CMDB relationship mappings

Identifies cmdb relationship mappings patterns in security and access control contexts. Detects potential exposure of sensitive security information in international systems.

Type

regex

Engine

boost_regex

Confidence

medium

Confidence justification

structural regex with domain-specific anchors and constrained context replaces phrase-only marker. Added context gating and exclusion rules improve precision and reduce incidental matches.

Detection quality

Mixed

Jurisdictions

global

Regulations

GDPR

Data categories

credentials, security

Scope

wide

Platform compatibility

Purview: Compatible, GCP DLP: Compatible, Macie: Compatible, Zscaler: Compatible, Palo Alto: Degraded, Netskope: Unsupported

Pattern

(?is)\b(?:cmdb|configuration\s+item|service\s+map|dependency\s+map)\b

Corroborative evidence keywords

cmdb relationship mappings, cmdb, relationship, mappings, operations, resilience, proprietary, intellectual property, trade secret, patent, copyright, trademark, confidential, invention, prototype, algorithm, formula, source code, design document, research and development (+36 more)

Proximity: 300 characters

Should match

• CMDB relationship mappings — Exact phrase marker match
• cmdb relationship mappings — Case-insensitive phrase match
• CMDB relationship mappings — Normalized whitespace phrase
• structured sample with matching anchors — Structural anchor sample

Should not match

• unrelated generic text — No relevant phrase context
• placeholder value 12345 — Random text should not match phrase marker
• generic policy prose without anchors — Should reject generic mentions without structural anchor terms
• template example placeholder record identifier — Template/sample context should be excluded even when anchor words are present

Known false positives

• Authentication-related terminology in software documentation, security training materials, or system architecture descriptions without actual credentials. Mitigation: Require proximity to credential-specific patterns (API keys, connection strings, tokens) rather than general security terminology.
• Code snippets and configuration examples containing credential-related keywords or placeholder values in developer documentation. Mitigation: Check for common placeholder patterns (example.com, localhost, 0000) and documentation file types to reduce false positives from technical writing.

References

• https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism
• https://www.homeaffairs.gov.au/about-us/our-portfolios/emergency-management
• https://www.disasterassist.gov.au/
• https://www.oaic.gov.au/privacy/australian-privacy-principles-guidelines/chapter-11-app-11-security-of-personal-information