Learn about the All Data Assets page, including databases, disks, and storage buckets.
The All Data Assets page provides a centralized repository containing information about all data assets within your environment. Dedicated asset modules allow multi-method asset coverage, such as agentless, from various sources. Having full visibility of assets allows for timely incident response, effective threat hunting, and attack surface reduction.
The data inventory asset card provides a unified view of an asset, consolidating attributes, enhancements, and related cases, issues, and findings. When you click an asset, the asset card opens, enabling you to easily switch between multiple assets cards at the same time.
On each asset card, you can perform the following actions:
Leave comments for collaboration, and perform actions on the asset, depending on the type.
Share links for easy access.
View asset data: see all relevant data and raw information connected to the asset.
Category, class, and type are terms used to facilitate the organization and classification of assets.
Class: represents the highest-level grouping of assets based on their general purpose or domain. It is a broad classification that defines the overall function of the assets.
Examples: Compute, Network, Data
Category: represents a more detailed grouping within a class. It categorizes assets based on their normalized function or common type, regardless of the provider or implementation.
Examples: For Compute: Virtual Machine, Container
For Data: Bucket, Database
Type: the most specific level of classification and represents the provider-specific name for a particular asset within a category. This level directly refers to the specific implementation of an asset.
Examples: For the Virtual Machine category: EC2 Instance (AWS), Compute Engine Instance (GCP).
The following is a list of the fields displayed on the Data Inventory page. The assets shown, and their data, depend on your system's licensing.
Column | Description |
|---|---|
First Discovered | The timestamp of when the asset was first discovered. |
Asset Name | The name of the data asset. |
Service Type | The specific type of database, disk, or storage bucket, including the name of the service. |
Data Profiles | A group or category of multiple data patterns sharing similar attributes. |
Data Patterns | The basic structure of data that is discovered in an object such as email address, IP address, phone number, name, credit card number, and bank account number. |
Information Protection Labels | Digital tags that help your organization classify and secure sensitive data. They identify how sensitive a piece of information is; for example, whether it's a document or an email. |
Last Classification Time | The timestamp of the last time that the data was scanned for sensitive records in order to identify the class and quantity of sensitive records within a data asset. |
Number of Records | The total number of records that were found during classification. |
Is Open to World | Indicates whether a record is exposed to any entity in the world (Yes) or protected (No). |
Category | The category of data: database, disk, or storage bucket. |
Cloud Provider | The name of the cloud provider: Amazon AWS, Microsoft Azure, or Google Cloud Platform (GCP). |
Region | Displays the region as provided by the Cloud provider. |
Size | The size of the asset. |
Number of Objects | The number of objects stored in the asset. |
Number of Issues | The number of issues found associated with the asset. |
Resource ID | The resource ID of the asset. |
Account ID | The account ID associated with the asset. |
When you select → → → , a list of all data assets appears. The following table describes the tabs shown under Data Inventory when you click on any asset in the list.
Tab | Description |
|---|---|
Overview | The Overview tab provides highlights, properties, and identities with access to the resource, if any are found. |
Access | The Access tab provides a list of the identities that can access the displayed asset. |
Data | The Data tab provides an overview of the displayed asset and its associated risks, including the number of Assets at Risk, data stored in AWS, Azure, and GCP, Sensitive Assets, and assets marked as Open to the World. |
Objects | The Objects tab provides a list of files and information pertaining to the files' contents. |
You can also select one of the following to filter the asset list for the asset type you want to display:
Backups
Databases
Disks
Storage Buckets
Widgets and Filtering
Use the following widgets and filtering features at the top of the All Data Assets screen:
Widgets
Risk Breakdown: Displays a bar with the various risk levels. When you hover your mouse you can see the number of risks for each risk level that were found. You can also click any of the cloud platform icons (AWS, Azure, GCP, and OCI) to filter the results. Click again to remove the filter.
Sensitive Assets: Displays the number of sensitive assets that were found. You can click this widget to filter the list according to these sensitive assets. The number of assets at risk changes accordingly.
Sensitive Assets Open to World: Displays the number of sensitive assets that are open to the world. The number of assets at risk changes accordingly.
Filtering Features
Refresh: Refreshes the data shown in the data inventory display.
Show filter panel: Opens a panel where you can select specific fields and search for values. You can also use the filter panel to clear the current filter settings.
Table Settings Menu: Opens a pane with layout and filters that you can apply.
Use case example: Add Filters button
To use the Add Filters button to display all storage buckets that have credit card numbers and are publicly available, do the following:
In the All Data Assets screen, under the row of widgets at the top of the screen, click the Add Filters button.
In the Select field list, select Category.
In the Value field, enter
storageand then press Enter.Click the Add filter + button to jump to the next field.
Continue adding filters as follows:
In the Select field list, select: Is Open To World, and then double-click Yes.
Click Add filter and then in the Select field list, select: Data Patterns.
Enter
Credit Card Number, then click anywhere outside the filter area to apply the filter.The filter should now appear as shown below:
The asset list beneath the filter panel should now display all storage buckets that have credit card numbers that are publicly available.
To save your new filter, click Save filters and in the Save Filter screen enter a name for the new filter. Optionally, you can select the Share filter with my team option. Click Save.
The filter is saved to your filters. You can access it by clicking → . You can export your filters by clicking → .
Note
To clear the filter in the filter panel, click Delete.