AppD Blog Archive
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Article

Announcing Sensitive Data Masking for logs

Gatha_Sehgal
New Member
‎07-31-2023 09:41 AM

Configure automatic redaction of log message fields or patterns before indexing and storage 

Announcing the release of Sensitive Data Masking capability for logs as a part of Data Security on Cloud Native Application Observability, powered by the Cisco FSO Platform.

Why Sensitive Data Masking for logs? | How does the Cisco FSO Platform power Sensitive Data Masking for logs? | What's coming in the Security Insights FSO, Q1 FY24? | Additional resources

 

Why Sensitive Data Masking for logs?

Masking sensitive data in logs is crucial for ensuring the protection and privacy of sensitive information. If exposed, personally identifiable information (PII), financial details, and healthcare records pose significant risks. By masking this data in logs, organizations can prevent unauthorized access, comply with data protection regulations, mitigate insider threats, reduce the attack surface for potential breaches, and enable effective auditing and investigation without compromising sensitive information.  

Back to top

How does the Cisco FSO Platform power Sensitive Data Masking for logs?

Sensitive data masking capability for logs serves as the first proof point of the Cisco FSO Platform’s tenant-specific configuration, establishing a solid foundation for rapid development and expansion. This capability leverages the robustness of the Platform by using the Logs and Events Processing service to obfuscate the logs data and store the tenant-specific masking configurations in the Orion configuration store. By harnessing the Dashbase store, the Platform ensures that masked log records are securely stored, eliminating the need for raw message storage and ensuring adherence to the security standards within organizations. 

image.pngMasking Rules, list view

image.pngMasking Expressions, list view

image.pngLog Explorer View displaying masked Social Security Number (SSN)

Back to top

What's coming in the Security Insights FSO?

The Cisco FSO platform will offer the essential capability for manually configuring masking expressions and rules, and upcoming phases will introduce the Security Insights module providing automated sensitive data masking 

First unveiled at Cisco Live 2023, the Security Insights FSO platform module will launch in Q1 FY 24, delivering data security (sensitive data leakage) insights prioritized with Business Risk Observability (BRO).  

The data security capability within this module will also expand beyond logs to encompass events and traces. This evolution will significantly bolster the functionality and effectiveness of sensitive data masking, empowering organizations with more comprehensive and automated protection for their sensitive information. 

Back to top

Additional resources

0 Karma
Get Updates on the Splunk Community!

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

The Defining Technology Movement of Our Lifetime The advent of agentic AI is arguably the defining technology ...

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...