Data Store: Risks

To view the new Data Store pages, click your profile icon. In the New UI section, turn on the Data Stores toggle.

The Risks tab allows you to identify, understand, and prioritize security risks associated with the data in a data store. It provides a consolidated view of potential vulnerabilities and misconfigurations that could lead to data exposure or unauthorized access.

The Risks tab provides critical insights into the security posture of your organization’s data stores, allowing you to:

  • Prioritize Remediation: Focus on risks with high impact and likelihood to address the most critical vulnerabilities first.
  • Investigate Findings: Drill down into specific risks to understand their root cause, affected data, and potential impact.
  • Track Risk Evolution: Monitor the “Last Seen” and “First Seen” dates to understand if a risk is new, persistent, or recurring.
  • Inform Security Policies: Use risk insights to refine and implement stronger security controls, access policies, and data loss prevention measures.
  • Report on Security Posture: Generate reports on identified risks for compliance, auditing, and security posture reporting.

To view the Risks tab:

  1. Select Inventory > Data Stores.
  2. Select the Data Stores tab.
  3. Select a data store. The Overview tab opens.
  4. Select the Risks tab.

The tab lists key information for each risk identified for the data store, including:

  • Risk  Description of the identified security risk (e.g., “AWS S3 bucket contains sensitive...”, “Microsoft Share... with a link”).
  • Impact/Likelihood  Assessment of the potential impact and likelihood of the risk occurring, often categorized as High, Medium, or Low.
  • Risk Category  Categorization of the type of risk (e.g., an icon representing a specific risk type).
  • Last Seen  Most recent date and time the risk was detected.
  • First Seen  Initial date and time the risk was first detected.
  • Risk Tags  Tags associated with the risk, which can provide additional context or categorization (e.g., “aws”, “data-exposure”).
  • Risk Score  Numerical score indicating the severity or priority of the risk.
  • Signature ID  Unique identifier for the specific risk signature or detection rule.

View Risk Details

Click the risk name to view detailed information for the risk.