Mask sensitive data in ASM

Question

Hi all,&nbsp;from theASMmodule, I canmask some data(such as passwords)inlogsthataresenttoanexternalsyslog?&nbsp;
&nbsp;Thanks
&nbsp;m&nbsp;

mike_maher · Answer

Depending on what version of the software you are running, when you create a parameter there is a check box to mark it as a sensitive parameter and that will hide the value in the logs&nbsp;

hooleylist · Answer

Hi Mauro, 
&nbsp;  
&nbsp; Are these parameters in the HTTP request URI or payload that you want to mask?  If so, have you configured them as sensitive parameters in the policy?  I'm not sure whether ASM supports masking sensitive data outside of parameters though. 
&nbsp;  
&nbsp; Aaron

mauro_59211 · Answer

Thanks for your answers, 
&nbsp; Use this release: 
&nbsp; BIG-IP 10.2.1 Build 297.0 Final, 
&nbsp; the parameter are in payload. 
&nbsp;  
&nbsp; I thought the field was reported only sensitive to the responses of the web server to the client, and not to the logs, but I read now in the online web help that is also working on the logs :-) I  try now its, thanks 
&nbsp; mauro

Forum Discussion

Mask sensitive data in ASM

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

Deploy High-Availability and Latency-sensitive workloads with F5 Distributed Cloud

irule or ASM Dataguard to mask sensitive data.

Response port masking

Lightboard Lessons: OWASP Top 10 - Sensitive Data Exposure

Mitigation of OWASP API Security Risk: Unrestricted Access to Sensitive Business Flows using F5 XC

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS