The automated or manual capability to scan a large volume of data to pinpoint exactly what data is sensitive, and why it is sensitive (e.g., what is its categorization, what is its classification, and which law protects it). Legacy discovery and classification tools use predefined regular expressions in the form of “nine digits equals a US Social Security number.” These regular expressions create many false positives (for example, many other types of data can be nine digits, including synthetic and test data). The volume of false positives causes many organizations to constantly re-tune their regular expressions before abandoning their discovery and classification efforts. Frictionless data discovery and classification solutions apply automated reasoning to learn the sensitivity of data as they scan. This means fewer false positives, along with insights that include intellectual property and trade secrets unique to the organization. Frictionless data discovery and classification is an essential component of a DSPM solution.