You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: learn-pr/wwl-sci/describe-purview-data-solutions/includes/6b-describe-data-security-investigations.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
2
-
When a data security incident occurs—a data breach, an insider leak, or an unexpected data exposure—your security team needs to understand quickly what data was affected and what risk it creates. Historically, that kind of investigation required significant time and manual effort: downloading files, searching through them one by one, and trying to piece together what was exposed. Microsoft Purview Data Security Investigations is a purpose-built solution that helps cybersecurity teams investigate data security incidents using generative AI, so they can analyze large amounts of data and find the most critical risks faster than traditional methods allow.
2
+
When a data security incident occurs—a data breach, an insider leak, or an unexpected data exposure—your security team needs to understand quickly what data was affected and what risk it creates. Historically, that kind of investigation required significant time and manual effort: downloading files, searching through them one by one, and trying to piece together what was exposed. Microsoft Purview Data Security Investigations is a purpose-built solution for cybersecurity teams. It uses generative AI to help teams analyze large amounts of data and identify the most critical risks faster than traditional methods.
3
3
4
4
## What is Data Security Investigations?
5
5
@@ -13,7 +13,7 @@ One of the key strengths of Data Security Investigations is its use of generativ
13
13
14
14
**Vector search** goes beyond keyword matching. Instead of only finding files that contain exact words, it understands the meaning behind your search. If you're looking for files related to client contracts, it surfaces relevant content even if those exact words don't appear in the file. This is useful when you're searching through unfamiliar data or when the language used in files is indirect.
15
15
16
-
**Categorization** helps you make sense of large amounts of data before committing to a deeper analysis. AI automatically sorts impacted content into categories by subject matter and risk level—using default categories, custom ones you define, or categories that the AI suggests based on what it finds. This lets your team quickly see which items carry the most risk and focus their attention there first, rather than reviewing everything manually.
16
+
**Categorization** helps you make sense of large amounts of data before committing to a deeper analysis. AI automatically sorts impacted content into categories by subject matter and risk level—using default categories, custom ones you define, or categories that the AI suggests based on what it finds. Your team can quickly see which items carry the most risk and prioritize those items.
17
17
18
18
**Examination** takes the analysis a step further by scanning file content for specific security risks. It can surface things like exposed credentials, network vulnerabilities, or discussion of threat actor activity buried within files. This is the step that moves from "what data was touched" to "what danger does this data actually represent."
19
19
@@ -38,7 +38,7 @@ Data Security Investigations connects with the security tools your organization
38
38
39
39
## Taking action
40
40
41
-
Once you understand what's at risk, Data Security Investigations gives you options to respond directly. You can soft purge items, which moves them to a recoverable deleted state in case you need to restore them later. You can also hard purge items, which permanently removes them from the data source when you're confident the content needs to be deleted entirely.
41
+
Once you understand what's at risk, Data Security Investigations gives you options to respond directly. You can soft purge items, which moves them to a recoverable deleted state in case you need to restore them later. You can also hard purge items to permanently delete them from the data source.
42
42
43
43
Beyond removing content, investigation findings give you the context you need to take other protective steps: tightening access controls on affected data sources, working with your IT team to apply extra encryption, or preparing documentation to meet regulatory requirements. Depending on the nature of the data and your organization's location, data protection laws might require that you notify affected individuals or authorities about a breach, and the records generated by an investigation help support that process.
0 commit comments