For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

gowenfawr's avatar
gowenfawr
Icon for Nimbostratus rankNimbostratus
Aug 20, 2013

How to mask HTTP Authorization header in ASM logs, similar to sensitive parameters?

The subject pretty much says it all. We use the "Sensitive Parameters" setting described in Chapter 9 of the "Configuration Guide for BIG-IP Application Security Manager" to ensure that passwords an...
ASM Advanced WAF
security
Torti's avatar
Torti
Icon for Cirrus rankCirrus
Aug 21, 2013

... and you should trust your admins ;-) they always have the possibility to see sensitive data. It is only a nice feature, if you save the log files on an external server, you send a report to another employee or people have access to the system, who shouldn't see the sensitive data.

 

gowenfawr's avatar
gowenfawr
Icon for Nimbostratus rankNimbostratus
Aug 21, 2013
I understand and agree - an admin who could see this, could also run tcpdump/ssldump from the F5 and grab the same data. The difference is that I do have to show auditors things like the log interface, and I don't have to explain ssldump to them.