Child Scans

Child Scans

This article includes the following information:

What is a Scan?

A scan is the action of performing policy evaluation against the state of a resource. This evaluation may encompass DLP/threat scanning of content if it is configured within the policies.

What is a Child Scan?

A child scan is the process of re-processing known resources when a related resource that contributes to the exposure changes. Some common examples:

  • A user is added to a group that has access to a shared drive.

    • The group (as well as any parent groups) need to have their exposure updated to reflect the new user’s exposure.

    • In this case, each resource in the shared drive needs to be reprocessed in case the new user being added would result in a policy being matched.

  • A folder is moved to a new folder and inherits new permissions.

    • All files and folders contained in the folder need to have their exposure values updated to reflect the new parent’s permissions.

    • These need to be evaluated against policies in order to see whether any new matches are triggered.

  • A folder’s permission is modified/updated.

    • All files and folders contained in the folder need to have their exposure values updated to reflect the new permissions.

    • These need to be evaluated against policies in order to see whether any new matches are triggered.

Benefits

  • Events that target individual resources are not the only ones that can result in new exposure or potential data leaks. These indirect exposures may not be obvious when looking at resources even in the SaaS app interfaces.

  • The exposure of child objects (files/folders) get updated without the end-user making any changes to them. Hence, policies related to the updated exposure get evaluated sooner providing better compliance coverage to customers.

Share this Doc

Child Scans

Or copy link

In this topic ...