Medical
Medicare Beneficiary Iden- U.S., HIPAA, Medical Medical tifier (MBI)
Microsoft Azure Connection Credentials Credentials Strings
National Drug Code U.S., Medical Medical
National Provider Identifier U.S., Medical Medical ✓
Doc_ID 652 21
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
(NPI)
Netherland IBAN Netherlands, Financial Data, IBAN ✓ GDPR, IBAN
Netherland Personal ID Netherlands, GDPR, National ID, National ID PII
Norwegian Personal ID Norway, GDPR, National ID, PII National ID
P7B/PKCS#7 Certificate Credentials Credentials
Passport Application - Canada, Passport, PII Passport Canada
Passport Application - USA U.S., Passport, PII Passport
Passwords Credentials Credentials
PGP Key Block Credentials Credentials
Pharmaceuticals and Sup- Medical Medical plements
Polish IBAN Poland, Financial Data, GDPR, IBAN ✓ IBAN
Polish SSN Poland, GDPR, National ID, PII National ID ✓
Polish Tax ID Poland, GDPR, National ID, PII National ID ✓
Portuguese IBAN Portugal, Financial Data, GDPR, IBAN ✓ IBAN
Romanian IBAN Romania, Financial Data, GDPR, IBAN ✓ IBAN
Romanian Personal ID Romania, GDPR, National ID, PII National ID ✓
RSA Private Key Credentials Credentials
Doc_ID 652 22
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
RSA Private Key (Encrypted) Credentials Credentials
Slack Token Credentials Credentials
Slovak IBAN Slovakia, Financial Data, GDPR, IBAN ✓ IBAN
Slovak Passport Slovakia, GDPR, Passport, PII Passport
Slovenian IBAN Slovenia, Financial Data, GDPR, IBAN ✓ IBAN
Spain Driver's License Spain, Driver's License, GDPR, PII Driver's License
Spain IBAN Spain, Financial Data, GDPR, IBAN IBAN ✓
Spain National ID Spain, GDPR, National ID, PII National ID
Spain Passport Spain, GDPR, Passport, PII Passport
Spain SSN Spain, GDPR, National ID, PII National ID
Spain Tax ID Spain, GDPR, National ID, PII National ID ✓
Spain VAT Spain, Financial Data, GDPR, VAT Financial Data
Swedish IBAN Sweden, Financial Data, GDPR, IBAN ✓ IBAN
Swedish Personal ID Sweden, GDPR, National ID, PII National ID ✓
SWIFT/BIC Financial Data Financial Data
Swiss SSN Switzerland, National ID, PII National ID
UK Drivers License U.K., Driver's License, GDPR, PII Driver's License
Doc_ID 652 23
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria Metadata Category Validation
UK IBAN U.K., Financial Data, GDPR, IBAN IBAN ✓
UK NHS U.K., GDPR, Medical, PII Medical ✓
UK NINO U.K., GDPR, National ID, PII National ID
UK Passport U.K., GDPR, Passport, PII Passport
UNIX etc/passwd Credentials Credentials
US Address U.S., Address Address
US Drivers License U.S., Driver's License, PII Driver's License
US SSN U.S., National ID, PII National ID ✓
US Tax Forms U.S., Financial Data Financial Data
Doc_ID 652 24
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Default Metadata Tag Values Sensitive Data Criteria can be tagged with one or more metadata tags to describe the criteria. The following is a list of default metadata tag values:
Tag Name Value Description
Address Physical location of an individual or an organization.
Country Data related to a single, specific country, tagged by country name. This (By Name) may include items such as National ID, Driver's License, or bank account number (ex. IBAN). Current list of tagged countries for StealthAUDIT v11.0: Austria, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzer- land, U.K., U.S.
Credentials Data that can authenticate a user when logging into an account, service, com- puter, or other software.
Driver's A government document permitting a person to drive a motor vehicle. License
Financial Data related to financial and monetary information, for example: IBANs, Credit Data Cards, and Tax Forms.
GDPR The General Data Protection Regulation: A regulation in EU law on data protection and privacy in the European Union and the European Economic Area. Also addresses the transfer of personal data outside the EU and EEA areas.
HIPAA Health Insurance Portability and Accountability Act: A U.S. federal statute that modernizes the flow of healthcare information and stipulates how personally iden- tifiable information maintained by the healthcare and healthcare insurance indus- tries should be protected from fraud and theft.
IBAN International Bank Account Number: A standard international numbering system developed to identify an overseas bank account.
ITAR International Traffic in Arms Regulations: U.S. regulations to restrict and control
Doc_ID 652 25
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Tag Name Value Description
the export of defense and military related technologies to safeguard U.S. national security and further U.S. foreign policy objectives.
Legal Docu- A document that states some contractual relationship or grants some legal right. ments
Medical Relating to the science of medicine, or to the treatment of illness and injuries. This can include conditions and diagnoses.
National ID An official government-issued document that identifies a specific individual with relation to the issuing nation.
Networking Related to computer networking, for example, an IP address.
Passport An official document issued by a government, certifying the holder's identity and citizenship and entitling them to travel under its protection to and from foreign countries.
PCI Payment Card Industry compliance: Refers to the technical and operational stand- ards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions.
PII Personally Identifiable Information: Data that can identify a specific individual, for example, Social Security Number, mailing address, phone number, etc.
SOX The Sarbanes–Oxley Act: A United States federal law that set new or expanded requirements for all U.S. public company boards, management, and public accounting firms.
VAT Value-Added Tax: A tax on the amount by which the value of an article has been increased at each stage of its production or distribution.
Doc_ID 652 26
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Supported Formats for Scanning & Metadata This section provides a comprehensive listing of all formats supported by the Sensitive Data Dis- covery Add-On. The list is divided into three major categories:
l Scan-able Formats
l Metadata Only Formats
l Scans Against Files with no Extensions
Scan-able Formats The Sensitive Data Discovery Add-On can identify any file type, extract text, and extract metadata from the following formats. It will also identify file types and extract metadata of any attachments. If the attachment’s file type is a scan-able format, then it can extract text from the attachment as well.
The following file formats are supported as scan-able formats:
Archive
Document Format Extension
7-zip Archive .7Z
Bzip 2 UNIX Compressed File .BOZ, .BZ2, .TBZ2
Bzip UNIX Compressed File .BZ, .TBZ
Gzip Compressed Archive .GZ, .TGZ
Java Archive .JAR
UNIX AR Archive .A, .AR
UNIX CPIO Archive .CPIO
UNIX Tar .TAR
Doc_ID 652 27
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Document Format Extension
XZ Compression Archive .XZ
Zip Archive .ZIP
Document
Document Format Extension
Apple iWork Pages .PAGES
Microsoft Publisher .PUB
Microsoft Word Document / Office Open XML .DOC, .DOCM, .DOCX, .DOT, .DOTM, Document .DOTX
OpenDocument: Text Document .ODT, .OTH, .OTM, .OTT
OpenOffice: Writer Document .SXW
Portable Document Format .PDF
Email & Messaging
Document Format Extension
Email Message / Microsoft Outlook Message .EML, .MBOX, .MIME, .MSG
Microsoft Outlook Personal Folders File Format .OST, .PST
Other
Doc_ID 652 28
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Document Format Extension
Adobe Font Metric .ACFM, .AFM, .AMFM
Apple iBooks Author Publication Format .IBOOKS
C/C++ Object File .O
C/C++ Shared Library/Object .SO
Core Dump .DMP
Electronic Publication .EPUB
Executable and Linkable Format .AXF, .BIN, .ELF, .KO, .MOD, .O, .PRX, .PUFF, .SO
Hierarchical Data Format File .H5, .HDF, .HE5
Java Class File .CLASS
MATLAB Binary Data Container .MAT
Microsoft Project .MPP, .MPT
NetCDF (Network Common Data Form) .NC
S/MIME (Secure/Multipurpose Internet Mail Exten- .P7C, .P7M sions)
S/MIME (Secure/Multipurpose Internet Mail Exten- .P7S sions) Signature
Transport Neutral Encapsulation Format .TNEF
TrueType Font .TTC, .TTF
Doc_ID 652 29
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Presentation
Document Format Extension
Apple iWork Keynote .KEY
Microsoft PowerPoint / Office Open .PPA, .PPS, .PPT, .PPZ, .PPAM, .PPSM, .PPSX, .PPTM, XML Presentation .PPTX, .POT, .POTX, .THMX
OpenDocument: Presentation Docu- .ODP, .OTP ment
Raster Image
Document Format Extension
Graphics Interchange Format (GIF) .GIF, .GIFF
Joint Photographic Experts Group (JPEG) .JFI, .JFIF, .JIF, .JPE, .JPEG, .JPG
Microsoft Windows Bitmap .BMP, .DIB
Portable Network Graphic .PNG
Tagged Image File Format .TIF, .TIFF
NOTE: The FileSystem > 0.Collection > 1-SEEK System Scans Job can perform Optical Character Recognition (OCR) scans for Raster image files by enabling the option on the SDD Audit Settings page in the File System Access Auditor Data Collector Wizard. This is an option for the Sensitive Data Scan category. See the File System Sensitive Data Discovery Auditing (SEEK) section of the StealthAUDIT User Guides v11.0 for additional information.
Spreadsheet
Doc_ID 652 30
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Document Format Extension
Apple iWork Numbers .NUMBERS
Microsoft Excel Spreadsheet .XLA, .XLC, .XLD, .XLL, .XLM, .XLR, .XLS, .XLT, .XLW, .XLAM, .XLSM, .XLSX, .XLTM, .XLTX
OpenDocument: Chart / For- .ODC, .ODF, .ODFT, .ODS, .OTC, .OTS mula Document
Text & Markup
Document Format Extension
Active Server Pages (ASP) / ASP.NET .ASP, .ASPX
American Newspaper Publishers Association Wire Feeds .ANPA
Atom + XML .ATOM
C++ Source Code .C, .CC, .CPP, .CXX
Compiled HTML .CHM
Extensible HyperText Markup Language .XHT, .XHTML, .XHTML2
Extensible Markup Language .XML, .XSD, .XSL
FictionBook Document .FB2
Groovy Source Code .GROOVY
HyperText Markup Language .HTM, .HTML
Java Source Code .JAVA
Doc_ID 652 31
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Document Format Extension
Microsoft HTML Help .CHM
RDF Site Summary .RSS
Rich Text Format .RTF
Text File (Other) .CSV, .TEXT, .TSV, .TXT
XHTML MP (eXtensible HyperText Markup Language Mobile Pro- .HTM, .HTML, .XHTML file)
Metadata Only Formats The Sensitive Data Discovery Add-On can identify file type and extract only metadata from images and multimedia. The following file formats are supported as metadata only formats.
Image Files
Document Format Extension
Favicon .GIF, .ICO, .JPG, .PNG
GIMP eXperimental Computing Facility (XCF) .XCF
OpenDocument: Graphics / Image Document .ODG, .ODI, .OTG, .OTI
Wireless Bitmap File Format .WBMP
Vector Image
Doc_ID 652 32
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Document Format Extension
AutoCad Drawing .DWG
Microsoft Visio Diagram .VSD, .VSS, .VST, .VSW
Photoshop Image .PSD
Scalable Vector Graphics .SVG, .SVGZ
SolidWorks CAD program .SLDASM, .SLDDRW, .SLDPRT
Scans Against Files with no Extensions Files with no extensions can be scanned by modifying the XML file for each job where this type of scan is desired. Add the following line to the PerScanExtraScanOptions section of a job's XML script:
This line must be added to a specific location within the XML script. See below:
Doc_ID 652 33
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Once this line has been added to the job's XML script and the XML file is saved, files with no exten- sions are included in scans for the job.
Doc_ID 652 34
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Exempted File Extensions This list of file extensions will always be exempted from Sensitive Data Discovery scans.
l *.exe
l *.msi
l *.bat
l *.bin
l *.sys
l *.dll
l *.iso
l *.cab
l *.cpl
l *.cur
l *.dmp
l *.drv
l *.lnk
l *.scr
l *.cdf-ms
l *.svn-base
Doc_ID 652 35
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® More Information Identify threats. Secure data. Reduce risk.
Stealthbits Technologies is a data security software company focused on protecting an organ- ization’s credentials and data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operations expense.
For information on our products and solution lines, check out our website at www.stealth- bits.com or send an email to our information center at [email protected].
If you would like to speak with a Stealthbits Sales Representative, please contact us at +1.201.447.9300 or via email at [email protected].
Have questions? Check out our online Documentation or our Training Videos (requires login): https://www.stealthbits.com/documentation. To speak to a Stealthbits Representative: please contact Stealthbits Support at +1.201.447.9359 or via email at [email protected].
Need formal training on how to use a product more effectively in your organization? Stealthbits is proud to offer FREE online training to all customers and prospects! For schedule information, visit: https://www.stealthbits.com/on-demand-training.
Doc_ID 652 36
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® Appendix The following criteria have been added to the Sensitive Data Criteria list for StealthAUDIT 11.0:
Criteria
ABA Routing Number
Authorized Keys
AWS Connection Strings
Credit Card Magnetic Stripe
CUSIP Number
DSA Private Key
DSA Private Key (Encrypted)
EC Private Key
EC Private Key (Encrypted)
Employer Identification Number (EIN)
Generic Certificate
Generic Private Key
Generic Public Key
Google Cloud Keys & Connection Strings
IPv4 Address
IPv6 Address
ITIN Number
Kerberos Tickets
Doc_ID 652 37
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Criteria
Microsoft Azure Connection Strings
National Drug Code (NDC)
National Provider Identifier (NPI)
P7B/PKCS#7 Certificate
PGP Key Block
RSA Private Key
RSA Private Key (Encrypted)
Slack Token
SWIFT/BIC
UNIX etc/passwd
US Address
The following criteria have been revised to improve the accuracy of results for StealthAUDIT 11.0:
Crtiteria
DEA Registration Number
Financial Documents
Legal Documents
Medicare Beneficiary Identifier (MBI)
Passwords
Spain VAT
US Drivers License
Doc_ID 652 38
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT®
Crtiteria
US Tax Forms
Doc_ID 652 39
Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED