* [Blog](https://www2.paloaltonetworks.com/blog)
* [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Computing](https://www2.paloaltonetworks.com/blog/category/cloud-computing-2/)
* New Capabilities Scan for...

# New Capabilities Scan for Sensitive and Publicly Exposed Data

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fscan-sensitive-and-publicly-exposed-data%2F)  
[](https://twitter.com/share?text=New+Capabilities+Scan+for+Sensitive+and+Publicly+Exposed+Data&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fscan-sensitive-and-publicly-exposed-data%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fscan-sensitive-and-publicly-exposed-data%2F&title=New+Capabilities+Scan+for+Sensitive+and+Publicly+Exposed+Data&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/scan-sensitive-and-publicly-exposed-data/&ts=markdown)  
\[\](mailto:?subject=New Capabilities Scan for Sensitive and Publicly Exposed Data)  
Link copied  
By [Samuel Lee](https://www.paloaltonetworks.com/blog/author/samuel-lee/?ts=markdown "Posts by Samuel Lee")  
Jun 18, 2021  
4 minutes  
[Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown)  
[Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown)  
[Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)  
[AWS S3](https://www.paloaltonetworks.com/blog/tag/aws-s3/?ts=markdown)  
[data security](https://www.paloaltonetworks.com/blog/tag/data-security/?ts=markdown)

More [data leaked](https://www.paloaltonetworks.com/cyberpedia/data-leak) or was stolen [during the month of January 2021](https://www.computerweekly.com/news/252501400/More-data-stolen-in-January-2021-than-in-all-of-2017-says-report) than there was during the *entire year* of 2017. This may not come as a surprise, as the amount of data stored on the web has also grown exponentially during those years. What should be alarming though, is that the volume of reported breaches has also grown by triple-digit percentages for several years. Meaning the number of breaches continues to grow, and those breaches are also increasing in severity.

To help our customers better protect their cloud data in the face of such growing risks, Prisma Cloud Data Security now allows users to scan data for public exposure, and scan for [sensitive data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data) within any publicly exposed data.

Let's take a look at how we are helping our customers tackle each of these use cases to prevent [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach).

## A Multifaceted Problem

After having many conversations with customers, we've found that data security challenges tend to fall into three categories: the sheer volume of data makes it difficult to gain a comprehensive view; the data itself is constantly changing; and the data is often shared among numerous external third parties.

Given these challenges, customers are faced with two common questions:

- *Is any of my data publicly available?*

- *Does any of my publicly accessible data contain sensitive information?*

The first question often comes from cloud-first organizations or hybrid-cloud organizations that use cloud storage as part of business operations. For these organizations, putting data in the cloud supports wider business needs such as scaling out projects or even for [data protection](https://www.paloaltonetworks.com/cyberpedia/what-is-data-security) reasons. So while these organizations have clear plans to put operational and/or sensitive information into the cloud, it is certainly not their intention to share this information beyond the organization.

The second question is frequently brought up by organizations that are knowingly sharing things like AWS S3 buckets with third-party vendors or customers, but are concerned about sensitive data within those buckets. For these organizations, day-to-day operations require that business data be stored on public buckets, but they do not expect those public buckets to contain any sensitive data.

Unfortunately the answer much of the time is that data *is* publicly exposed, *and* it contains sensitive information. Recently, the [Unit 42 Cloud Threat Research team](https://unit42.paloaltonetworks.com/highlights-cloud-threat-report-1h-2021/) found that 35% of businesses permit their cloud storage resources to be publicly accessible, and 30% of organizations with publicly accessible cloud data appear to be storing sensitive information (e.g., personally identifiable information, intellectual property, healthcare, and financial data).
![Prevalence of sensitive data types among sensitive data stored in the cloud](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/06/word-image-70.png)
Prevalence of sensitive data types among sensitive data stored in the cloud

## How Prisma Cloud Helps

To help our customers with these two use cases, Prisma Cloud Data Security now provides two more options on top of the existing comprehensive scan: public exposure scanning and sensitive data scanning on publicly exposed data.

##### Scanning for Public Exposure

The feature lets customers scan all objects within selected S3 buckets and shows the status of each object, providing security teams with a baseline for their data-exposure landscape.
![Configuring Prisma Cloud scans for public exposure and sensitive data](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/06/word-image-71.png)
Configuring Prisma Cloud scans for public exposure and sensitive data

##### Scanning for Sensitive Information in Publicly Exposed Data

This offers an object-level approach by performing a two-pass scan. First, for all selected buckets, the objects within are scanned for public exposure. Then, the publicly exposed objects will be scanned again for sensitive data such as financial information, health information, or personally identifiable information (PII).

With these options, security teams are now able to focus on other high-impact tasks by reducing the time and energy spent on scanning. A second, useful benefit is the reduced cost of scanning that comes as a result of being able to narrow efforts to only publicly exposed buckets.

## Begin Using the New Scanning Features

These two new additional scan capabilities will be available in the coming quarter.

In the meantime, you can learn about operationalizing other [CSPM](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-security-posture-management) strategies in our white paper, [Guide to CSPM Tools](https://www.paloaltonetworks.com/resources/ebooks/guide-to-cloud-security-posture).

*** ** * ** ***

## Related Blogs

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

[#### 5 Common Causes for Cloud Storage Breaches](https://www2.paloaltonetworks.com/blog/cloud-security/causes-cloud-storage-breaches/)

### [Data Loss Prevention](https://www.paloaltonetworks.com/blog/category/data-loss-prevention/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown)

[#### Solving Data Security in the AI-Powered Work Era](https://www2.paloaltonetworks.com/blog/sase/solving-data-security-in-the-ai-powered-work-era/)

### [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Data Detection and Response](https://www.paloaltonetworks.com/blog/cloud-security/category/data-detection-and-response/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)

[#### Achieving Cloud Data and Compliance: How You Can Make It Work](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-data-compliance/)

### [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)

[#### Cloud Compliance: Protecting Your Data and Maintaining Trust](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-compliance-protecting-your-data-and-maintaining-trust/)

### [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Prisma Cloud Provides New Extensive Use Cases for Azure Customers](https://www2.paloaltonetworks.com/blog/cloud-security/prisma-cloud-provides-new-extensive-use-cases-for-azure-customers/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown)

[#### JSON Preview Helps Build Custom Policies in RQL Faster Than Ever](https://www2.paloaltonetworks.com/blog/cloud-security/json-preview/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language