- 08 Oct 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Sensitive data
- Updated on 08 Oct 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Sensitive information refers to private or confidential data that should be protected from unauthorized access or disclosure. This can include personal information such as social security numbers, financial information such as credit card numbers, and confidential business information. It is important to protect sensitive information because unauthorized access or disclosure can result in identity theft, financial loss, and damage to an individual's or organization's reputation. In some cases, unauthorized access or disclosure of sensitive information can also be illegal.
To protect sensitive data, it must first be defined and identified correctly. You can define your sensitive data in datatypes in Data Classification. Once the sensitive data is defined, Traceable discovers the sensitive data flowing through the various API Endpoints. Traceable provides a summary and an in-depth view of the sensitive data. Navigate to API Catalog → Sensitive Data.
Sensitive data summary
Traceable summarizes sensitive data it has observed in your application system. For example, in the above screenshot, the sensitive data summary is shown with 27 Sensitive Data Types. These 27 sensitive Data Types are associated with 1525 API Endpoints. The summary also shows the selected period's top 10 observed Data Sets. For more information on Data Sets and Data Types, see Data Classification. When you add a new dataset, the observed sensitivity of critical, high, medium, and low is the one you assign to a dataset.
Sensitive data details
You can view detailed information about sensitive data based on various filters. For example, in the Data Catalog tab shown in the above screenshot, you can view all the sensitive data associated with a specific API. Click on the API Endpoint drop-down list and select the API Endpoint to view the associated sensitive data. You can reverse view all the API Endpoints associated with specific sensitive data by clicking on the sensitive data name. You can further navigate to the specific API Endpoint details page by clicking on an API name.
Click on the Endpoints tab to view detailed information with more granular filtering. For example, in the Endpoints tab, you can filter results to view sensitive data for one or more Data Sets. You can also filter sensitive data based on Data Types or select to view sensitive data exposed in a specific API Endpoint. This helps you identify if an API is exposing any unintended sensitive data. You can also view the associated risk score with the API Endpoint. By default, the Endpoints tab lists all the APIs and associated sensitive data.
Furthermore, Traceable provides a Third Party tab to view information about sensitive data flowing through third-party domains and their associated APIs. Like the Endpoints tab, you can filter sensitive data based on various attributes, such as caller service, data types, sensitivity, etc.