Discovery refers to processes of locating and identifying objects in your environment that must be tracked for security and compliance purposes.

Discovery is the process of finding important objects such as privileged users, sensitive data, and datasources. Classification is the process of appropriately identifying what is discovered for security and compliance purposes. These processes of discovery and classification are important in large organizations where mergers, acquisitions, and legacy systems introduce new objects to your environment in unstructured or unpredictable ways. GuardiumGuardium¬ģ helps you incorporate these objects into your environment so you can enforce effective security policies and ensure compliance.

A common scenario involves the discovery of sensitive data. Sensitive data refers to regulated information like credit card numbers, personal financial data, social security numbers, and other information that requires special handling. Guardium supports two different approaches for discovering sensitive data: by using the Discover Sensitive Data workflow builder, or by using the Policy Builder with other Guardium tools. The Discover Sensitive Data workflow builder is intended as an all-inclusive tool for establishing discovery and classification processes for sensitive data. Use it to specify rules for discovery, define actions to take on discovered data, specify which data sources to scan, distribute reports, and run the workflow on an automated schedule. For more advanced users, the Policy Builder supports more granular discovery and classification rules that can be easily incorporated into existing processes and Guardium applications.