Introducing pdscan: Scan Your Data Stores for Unencrypted Personal Data

It's important to understand where personal data is stored in your applications. Personal data that’s not encrypted at the application level is especially vulnerable in the event of a breach.

pdscan is a command line tool to help you identify this data.

pdscan

It uses data sampling and column naming to find data and produces minimal database load. It scans for:

It also scans for other unencrypted sensitive data, like OAuth tokens, which could be used to access personal data. It currently supports Postgres, MySQL, MariaDB, and SQLite, but it shouldn’t be too difficult to add other data stores like MongoDB and Elasticsearch. It’s written in Go, so it’s fast and has no runtime dependencies.

Give pdscan a try today.

Published February 25, 2019 · Tweet


You might also enjoy

Securing Sensitive Data in Rails

Learn Data Science

Rails, Meet Data Science


All code examples are public domain.
Use them however you’d like (licensed under CC0).