Historical scans

Historical scans have been redesigned to provide you with improved event data and remediation controls, along with all-new reporting. Manage historical data in a dedicated area of the Hub, which separates historical scan data from incremental scan data. 

• Historical scan data: events generated when a user sets up a historical scan with specific connection, policy, and timeframe parameters—the events are contained to individual historical scan reports
• Incremental scan data: events generated in real time based on enabled policies—populated in the Events table 

With the release of this feature, historical scan data is separated from the incremental data and will live in self-contained reports. Note: Past historical scan data will remain in the event table. Please reach out to the Polymer team about data migration concerns.

How to create a historical scan

The new historical scan gives you more flexibility to test policies, model security scenarios, and analyze historical data without affecting your real-time risk profile. Take the following steps to create a historical scan:

1. Navigate to the Historical scan area of the Hub.
   
   
2. Select the Create new historical scan button in the top right corner of the screen.
   
   
3. Select the connection you want to scan from the dropdown in the Create historical scan modal, and select Continue. 
   1. Note: Enable at least one repository in a connection to run a historical scan. Navigate to the connection settings screen to enable repositories. 
      
      
4. Select the policies to scan for in the connection selected. You can select both enabled and disabled policies. Once all desired policies are chosen, select Continue.
   
   
5. Set the details and timeframe.
   
   
   1. Create a scan name and set the date range. 
   2. To take remediation action according to the policies set, select the Take remediation action according to the policy checkbox.
      1. Note: The scan will not send policy Alerts or Nudges. 
6. Select Start scan.
   1. Historical scans are processed one by one, and additional scans will queue in the order they’re requested. You can cancel queued and in-process scans from the Historical scan table or report.
7. Access the scan report from the Historical scan table by selecting the date cell or selecting the Actions dropdown to View details. 
   1. The Hub user who created the scan will receive an email once the scan is complete. 
8. Export the report data from the Data tab by selecting the table action button and then Export CSV. 

Historical scans are currently supported for the following connections:

• Box Enterprise
• GitHub Enterprise
• Gmail
• Google Drive Enterprise
• Jira
• Microsoft OneDrive Enterprise
• Salesforce
• Zendesk

Historical scan reports

Set up as many historical scan reports as you like, dive into the event data they reveal, and take automated remediation action. The historical scan report contains a Report tab and a Data tab. The data tab includes a table of the events detected during the scan. The report tab contains the following data visuals:

Risk score

The risk score synthesizes the risk scores of all the events detected in the historical scan.

Scan highlights

Scan highlights are a snapshot of the scan’s setup parameters and the high-level outputs of those parameters. The following elements are highlighted:

• Events - the total number of policy events detected
• Entities - the total number of entities detected in the events
• Assets - the total number of assets scanned
• Size - the size of the environment scanned
• Time - The time it took the scan to run, not including queue time
• Connection - The connection scanned
• Policies - The policies Polymer is scanning for - any policy, even disabled policies, can be used in the historical scan
• Scan date range - the timeframe set in the scan creation
• Created by - the Hub user who requested the scan

User risk

User risk lists the top five users with the most frequent and severe event activity. It’s the cumulative risk scores for all events they generated.

–

Polymer is excited to build upon the new historical scan foundation and expand its capabilities. Please reach out to the Polymer team to let us know more about your historical scanning and reporting needs.