Sensitive Parameter Client Side Encryption

Question

Hi All,
We have set some of the parameters as sensitive for the login pages and confirmed all those sensitive parameters values are masked in the ASM Logs.&nbsp;
Query: Whether the ASM Sensitive Parameter feature will mask the sensitive parameter values only in the ASM Logs ? (Verified the parameter values at Client Browser, Proxy(Fiddler) and confirmed sensitive parameters values are not encrypted)&nbsp;
If ASM Sensitive Parameter and Websafe Credential Protection are different features, please suggest alternate options like irule to enable sensitive parameter encryption at client side. Note: BigIP is licensed with ASM and LTM.&nbsp;

samstep · Answer

Answered here: https://devcentral.f5.com/questions/client-side-sensitive-parameter-encryption-62406&nbsp;

brandon_12607 · Answer

That would be nice. FPS would need to be licensed&nbsp;

Forum Discussion

Sensitive Parameter Client Side Encryption

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Load Balancing TCP TLS Encrypted Syslog Messages

Automate Let's Encrypt Certificates on BIG-IP

Mitigate OWASP LLM Security Risk: Sensitive Information Disclosure Using F5 NGINX App Protect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS