DATA RECON 2.0.25
DATA RECON can scan local storage for sensitive data.
Local storage for a host would include the contents of local physical storage drives, and the contents of removable media (e.g. USB drives) mounted on the host.
Within the "Local Storage" tab, you can manage the locations on local storage that DATA RECON will scan.
Removable media will also appear here.
Scan specific directories by typing the full path for the location you want to scan in the "Path" field. For example:
# Example path for Windows systems
# Example path for Unix-like systems ~/filePathName/
You can scan the following local storage types:
All local files
By default, DATA RECON scans all local files on local storage drives.
You can select which paths on your local storage drives that you want to include and exclude in a scan.
All local shadow volumes
(Windows only) Shadow volumes are a feature of computers that use Windows NTFS as their filesystem. Shadow volumes (also known as Shadow Copies) are part of Microsoft’s Volume Shadow Copy Service, and are typically used by Windows systems for Windows backup services or for creating System Restore Points.
For more information about shadow volumes, please see: https://technet.microsoft.com/en-us/magazine/2006.01.rapidrecovery.aspx
All local free disk space
(Windows only) Deleting files from a file system may not remove all traces of them; in some cases, sensitive data may remain in disk space freed-up by deleting files. Scanning local free disk space makes sure that traces of data left behind by deleted files do not contain sensitive data.