GuardWare DISCOVER: Management Console Detailed Guide

Overview

GuardWare DISCOVER is a cross-platform data discovery and remediation system that enables organisations to locate, analyse, and manage sensitive data across endpoints, file servers, email systems, and cloud services. Its primary focus is the discovery of PCI and PII data, but users can define custom data types as needed to suit organisational requirements.

DISCOVER supports both agent-based and agentless scanning, allowing deployment flexibility to match your organisation’s network infrastructure. Besides standard documents, the system can scan compressed archives and image files as well. Users can take action on exposed data by moving, encrypting, or deleting it from insecure locations.

This guide provides a detailed walkthrough of the DISCOVER Management Console, structured to follow the console’s interface hierarchy. It includes both procedural steps and contextual explanations for each feature.

DISCOVER Management Console Login/Logout

The Management Console is the control hub for Super Admins and authorised users. After logging in, users can set up a secure location to store files for remediation, manage users, create custom data types, create data owners, create classifications, assign data types to data owners, search for devices to scan, perform scans, review results, perform investigations, and remediate sensitive data.

Super Admin Login

The Super Admin is a user account provisioned by GuardWare Australia during the initial setup of DISCOVER for your organisation. This account has full administrative access to the Management Console.

1. Open a web browser and navigate to the DISCOVER Management Console page.

2. Log in using the Super Admin credentials created during the server installation.

3. Download Google or Microsoft Authenticator on your mobile device and scan the QR code from the authenticator app.

4. Enter the generated verification code in the Authentication field and click Authenticate.

5. Enter a new password and click Login.

New Organisation User Login

A new organisation user is an account created by a Super Admin or an enrolled organisation user. This account grants the new user access to the GuardWare DISCOVER Management Console.

1. On a web browser, navigate to the DISCOVER Management Console page.

2. Enter your username (email address) and one-time password received via email or sent by your Super Admin.

3. Scan the QR code using the Google or Microsoft Authenticator app on your mobile device.

4. Enter the generated verification code in the Authentication field and click Authenticate.

5. Enter a new password and click Login.

Log In Using your Microsoft Account

If your organisation uses Microsoft Azure AD (Entra ID), you can sign in via single sign-on (SSO). GuardWare delegates authentication to Azure AD, allowing users to access the Management Console without entering a separate password. Access is granted based on existing GuardWare accounts that correspond to your Azure AD identity.

If you choose this method, you can skip the Authenticator QR setup process entirely. Applies to Super Admin as well as organisational users.

1. Click Sign in with Microsoft

2. In the Sign in page, enter your Microsoft account email address.

3. Select Yes if you do not want to be asked for login credentials again, or select No if you want to be asked for email credentials every time you sign in. Additionally, you can check Don’t show this again box if you do not want to see this dialog box again.

Log Out

Click the Power (⏻) button at the top-right to log out safely.

ORGANISATION

The ORGANISATION section allows administrators to manage user accounts, configure the DISCOVER Agent for download, and set up key organisational settings. This includes defining a secure file storage location, setting up password protection on ZIP folders, and configuring SMTP email servers for notifications.

These controls ensure that emails and alerts are sent from authorised servers, that user accounts are adequately protected, and that sensitive files are handled in accordance with organisational security and data governance policies.

Organisation Creation

Super Admins logged into the Management Console can create new organisations and add users to them. Each organisation defines its own set of users, data, and permissions, allowing admins to manage operations independently and ensure clear separation between them.

1. Navigate to ORGANISATION and click +Create New.

2. Enter a Name for the new organisation.

3. Enter the Location.

4. The Database Name will be automatically generated based on the organisation’s name.

5. Set a Time Zone that matches your organisation’s location. This will also be used to time the report creation; therefore, enter the timezone that best fits the situation.

6. Upload the logo of your organisation. Supported file types are .jpg, .jpeg, and .png.

7. Enter the URL (optional) and Description (optional).

8. Click Create Organisation.

Adding a User to an Organisation

After creating an organisation, you’ll need to add at least one user to the organisation.

1. Navigate to ORGANISATION and select the newly created organisation.

2. Enter the username in the field.

3. Enter a valid email in the field.

4. Click Create User.

SMTP Configuration

The SMTP Configuration allows organisations to configure their own email server for sending notifications, user invitations, password resets, scan reports, and other system alerts. Configuring SMTP will enable notifications to come from the organisation’s domain, improving trust and brand consistency.

If SMTP is not configured, DISCOVER defaults to GuardWare’s SMTP servers to send notifications, system emails, or alerts. Configuring SMTP is recommended for organisations that require domain-specific email notifications, such as noreply@bank.com instead of noreply@guardware.com.

1. Navigate to ORGANISATION > SMTP Configuration.

2. Enter your SMTP Server name to direct the system to the correct email server.

3. Enter SMTP Port used by your mail server (common values: 25, 465, 587) to ensure compatibility with the email server's communication protocol.

4. Enter an SMTP Username.

5. Enter SMTP Email and Password for outgoing alerts.

6. Enable STARTTLS if encryption is required.

7. In Enable SMTP Authentication, select Yes if the server requires credential verification.

8. Enter a Test Email Address to send a test message and confirm that the SMTP configuration is working correctly.

9. Click Save to test and apply the configuration.

Set Up Secure Location

The Secure Location feature allows files identified during scans to be copied or moved to a protected location for investigation or remediation. This ensures sensitive data is stored securely and accessible only to authorised users.

New Secure Location Configuration

Use New Secure Location to set up a secure storage path on a device that has not yet been discovered or configured. This allows sensitive files identified during scans to be safely moved to that device.

This option is suitable for devices not yet on the network, removable drives that can be plugged in for secure storage or remediation, and agent devices, which must be added as a New Secure Location.

1. Navigate to ORGANISATION > Set Up Secure Location.

2. On Target Type, select New and enter the Host Name of the target. The hostname must be the device's actual name.

3. Select a Protocol by which to connect to the new secure location (File Server, WinRM, or SSH).

4. Enter the host device's Username and Password.

5. Enter the Destination Folder path where the files will be stored, e.g., C:\Secure Location.

6. Click Save to apply the configuration.

Once the secure location is successfully established, a status of Active will display. If you want to change the location of the secure location to another device or another directory, you can do so anytime.

Discovered Secure Location Configuration

Use this feature to register a secure storage path on a previously discovered device, allowing sensitive files to be copied or moved for investigation or remediation. This is intended for devices already on the network, providing a convenient setup for standard endpoints. Agent devices must be added as New, as they cannot appear under Discovered.

1. Navigate to ORGANISATION > Setup Secure Location.

2. On Target Type, select Discovered.

3. Choose a discovered device from the drop-down.

4. Define a path to store the data, e.g., C:\Secure Location.

5. Click Save.

Set Investigation Password

To ensure only authorized users can access downloaded files, administrators must set a secure password. When a file is retrieved through the Investigate function, DISCOVER packages it into a password-protected ZIP before download, providing an additional layer of security.

1. Enter a strong password in the password field (minimum eight characters with a mix of uppercase letters, lowercase letters, numbers, and symbols) or click Generate Automatically to auto-generate a password.

2. Click Set Password. The Investigation password is applied per file.

3. To view or change the currently set password, enter your DISCOVER Management console’s login credentials and click the View (👁) icon.

Users

The Users feature allows Super Admins and authorised users to manage accounts that can access the DISCOVER Management Console. From here, administrators can create new users, edit user details, deactivate other user accounts, and reset authentication and login credentials (including OTPs and passwords).

Proper user management ensures that only authorised personnel can access the Management Console and perform operations such as initiating scans, viewing scan results, and managing sensitive data types.

Add New User

When logging in with your Super Admin account for the first time, you will see that no other users exist. Super Admins can add new users, which allows them to run and manage scan jobs, investigate sensitive files, perform remediation, and enroll additional users into the Management Console.

1. Navigate to ORGANISATION > Users and click the +Enroll New User button.

2. Enter a valid email address and give the user a Display Name.

   

3. On the Select Password Verification, choose one of the following:

   

3. Click Save to complete the user creation process, or click Reset to start over.

Additional Functionalities

After creating and adding users, you can perform additional functions in the Organisation Users page:

Edit a User

1. Navigate to ORGANISATION > Users.

2. Click the Edit (🖉) icon.

3. Enter a new Display Name and a new Email. Changing the username and email does not make the system treat the account as a new user.

   

4. Click Update.

Disable a User

1. Navigate to ORGANISATION > Users.

2. Click the Disable (⊘) icon. This revokes a user’s access to the Management Console. You cannot disable your own account.

3. Click Disable.

   

Reset OTP

1. Navigate to ORGANISATION > Users and click Reset OTP.

2. Click Reset. This Forces the user to re-register an existing user’s or their own Management Console account with an authenticator. This generates a new QR code, allowing the user to receive authentication codes if they are not being received on the authenticator.

   

Reset Password

1. Navigate to ORGANISATION > Users and click Reset Password.

2. Enter the new password and re-enter it to confirm.

3. Click Reset. This resets an added user’s login password if they have lost access or forgotten their login credentials.

   

Agent Configuration

Configure the MSI file so the DISCOVER Agent is prepared for download. After the Agent MSI is downloaded and installed on a device, the target device will be converted into an Agent, allowing it to perform tasks assigned from the Management Console.

1. Navigate to ORGANISATION> Agent Configuration.

2. Enter the desired LOCATION in the field and click Update MSI.

The MSI installer will be available for download with the updated configurations in the RESOURCES section.

Integrations

Set up Microsoft 365 integration to enable monitoring of Exchange Online, SharePoint, OneDrive, and other Microsoft 365 services. To set up, your organisation must have an active Microsoft 365 subscription.

1. Navigate to ORGANISATION> Integrations.

2. Click Connect Microsoft 365.

3. Select an account from the list or click Use another account.

4. If you choose Use another account, you’ll need to re-enter your account credentials to proceed.

4. Approve the sign-in request if you have registered the account in an authenticator app.

5. Click Consent on behalf of your organization and click Accept.

6. You will receive a confirmation message on the Management Console saying that Microsoft 365 services have been integrated with GuardWare DISCOVER.

DATA GOVERNANCE

The DATA GOVERNANCE section allows administrators to manage how DISCOVER handles sensitive information. Administrators can create and assign data classifications, define data owners for specific data types, and add custom data types or data subtypes to detect organisation-specific sensitive content.

Data Classification

The Data Classification feature allows users to group multiple data types and assign a color label for easy visual identification. DISCOVER automatically assigns a sensitivity level to each classification in the order they are created: the first is level 0, the next is level 1, and so on.

If a document detects multiple data types in a file, DISCOVER automatically assigns the highest sensitivity level among the data types present to the file.

Create Data Classification

When logging in for the first time, no data classifications exist. Administrators can create up to 16 classifications, with sensitivity levels ranging from 0 to 15.

1. Navigate to ORGANISATION > Data Classification > +Create Data Classification.

2. Enter an appropriate and unique Classification Name.

3. Give a Description (optional).

3. Select a Color for each data classification for visual identification.

4. Click Save.

Additional Functionalities

After creating a data classification, you can perform additional functions from the Data Classification page:

Edit Data Classification

1. Navigate to ORGANISATION > Data Classification.

2. Click the Edit (🖉) icon. Edit the data, give a description (optional), and select a unique color.

3. Click Update.

Delete Data Classification

1. Navigate to ORGANISATION > Data Classification.

2. Click the Trash (🗑) icon.

3. Click Delete.

Data Owner

A Data Owner is an individual assigned to one or more data types. Whenever sensitive data associated with the data owner is detected, they receive an alert in their registered email, ensuring timely awareness and accountability.

Assigning a data owner guarantees that notifications are directed to the correct personnel. The Data Owner does not need to be the same person as the device or file owner.

Add Data Owner

When logging in for the first time, you will need to create data owners and assign them specific data types so that they receive alerts whenever sensitive information is detected.

1. Navigate to DATA GOVERNANCE > Data Owner and click +Create Data Owner.

2. Enter the new data owner’s Email and Name

3. Enter a short Description (optional) and Contact number (optional).

   

4. Click the +Assign Data Types button.

   

5. Select the data types to assign to the data owner. You can also use the search function to locate data types quickly.

   

6. Click Save to complete creating and assigning data to a new data owner.

After adding data owners and assigning data types to them, the following actions are available in the Data Owner table page:

Edit Data Owner

1. Navigate to DATA GOVERNANCE> Data Owner.

2. Click the Edit (🖉) icon.

3. Update the data owner’s credentials.

4. If you wish to reassign datatypes, click +Assign Data Type and click Save.

5. Back on the New Owner page, click Save.

Delete Data Owner

1. Navigate to DATA GOVERNANCE> Data Owner.

2. Click the Trash (🗑) icon. Ensure that all data linked to this user is unlinked or reassigned to a new owner before it is deleted.

3. Click Delete.

Assign Data Types

1. Navigate to DATA GOVERNANCE> Data Owner.

2. Click +Assign Data Types to assign additional data types to the user or unassign existing ones.

3. Select or deselect data types from the list. Use the search box to find specific data types quickly.

4. Click Save.

Reassign Data Types 

1. Navigate to DATA GOVERNANCE> Data Owner.

2. Click Re-Assign Data Types.

3. Select the data types you want to reassign to a new owner.

4. Choose the new data owner from the Select New Owner drop-down. Use the search box to find specific data types quickly.

5. Click Save.

Data Type

Data Types in DISCOVER specify the kinds of information the system looks for during scans. They determine what content is considered sensitive, allowing DISCOVER to flag it correctly. You can use predefined data types from the built-in library, such as PII (e.g., names, national IDs, email addresses), PCI DSS (e.g., credit card numbers, CVV codes, transaction data), or create custom data types for information unique to your organisation (e.g., employee codes or internal project IDs).

Add Data Type

If the data type you want DISCOVER to look for is not in the data type library, you can create custom data types. Custom data types are useful for proprietary information or any other sensitive data that does not fall under standard classifications.

1. Navigate to DATA GOVERNANCE > Data Type and click +Data Type.

2. Enter a Data Type Name and Description (optional).

3. Select a Data Identifier from the drop-down:

   1. Sensitive Words: Allows you to define phrases used to identify sensitive content during scans.

      1. All Phrases Condition: Specify phrases that must all appear together in a document or conversation for it to be classified as sensitive. Type the phrase and press Enter to include it.

         

      2. At Least (n) Phrases Condition: Define a minimum number of phrases that must be present in the text for it to be flagged as sensitive. Enter each phrase and press Enter to add it. For example, if set to 2, any document containing at least two of the listed phrases will be marked as sensitive.

         

      3. None of the Phrases Condition: Specify phrases that must not appear in the text. If any of these phrases are found, the content will not be considered sensitive.

         

      4. Context Parameters

         1. Context Length: Defines how many words before and after the detected sensitive word should be captured.

            For example, if context length is set to 3, the results will look like:
            His name is John Smith, and he is...If the sensitive word is 'John Smith'.
            This helps administrators review the surrounding text to determine whether the information is genuinely sensitive or a false positive.

            

         2. Number of Hits: Specifies how many times a sensitive word must appear in a document before it is shown in the results. Adjusting this value allows administrators to fine-tune the detection sensitivity and reduce unnecessary alerts in the final report.

            For example, if the number of hits is set to 5, clicking View Result will only show five or fewer instances where the sensitive data was found.

            

   2. Regular Expressions: Defines a specific search pattern used to identify sensitive data based on custom text patterns. You can enforce additional conditions, such as requiring a space before and/or after the matched expression to reduce false positives.

      

      1. Test Text: Validate the regular expression by entering a sample string and checking if the pattern correctly identifies the intended data. Click +Validate to test the configuration.

         

      2. Checksum (Luhn): Enables Luhn validation for patterns like credit card numbers. When selected, DISCOVER verifies that the detected numbers follow a valid checksum.

         

      3. Context Parameters

         1. Masking: Determines how much of the detected sensitive data is concealed in reports and dashboards. Available masking levels include:

            1. None: No masking applied; complete data is visible.

            2. 1/4 Mask (Quarter Masking): 25% of the data is hidden.

            3. 1/2 Mask (Half Masking): 50% of the data is hidden.

            4. 3/4 Mask (Three-Quarter Masking): 75% of the data is hidden.
               

   3. Filename Expressions: Define file name patterns to include or exclude during scans. Wildcards can be used to match multiple files or file types efficiently.

      1. Add Expression: Use this option to type or select a filename pattern to include in the rule.
         Type a filename expression in the Add Expression field and click (+) to add.

         

4. Choose a Classification from the drop-down.

5. Select Data Owner(s) from the drop-down to assign to the new data type.

Include Sub-Type

For each new data type created, you can assign subtypes to it.

1. Select or type the existing data subtype from the drop-down and press Enter to assign it to the data type. In the Sub-Type, If Present, reports will only be generated if all the selected subtypes are found in the file.

2. Select or type the existing data subtype from the drop-down and press Enter to assign it to the data type. In the If One or More Subtype, reports will be generated even if only one of the selected subtypes is found in the file.

Data Subtypes

Data Subtypes are linked to data types, helping refine and narrow scan results. When configured, they help minimize false positives by ensuring DISCOVER accurately identifies specific categories of sensitive information across target devices.

Add Data Subtype

If the data subtype you want DISCOVER to look for is not in the library, you can create custom data subtypes. For example, within the Phone number data type, you could create subtypes for mobile or landline numbers or separate phone numbers based on geographical location.

Custom data subtypes are useful for refining results of proprietary information or any other sensitive data that does not fall under standard classifications.

1. Navigate to DATA GOVERNANCE > Data Type and click the Data Subtype button.

2. Click +Data Subtype.

3. Enter an appropriate Data Subtype Name and give a short Description (optional).

4. Select one Data Subtype Identifier by clicking the drop-down(Sensitive Words, Regular Expressions, or Filename Expressions).

5. Set a Context Parameter (Sensitive Words and Regular Expressions), and click Save.

Assign Classification

The Assign Classification feature allows you to link one or more existing data types to a classification.

1. Navigate to DATA GOVERNANCE > Data Type.

2. Select at least one or multiple data types and click Assign Data Classification.

2. Select a classification from the drop-down and click Assign.

DISCOVER

The DISCOVER section allows administrators to manage agents, search for target devices and services, configure scans, run scans, and review scan results. You can define scan schedules, investigate sensitive files, and apply remediation actions such as delete, encrypt, move, or alert the end user/device owner or the data owner via email.

Dashboard

The Dashboard provides a summary of all scanning, investigation, and remediation activity across your environment. It highlights overall system activity, identifies potentially sensitive files, and displays remediation outcomes at a glance.

Target Discovery

Target Discovery identifies devices and services available for scanning. DISCOVER finds targets within defined IP ranges and network locations using protocols such as WinRM, SSH, or file server access. You can choose which agent performs the discovery, and the discovered devices can then be included in future scans.

View/Add Devices

Devices are the endpoints that DISCOVER scans, either locally or remotely using SSH or WinRM. These endpoints represent the targets where sensitive data may exist.

1. Navigate to DISCOVER > Target Discovery > Devices and click +Discover New Target.

2. In the Discovery Job Name, enter a name for the scan.

3. In Target IP Range, define the IP segment in which DISCOVER should search for devices.

4. Set the Location to filter the list of agents by their assigned location.

5. Select a Protocol from the drop-down.

6. For WinRM and SSH Protocol, the Username and Password of

   1. Local accounts of the target device(s).

   2. Azure AD (Entra ID) accounts for Azure AD-joined device(s).

   3. Domain accounts (e.g., DOMAIN\username) for AD-joined device(s).

7. For the File Server, the Username, Password, and SMB Server of

   1. An account with access to the target share (use DOMAIN\username for domain accounts where required).

   2. The SMB server name and the path to the share or folder (for example, fileserver01\share\folder).

8. In Connection Attempt Interval, select how frequently DISCOVER will try to connect to a target.

9. In Give-up Trying After, select the maximum duration DISCOVER will continue attempting to connect before abandoning.

10. Click Save.

View/Add Services

Services represent cloud-based endpoints that DISCOVER can access and scan for sensitive data. These include Microsoft 365 services such as Exchange Online and SharePoint Online. DISCOVER accesses these services using Microsoft’s Graph API using OAuth 2.0 authentication.

1. Navigate to Target Discovery > Services and click +Discover New Target.

2. In the Discovery Job name, enter a name for the scan

3. In Cloud Connector, select the service type (Microsoft Exchange or SharePoint). Depending on the selected connector, you will need to enter credentials for:

4. Exchange:

   1. Exchange Tenant ID: Found in the Azure portal under the Exchange application registration.

   2. Exchange Client ID: The Application (Client) ID from the registered Exchange app in Azure AD.

5. SharePoint:

   1. SharePoint Organisation: Your organisation name used in SharePoint Online.

   2. SharePoint Tenant ID: Located in the Azure portal under the SharePoint application registration.

   3. SharePoint Client ID: The Application (Client) ID from the registered SharePoint app in Azure AD.

6. Set the Location to filter the list of agents by their assigned location.

7. You have two methods by which you can authenticate, depending on the cloud connector chosen:

8. In Connection Attempt Interval, select how frequently DISCOVER will try to connect to a target.

9. In Give-up Trying After, select the maximum duration DISCOVER will continue attempting to connect before abandoning.

10. Click Save.

Additional Functionalities

After initiating a discovery job, you have access to the following additional features in the Target Discovery page:

Edit Target Discovery

1. Navigate to DISCOVER > Target Discovery.

2. Click the Edit (🖉) icon.

3. Make the necessary changes as explained in the +Discover New Target section.

4. Click Save.

Re-Discover Targets

1. Navigate to DISCOVER > Target Discovery.

2. Click the Re-discover (🔄) icon.

3. The operation will reinitiate.

Devices/Services Found

The Devices/Services Found section displays all endpoints and services identified by DISCOVER Agents. You can search and filter targets based on their connection type, including local devices, remote devices, Exchange Online, or SharePoint Online.

Reassign Agent

The Reassign Agent feature allows administrators to change the agent responsible for managing or scanning a specific target device or service. This ensures flexibility in assigning scanning tasks and enables other agents to take over management or scanning duties without being limited to the agent that initially discovered the target.

1. Navigate to Discover > Devices/Services Found.

2. Select the devices you want to reassign to a different Agent and click +Re-assign Agent.

3. Select the new Agent and click Save.

Scans

The Scans feature examines target devices, servers, or cloud storage to identify sensitive data. Scans can be one-time (non-recurring) or ongoing (recurring) and are categorised based on whether the scan runs directly on the host device (application-based) or remotely across the network (agentless). However, both scan types rely on the DISCOVER Application to execute the scanning logic.

This section explains how to initiate scans in DISCOVER to detect sensitive data across devices, servers, and cloud services.

One Time Scan

The One-Time Scan feature enables administrators to run a single, non-recurring scan on specific data types and select devices or locations, such as a particular file share. This enables focused detection of sensitive information in specific areas, providing precise results without scanning the entire environment.

1. Navigate to DISCOVER > Scans and click +New Scan.

2. Select One Time Scan and click Proceed.

3. Enter a Scan Name and an optional Description, then click Next.

3. Select the Data Types to scan and click Next. You can also use the search box to search for specific data types quickly.

4. Select the Targets / Services to scan (Exchange, Devices, and SharePoint), and click Next. You can also use the search box to find specific targets or services quickly.

5. Configure File Handling Options:

6. Specify the file types and locations that DISCOVER should include or exclude during scans and click Next. You have the option to:

7. Review the scan configurations and click Save Scan. The scan will initiate automatically.

Ongoing Scan

Ongoing Scan scans all or selected devices across the organisation for sensitive data. Runs on a recurring schedule with all data-type rules, enabling tracking of changes and comparing results over time.

Navigate to DISCOVER > Scans and click +New Scan.

1. Select Ongoing Scan and click Proceed.

2. Select the Data Types to scan and click Next. You can also use the search box to quickly search for specific data types.

3. Select the Targets / Services to scan (Exchange, Devices, and SharePoint), and click Next. You can also use the search box to search for specific targets/services quickly.

4. Configure File Handling Options:

5. Specify the file types and locations that DISCOVER should include or exclude during scans and click Next.

7. Set a schedule for the scan and click Next. You have the option to:

8. Review the scan configurations and click Save Scan. The scan will automatically initiate.

Additional Functionalities

After initiating scans, you have access to the following additional features in the Current Scans page:

View Result

1. Navigate to DISCOVER> Scans.

2. Check the scan findings by clicking View Result.

View Scan Details

1. Navigate to DISCOVER> Scans.

2. Check the scan configurations by clicking the View (👁) icon.

Delete Scan

1. Navigate to DISCOVER> Scans.

2. Delete the selected scan by clicking the Trash (🗑) icon.

3. Click OK to confirm. You can only delete an Ongoing or a Not Started scan.

Pause Scan

1. Navigate to DISCOVER> Scans.

2. Pause an ongoing scan by clicking the Pause (⏸) icon. You can only pause an Ongoing scan.

Resume Scan

1. Navigate to DISCOVER> Scans.

2. Resume a paused scan by clicking the Play (▷) icon. You can only resume an Ongoing scan.

Terminate Scan

1. Navigate to DISCOVER> Scans.

2. Terminate an ongoing scan by clicking the Stop (ⓧ) icon.

3. Click Terminate to confirm. You can only terminate an ongoing scan.

Results

The Results page provides a comprehensive view of sensitive data detected across scanned endpoints, SharePoint sites, and email mailboxes, along with actionable options. From this page, administrators can initiate investigations for further analysis, perform remediation actions (move, copy, delete, or notify), and download detailed reports in Excel format.

Devices

For devices, you can view the scanned file details, including filename, file path, size, creation and modification dates, owner information, and operating system details. Detected data types and the number of hits are shown in a clickable format, allowing you to review sensitive content quickly. The classification of each file is displayed, and any remediation actions, such as move, copy, delete, or notifications, are tracked.

To view,

1. Navigate to DISCOVER> Results.

2. Click on Devices.

SharePoint

For SharePoint, the Results page shows details of scanned documents, including the document name, library, path, site URL, owner, and size. Detected sensitive data types and the number of hits are clickable, providing additional details. Additionally, the status of any remediation actions performed is recorded.

To view,

1. Navigate to DISCOVER> Results.

2. Click on SharePoint.

Email

For email results, the page provides metadata for each scanned email, including sender, recipients (To, CC, BCC), subject, sent date, and mailbox folder. Detected sensitive data types, number of hits, and the specific location of the data (body, attachment, or subject) are clickable for detailed review. The classification of the email or its contents is shown, and the status of any remediation actions is tracked.

To view,

1. Navigate to DISCOVER> Results.

2. Click on Email.

Investigate

The Investigate function allows administrators to retrieve scanned files for further inspection. This is useful for checking whether scan configurations are working as intended or for examining unexpected results after scans, for example, a sensitive file appearing on a device that should not contain it. Select an existing investigation to download the file for analysis.

1. Navigate to DISCOVER > Results.

2. Select one or more files to investigate. SharePoint and Email scan results can be selected by clicking the associated button under Results at the top and then selecting files from the table.

3. Click Investigate.

4. From the Select Investigation drop-down, choose an existing investigation to associate the files with and enter a comment.

5. Click Investigate to begin the download process.

Remediate

The Remediate function executes remediation actions (move, delete, or encrypt) on files identified during a scan or investigation. Unlike the Remediation section, which provides a status view of remediated files, this function performs the actual operational steps to secure, remove, or notify relevant parties about sensitive files.

1. Go to DISCOVER > Results > Remediate or DISCOVER > Investigation > Remediate

2. Select one or more files and click Remediate.

3. Choose a remediation action from the drop-down.

5. Add a comment (optional) to provide context or notes for the task.

6. Click Remediate to execute the selected action.

Download Reports: Save a local copy of scan results for further analysis or compliance records.

Investigation

The Investigation section allows administrators to create investigations within DISCOVER. These serve to group files that require further review.

Once created, the Investigation page displays detailed information about each file and provides actionable options. You can view device and file details, examine detected sensitive data types, review previous comments, and take actions such as downloading files for manual review or performing remediation steps:

Create New Investigation

Before performing any file-level investigation from the Results section, you must first create an Investigation.

1. Navigate to DISCOVER > Investigation > +Investigation.

2. Enter a unique Name and add a short Purpose.

3. Click Create.

Remediation

The Remediation section allows administrators to monitor and track actions applied to sensitive data. After files are selected and remediation actions are initiated, this section provides a clear overview of their status and history.

After carrying out remediations, you can see the following information on the Remediation page:

AGENTS

A DISCOVER Agent is an endpoint device that sits between the Management Console and target devices to carry out actions dictated by the console. Each Agent has the DISCOVER Agent application installed and connects to local or remote target devices and services to perform tasks such as scanning for sensitive data and executing remediation actions.

Agents collect detailed information on discovered data, including its type, location, and associated metadata, and report the results back to the Management Console. Multiple Agents can be deployed across a network, working in parallel to perform scans and remediation tasks, ensuring comprehensive coverage and faster processing of sensitive data across the environment.

Here you can monitor resource usage and track devices and services assigned to a listed agent:

• Devices: Details on the devices currently associated with the particular agent.

• Service Targets: Details on the services currently associated with the particular agent.

RESOURCES

The Resources section allows you to download the Agent MSI for installation and configuration on target devices. It also provides access to help guides and documentation for operating the Management Console.

1. Navigate to RESOURCES> Agent Download.

2. Click Download MSI.

The MSI installer will be saved to the directory specified in your browser’s download settings.