1. What is Custom Regex?

Regular expressions (regex) are sequences of characters that define search patterns for text. CYRISMA's custom regex feature enables users to create personalized search patterns to identify unique sensitive data types, such as:

• Internal identifiers (e.g., employee IDs, project codes)
• Industry-specific information (e.g., SIN numbers in Canada, IBAN codes)
• Custom keywords relevant to organizational policies

2. When to Use Custom Regex

Consider using custom regex when:

• Pre-Built Categories Fall Short: Your organization needs to search for sensitive data types not included in CYRISMA’s predefined categories.
• Client-Specific Requirements: Clients request scans for data unique to their environment.
• Advanced Incident Response: Investigating specific terms or patterns to assess data exposure during breaches.

3. Setting Up Custom Regex

Follow these steps to create a custom regex in CYRISMA:

Step 1: Access the Custom Regex Feature

1. Log in to your CYRISMA account.
2. Navigate to the Admin area from the main dashboard.
3. Select Sensitive Data Categories and then click on the Custom tab.

Step 2: Define Your Regex Pattern

1. Click the Add New Regex button.
2. Provide a Name for the regex to easily identify it later (e.g., “Canadian SIN Numbers”).
3. Enter your regex pattern in the designated field. For example:
   • A SIN number regex pattern: ^\d{3}-\d{3}-\d{3}$
   • A custom identifier: [A-Z]{3}\d{4}

Step 3: Test the Regex

1. Use the Test Pattern feature to verify your regex works as intended.
2. Paste sample data into the test field to confirm it captures the correct information.

Step 4: Save the Regex

1. Once satisfied, click Save to add the custom regex to your list of sensitive data categories.

4. Using Custom Regex in a Scan

After setting up your custom regex, you can use it in data scans.

Step 1: Initiate a Data Scan

1. Navigate to the Sensitive Data Scan section in CYRISMA.
2. Choose the type of scan you wish to perform (e.g., email, OneDrive, local drives).

Step 2: Select Custom Regex

1. During the scan setup, go to the Custom category under data types.
2. Select the regex patterns you wish to include in the scan.

Step 3: Execute the Scan

1. Configure the rest of the scan settings, such as the target agent and date range.
2. Run the scan and wait for results.

5. Interpreting Custom Regex Results

Once the scan completes:

1. Go to the scan results and filter by Custom Data Categories to view matches for your custom regex.
2. Review the specific locations (e.g., files, emails) where matches were found.
3. Assess the context to determine whether the identified data poses a security risk.

6. Tips for Creating Effective Regex Patterns

• Be Specific: Avoid overly broad patterns that may result in false positives.
  • Example: Use ^\d{3}-\d{3}-\d{3}$ for SIN numbers instead of \d{9} to prevent matching unrelated numbers.
• Validate Often: Test your regex against real sample data to confirm accuracy.
• Use Anchors: Use ^ and $ to specify the start and end of a pattern, respectively.
• Escape Special Characters: Characters like . or * have special meanings in regex. Escape them using a backslash (\) if you want to match them literally.

7. Practical Use Cases for Custom Regex

• Identifying Internal Data: Search for internal project names or department-specific identifiers.
• International Compliance: Match sensitive data formats used in other countries, such as IBAN for international banking.
• Keyword Searches for Incident Response: Search for specific terms like “Confidential” or “Top Secret” to locate sensitive documents quickly.

8. Managing and Updating Custom Regex

• Edit Existing Regex: Go to the Custom tab, select the regex you want to update, and modify the pattern.
• Delete Unused Regex: Remove obsolete regex patterns to maintain clarity and avoid confusion.
• Document Patterns: Keep a record of custom regex patterns and their purposes for future reference.

9. Conclusion

Custom regex in CYRISMA empowers organizations to tailor data scans to their unique needs, enhancing the platform’s flexibility and effectiveness. By following best practices and leveraging this feature strategically, you can improve data security, meet compliance requirements, and provide targeted solutions to your clients.