Discover sensitive data

Microsoft Defender for Cloud detects resources with sensitive info types, helping you identify and protect sensitive data in your cloud environment. The sensitive data discovery feature in Defender for Cloud scans your cloud resources to identify sensitive data types, such as credit card numbers and social security numbers. This feature helps you locate sensitive data in your cloud environment and take steps to protect it.

Prerequisites

• Enable Defender Cloud Security Posture Management (CSPM).

• Enable sensitive data discovery.

• Enable Defender for Storage.

• Enable Defender for Databases.

• Register each relevant Azure subscription to the Microsoft.Security resource provider.

View resources with sensitive data

Resources containing sensitive data are at risk of exposure to unauthorized users. The sensitive data discovery feature in Defender for Cloud helps you identify resources with sensitive data types, enabling you to take proactive steps to prevent data breaches.

1. Sign in to the Azure portal.

2. Navigate to Defender for Cloud > Data and AI security dashboard.

3. Locate the Data closer look section and select View all resources with sensitive info types.

   

4. Select search.

   

5. Review each record found and select View details to see more information about the resource.

6. Select the Resource name to view all recommendations and alerts associated with the resource.

7. Remediate the recommendations.

8. Respond to the security alerts.

Related content

• Remediate recommendations
• Respond to security alerts