Skip to main content
All CollectionsPrivacy Code ScanningPlatform Overview
Customizing & Configuring Privado
Customizing & Configuring Privado

Details on configuring & customizing the Privado platform

Vaibhav Antil avatar
Written by Vaibhav Antil
Updated over 11 months ago

Privado is a privacy code scanning solution that scans code repositories to discover & classify personal data and generates data flow diagrams. Privado discovers the following from a code scan:

  1. Data Element Discovery & Classification

  2. Third-Party Inventory

  3. Asset Inventory

    1. Data Stores

    2. Internal APIs

    3. Messaging Queues

  4. Data Flow Diagrams - End-to-end data flows from collection, sharing, storage, use & internal sharing

  5. Processing Activity Discovery

  6. Data Source Discovery

    1. Internal Assets like APIs

    2. External like 3P data broker

    3. User Input like Forms, Permissions, File Upload

Privado offers customization & configurations to improve the results and personalize them to your business needs.

Customizable Options for Privado Scan

Privado scan uses rules to tag personal data(sources), entry points & exit points of data(sinks). By default, Privado comes with a default rule list for 150 data elements and 1000s of 3Ps. You can easily extend the rule list to include any custom data element or third party.

Here are configurable options for the Privado scan:

  1. Data Elements: Define your own custom data elements based on your company or industry. You can also edit an existing rule for a data element.

  2. Third-Party: Add a rule for an SDK or Package that you use within your development environment.

  3. Data Stores: Add support to any custom ORM you use within your business

  4. Policy: Configure the policies that discovers privacy issues in code

Configuring Custom Data Element

Out of the Box, Privado discovers over 150 data elements in code. You can easily add a custom data element to the list:

The data flow scan requires the following directory format to be in place :

|--config

|--rules

|--sources

Once this directory structure is created, you must add .yaml files inside the sources directory. The structure of a rule inside this YAML file follows the format:

sources:

- id: Data.Sensitive.AccountData.CustomCompanyId 
  name: Custom Company ID 
  category: Account Data 
  isSensitive: False 
  sensitivity: low 
  patterns: - "(?i)(customcompany[-_]?(id|(customcompany|account)[-_]?id))" 
  tags: law: GDPR

You can have multiple files or a single file with all the rules in the sources directory.

  1. id: Unique identifier for the data element. The format must follow - “Data.Sensitive." + category name ( without spaces and special characters ) + data element name ( without spaces and special characters )

  2. name: Name of the data element

  3. category: Category of the data element

  4. isSensitive: Boolean flag to indicate if the data element is sensitive

  5. sensitivity: Indicates the sensitivity level of the data element. It can have values “low,” “medium,” or “high.”

  6. patterns: An array of regex patterns for the data element. This regex will be used to search variable names. Matching variables will be tagged as the source for this data element

  7. tags: Object of key-value pairs. This is useful to group and filter data elements. Example: you can tag applicable laws for the data element.

Please note:

  • A rule can have multiple “patterns”. Each “pattern” should be a valid regex expression compliant with Java regex flavor.

  • Each special character needs to be escaped twice, as indicated in the pattern.

See here for detailed information on rule schema.

Once all the rules are set up, the next step is to compress both the directories - ( config and rules ) in a single zip file, the zip file can have any name as per convenience. After creating the rules zip, upload the zip file to the Privado dashboard.

Did this answer your question?