You can define custom advanced patterns to identify your sensitive data. Advanced patterns use regular expressions (regex) that allow pattern matching to identify sensitive data such as social security numbers or credit card numbers.
NOTE: Skyhigh Security built-in advanced patterns cannot be edited.
You can create Custom Advanced Patterns using these two options:
- Add Regex. Use this option to manually add regex and use the validation algorithm to validate the regex. To reduce false positives, add Ignored Expressions to exclude specific keywords or regular expressions from being processed as matches in DLP classifications.
- AI RegEx Generator. Use this option to efficiently generate expressions for the scenarios where you are not familiar with the details of regexes. AI RegEx Generator seamlessly constructs and comprehends complex Google RE2-compliant regular expressions through a conversation-based interface. It is specialized in addressing queries solely related to regular expressions and ignores irrelevant queries.
Create Custom Advanced Patterns using Add Regex
- Go to Policy > DLP Policies > Classifications.
- Click Actions > Create Classification.
- Classification Name. Enter a name for this classification. For example, New Advanced Pattern. Enter an optional description to describe its use or purpose.
- Category. Select a Category from the list. For example, Sensitive.
- Conditions. Click Select Criteria and choose Advanced Pattern. The Select Advanced Patterns cloud card displays.
- Count each match string only one time. Activate or deactivate the checkbox to count the match string only one time or multiple times. Activating the checkbox helps to reduce the false positives for match counts during the DLP Policy evaluation.
- Click New.
- Enter a name and optional description for your custom Advanced Pattern.
- Click Add RegEx to manually enter a regular expression.
- Enter a regular expression, your newly added regular expression can be seen on the Regular Expressions tab.
- Click No Validation to view the Validation Algorithm Cloud Card.
- Select the required Validation Algorithm from the list and click Done.
- Add a Score to weigh the new regex Advanced Pattern. Scores can be between negative or positive, -99 to 999. The higher the number, the greater the weight given to the keyword, which will exceed the threshold and trigger an incident.
- To reduce false positives, add expressions in the Exceptions tab to exclude specific keywords or regular expressions from being processed as matches in DLP classifications.
- Go to the Exceptions tab and click Add Exception.
- Enter the keywords or Google RE2 expressions (RegEx) and select the Type of the exception from the menu. To add more expressions, click Add Exception.
- To save your new Advanced Pattern with regular expressions and exceptions, click Save.
- The new Advanced Pattern is now added to the Classification and Advanced Pattern list.
- Optionally, you can edit the threshold by clicking . Enter a number to indicate the weight of the Advanced Pattern in threshold matching.
- Add more classification conditions as needed and click Save.
Your custom classification with custom advanced patterns, validation, and exceptions are saved to the selected category in the Classifications list. Add the classification to your data protection policies as needed.