# Data Sensitive Data Discovery and Classification
Status: public
Confidence: medium (0.725) (verified)
Last verified: 2026-06-02
Generation: ai_structured


## TL;DR

Sensitive data discovery and classification help agents avoid exposing or moving regulated data without policy context.

## Core Explanation

Data agents often need to inspect datasets, logs, storage buckets, or warehouse tables. Before they summarize, copy, or index that data, they need to know whether it contains credentials, personal data, financial identifiers, health data, or other sensitive classes.

Classification results are evidence, not a guarantee. Agents should cite the detector, data location, sample window, classification label, and confidence or match details before recommending access changes, retention, masking, or deletion.

## Source-Mapped Facts

- Amazon Macie documentation describes Macie as a data security service that discovers sensitive data in Amazon S3. ([source](https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html))
- Google Cloud Sensitive Data Protection documentation describes inspection and de-identification for sensitive data. ([source](https://cloud.google.com/sensitive-data-protection/docs/concepts))
- Microsoft Purview documentation describes sensitive information types as pattern-based classifiers for sensitive information. ([source](https://learn.microsoft.com/en-us/purview/sit-sensitive-information-type-learn-about))

## Further Reading

- [Amazon Macie Overview](https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html)
- [Google Cloud Sensitive Data Protection Concepts](https://cloud.google.com/sensitive-data-protection/docs/concepts)
- [Microsoft Purview Sensitive Information Types](https://learn.microsoft.com/en-us/purview/sit-sensitive-information-type-learn-about)