Skip to main content
All CollectionsTemplatesBasic
Remove Public Links from Google Drive Detected by BigID - Workflow Template
Remove Public Links from Google Drive Detected by BigID - Workflow Template

On an alert from BigID where files with sensitive information are found publicly shared, loop over each finding and remove the public share.

Updated over 6 months ago

This workflow template, "Remove Public Links from Google Drive Detected by BigID," automatically addresses alerts triggered by BigID when sensitive information is discovered in publicly shared Google Drive files. It loops over the alerted files, removes any 'anyone with the link' sharing permissions, and notifies the user via Slack. If the user isn't found on Slack, it sends an update to a specified channel. This template enhances Application Security Operations by protecting sensitive data from unintended public access.

Take Me to the Template

Trigger

BigID

Use Cases

Application Security Operations

Workflow Breakdown

  1. Pull the list of files using the query that is provided as part of the alert from BigID

  2. Loop over the files and verify if they are shared with a link in Google Drive

  3. If a link is found, remove it from the file and update the user via Slack

  4. If the user is not found in Slack, update the channel as specified in the Workflow Context

Vendors

Slack, Utils, Google Drive, BigID

Workflow Output

Removal of public links to sensitive files.

Related Articles
Create IOCs on Malicious Files from a CrowdStrike Detection - Workflow Template
Label Google Drive Files Containing PII Identified by BigID - Workflow Template
Notify on Google Drive Files Containing PII Identified by BigID - Workflow Template
Handle Wiz Alert for Public Azure Container with Sensitive Data - Workflow Template
Handle Wiz Alert for Public AWS S3 Bucket with Sensitive Data - Workflow Template
Did this answer your question?