Sensitive Data Protection, which includes Cloud Data Loss Prevention (Cloud DLP), is a sensitive data inspection, classification, and de-identification platform. The Cloud DLP API provides tools to detect, classify, and mask sensitive elements to help manage and protect data collected, stored, or used for business or analytics.
| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| sensitive_data_protection | Sensitive Data Protection | protect | partial | T1565.002 | Transmitted Data Manipulation |
Comments
This control is able to scan cloud storage objects for sensitive data and transform that data into a secure or nonsensitive form. It is able to scan for a variety of common sensitive data types, such as API keys, credentials, or credit card numbers. The de-identified service lets you obfuscate instances of sensitive data before they can be transmitted for sharing.
References
|
| sensitive_data_protection | Sensitive Data Protection | protect | partial | T1530 | Data from Cloud Storage |
Comments
This control is able to scan cloud storage objects for sensitive data and transform that data into a secure or nonsensitive form. It is able to scan for a variety of common sensitive data types, such as API keys, credentials, or credit card numbers. This control is able to be scheduled daily, weekly, etc and can scan new changes to data. This control is able to scan Google Cloud Storage, BigQuery tables, and Datastore.
References
|