Viewing scan results on the cloud

After scans of your data sources are complete, scan results are available at https://www.datarisk.dsoc.ibm.com/ for your compliance manager to view.

Information provided in these results includes:

  • The classification of data and the types of tests and pattern matches that IBM® Security Guardium® Analyzer utilized to classify the data as vulnerable.
  • The number of data sources that are at risk - with the option to drill down into each data source to see its vulnerabilities.
  • The locations of the data sources that are at risk and the top vulnerabilities that are affecting them.
  • Prioritization of the risk facing your data sources, so you know which ones to fix first.

The cloud user interface offers these pages that allow you to determine your risk:

  • Risk insights: The insights page provides a snapshot of the overall data risk that is faced by your organization. This snapshot is tailored to the specific regulation that you choose. The insights page lets you know how many data patterns were matched to determine personal and personal sensitive data - and it gives you a high-level look at the data sources that are being scanned, and the types of vulnerabilities that have been exposed by IBM Security Guardium Analyzer.
  • Data source results: The data source results page is where you will find the details about the scans that have been run on all of the data sources that have been added via data connector. IBM Security Guardium Analyzer prioritizes these results for you. For each data source that is scanned, the number of sensitive records are determined, as is the number of vulnerabilities. This allows Guardium Analyzer to calculate a risk score for each data source, based on the vulnerabilities and patterns found in the data source - and to then prioritize data sources according risk score. If you address the risks in higher priority data sources first, you will be better able to improve your overall data risk.
  • Pattern results: The pattern results page lists the unique patterns that were matched to determine personal and sensitive personal records in your data sources. Guardium Analyzer includes many built-in patterns and the ability to create your own. You can also set patterns to indicate columns that identify data subjects (the individuals for whom the records hold data).
  • Test results: When scanning data sources, Guardium Analyzer runs a variety of security tests that scan for vulnerabilities. The test results page lists the tests that have failed and measures the severity of vulnerabilities that have been exposed by the tests.
  • Open the Data connectors page to view the connectors that are registered with your cloud portal.