The second half of your question is a bit more challenging. Searching systems for the presence of sensitive data...
(such as credit card numbers or SSNs) is a hot topic these days. Given the recent spate of high-profile data security breaches, organizations are keen to secure known stores of sensitive information, as well as ferret out any dangerous unknown goldmines. There are open source security tools to assist with this task, like Spider from Cornell University. The downside to any of these tools is that they're bound to have a high false-positive rate, and the only solution is spending time analyzing log files.
Dig Deeper on Identity Theft and Data Security Breaches
Related Q&A from Mike Chapple
Vulnerability scanning tools are necessary to be fully compliant with PCI DSS, but the tools need to come from a PCI DSS Approved Scanning Vendor. ...continue reading
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you...continue reading
The FFIEC Cybersecurity Assessment Tool has faced harsh criticism since its 2015 release. Expert Mike Chapple reviews the tool and how it can be ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.