Forum Discussion

Nimbostratus

11 months ago

PCI Compliance and ASM

Hi, We are building a system that is to be PCI complient. The system will be hosted in segregated zone in the infrastructure... where we have: Load balancer to receive the external traffic We...

application delivery

security

VishnuGatla

Cumulonimbus

11 months ago

F5 WAF’s “Data Guard” prevents sensitive data (e.g., credit card numbers, SSNs) from logging or leaking in responses. It masks or blocks CHD in HTTP responses and logs, meeting PCI DSS requirements for plaintext CHD exposure. Use SSL bridging to prevent plaintext CHD exposure on the network.

Reference:

K34154012: Configuring Data Guard detection patterns (12.x - 17.x)

K8363: Using the Mask Data setting to protect sensitive data returned by the BIG-IP ASM

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

PCI Compliance and ASM

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Query on source IP preservation for syslog traffic through F5 virtual server

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Related Content

Decoding PCI-DSS v4.0: F5's Ridiculously Easy Guide to Technical Compliance

BIG-IP security hardening and compliance checks

Implementing F5 NGINX STIGs: A Practical Guide to DoD Security Compliance

Lightboard Lessons: PCI/DSS compliance with BIG-IP

Making WAF Simple: Introducing the OWASP Compliance Dashboard

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS