Skip to main content
Skyhigh Security

Create Custom Advanced Patterns

You can define custom advanced patterns to identify your sensitive data. Advanced patterns use regular expressions (regex) that allow pattern matching to identify sensitive data such as social security numbers or credit card numbers.

NOTE: Skyhigh Security built-in advanced patterns cannot be edited.

You can create Custom Advanced Patterns using these two options:

  1. Add Regex. Use this option to manually add regex and use the validation algorithm to validate the regex. To reduce false positives, add Ignored Expressions to exclude specific keywords or regular expressions from being processed as matches in DLP classifications.
  2. AI RegEx GeneratorUse this option to efficiently generate expressions for the scenarios where you are not familiar with the details of regexes. AI RegEx Generator seamlessly constructs and comprehends complex Google RE2-compliant regular expressions through a conversation-based interface. It is specialized in addressing queries solely related to regular expressions and ignores irrelevant queries.

Create Custom Advanced Patterns using Add Regex

  1. Go to Policy > DLP Policies > Classifications.
  2. Click Actions > Create Classification
  3. Classification Name. Enter a name for this classification. For example, New Advanced Pattern. Enter an optional description to describe its use or purpose.
  4. Category. Select a Category from the list.  For example, Sensitive.
  5. Conditions. Click Select Criteria and choose Advanced Pattern. The Select Advanced Patterns cloud card displays.
    • Count each match string only one time. Activate or deactivate the checkbox to count the match string only one time or multiple times. Activating the checkbox helps to reduce the false positives for match counts during the DLP Policy evaluation.
  6. Click New.
    clipboard_eab199d6eb208274c612593d86d8d12e7.png
  7. Enter a name and optional description for your custom Advanced Pattern.
  8. Click Add RegEx to manually enter a regular expression.
    clipboard_e014fb1a087a1e7878beddc203eb7abd6.png
  9. Enter a regular expression, your newly added regular expression can be seen on the Regular Expressions tab.
  10. Click No Validation to view the Validation Algorithm Cloud Card. 
    clipboard_ec602ffb6645bf4813740c08c2288f4b1.png
  11. Select the required Validation Algorithm from the list and click Done
    clipboard_ee2f6952cf363ebef84b0ffd21480b647.png
  12. Add a Score to weigh the new regex Advanced Pattern. Scores can be between negative or positive, -99 to 999. The higher the number, the greater the weight given to the keyword, which will exceed the threshold and trigger an incident. 
  13. To reduce false positives, add expressions in the Exceptions tab to exclude specific keywords or regular expressions from being processed as matches in DLP classifications. 
  14. Go to the Exceptions tab and click Add Exception.
    clipboard_e37f12821c17279f4cf2294f5a2c6ecec.png
  15. Enter the keywords or Google RE2 expressions (RegEx) and select the Type of the exception from the menu. To add more expressions, click Add Exception.
    clipboard_e6eca1204728d448002050af585ff8efc.png
  16. To save your new Advanced Pattern with regular expressions and exceptions, click Save.
  17. The new Advanced Pattern is now added to the Classification and Advanced Pattern list.
    clipboard_e8eac528e6fbdaee83b15e3461b5799e4.png
  18. Optionally, you can edit the threshold by clicking [1]. Enter a number to indicate the weight of the Advanced Pattern in threshold matching.
    clipboard_e3713c121280adbb48df28b3690403d4f.png
  19. Add more classification conditions as needed and click Save.

Your custom classification with custom advanced patterns, validation, and exceptions are saved to the selected category in the Classifications list. Add the classification to your data protection policies as needed.​​​​​​

 

  • Was this article helpful?