Netwrix Enterprise Auditor (formerly StealthAUDIT) 11.6 has been released LEARN MORE

Scanning for Sensitive Data in Azure Storage (Blobs) with Stealthbits AnyData

Blog >Scanning for Sensitive Data in Azure Storage (Blobs) with Stealthbits AnyData
Scanning for Sensitive Data in Azure Storage (Blobs) with Stealthbits AnyData

The Importance of Cloud Storage – From SMBs to the Enterprise

With the release of Version 11.0, StealthAUDIT’s Sensitive Data Discovery tools now include our AnyData connector, which allows users to scan any storage repository for sensitive data. This is an incredibly powerful workflow, as it gives StealthAUDIT users the ability to scan cloud data repos in addition to traditional, on-premises data storage.

Year after year, the number of cloud storage vendors is increasing and their use as full-blown replacements for traditional, on-prem data storage is increasing in popularity (from SMBs to the enterprise). So if more data is being stored in the cloud than ever before, then it’s critical to be able to scan that data for sensitive content, report on discovered Personally Identifiable Information (PII), and respond to related Data Subject Access Requests (DSARs).

AnyData makes this easy! So, let’s focus on an example that’s provided by Stealthbits alongside the core AnyData technology: AnyData for Azure Storage (Blobs).

Configuring & Running the AnyData for Azure Storage (Blobs) Job in StealthAUDIT

It only takes a few minutes to download the StealthAUDIT AnyData for Azure Storage (Blobs) job from, install it on a StealthAUDIT server (that’s licensed for Sensitive Data Discovery), target an Azure tenant, and scan. Easy!

While the job has full documentation that steps through setup in greater detail, all that’s required is an Azure Active Directory service account (with minimal RBAC privileges). With that in hand, simply point the job to your Azure tenant’s friendly name (ex., select which Sensitive Data criteria you’d like to scan for, and start the scan.

The AnyData for Azure Storage (Blobs) job includes several configuration options that allows you to customize your scan in addition to which Sensitive Data criteria are selected.

Some of these options include (but are not limited to):

Scoping options – only scan a specific Azure Subscription, Resource Group, Storage Account, etc.

File size filtering – only scan files up to a certain size to reduce egress costs (or scan all file sizes).

File extension filtering – only scan the file types you’re interested in (or scan all extensions).

Optical Character Recognition (OCR) – scan image file formats for sensitive data.

Reporting on AnyData Scan Results in the Access Information Center

Once the scan is complete, analysis will automatically be performed that inserts the data into the Stealthbits Access Information Center (AIC), for both sensitive data reporting as well as Data Subject Access Requests (when paired with Stealthbits’ Data Security & Privacy Solution).

To view this information, simply launch the AIC, navigate to Resource Audit, and you’ll see Azure in the navigation sidebar. By clicking on Azure, the tenant name, or any of the resources in the Azure resource hierarchy, you can then click on sensitive data reports in the Reports sidebar to view discovered sensitive data and where it’s located in your Azure Blob containers.

AnyData workflows couldn’t be simpler, and you now have a full picture of the sensitive data that’s stored in your Azure Blob containers, which is now ready for remediation if necessary.

In most organizations, you’ll quickly find sensitive data that either shouldn’t be stored in the first place, is stored in an unsecured location (i.e., an open storage container), or should have already been securely archived.

And that’s it! AnyData simplifies Sensitive Data Discovery regardless of where that data is stored. Whether on-prem or in the cloud, file or text-based, structured or unstructured, AnyData abstracts away the complexities of Data Loss Prevention (DLP) workflows.

Stealthbits – Now Part of Netwrix


Stealthbits – now part of Netwrix – is a customer-driven cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, our highly innovative and infinitely flexible platform delivers real protection that reduces security risk, fulfills compliance requirements, and decreases operational expense.

For more information, please visit

Featured Asset

Leave a Reply

Your email address will not be published. Required fields are marked *




© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.