Sensitive data

Sensitive data is classified information that must be protected and is not accessible to anyone that is not authorized to view the information. A breach in protection of sensitive information can be costly for the organization. To protect sensitive data, first, it must be defined and identified correctly correctly. You can define your sensitive data in datatypes in Data Classification. Once the sensitive data is defined, Traceable discovers the sensitive data flowing through the various API Endpoints.  Traceable provides you with a summary as well as in-depth view of the sensitive data. Navigate to API Catalog > Sensitive Data.

Sensitive data summary

Traceable provides a summary of sensitive data it has observed in the selected time period. For example, in the above screenshot, the sensitive data summary is for the last 3-days. As shown, Traceable has seen 59 sensitive Data Types. These 59 sensitive Data Types are associated with 1339 API Endpoints. The summary also shows the top 10 observed Data Sets. For more information on Data Sets and Data Types, see Data Classification. The Observed Sensitivity of critical, high, medium, and low is the one that you have assigned to a Data Set when you add a new Data Set. 

Sensitive data details

You can view detailed information about sensitive data based on various filters. For example, in the Data Types tab, you can choose to view all the sensitive data associated with a specific API. Click on the API Endpoint drop-down list and choose the API Endpoint for which you want to view the associated sensitive data. You can do the reverse of viewing all the API Endpoints associated with a specific sensitive data by clicking on the sensitive data. You can further navigate to the specific API Endpoint details page as shown in the short demo below.

You can view information in detail with more granular filtering by clicking on the Endpoints tab. For example, in the Endpoints tab, you can filter results to view sensitive data for one or more Data Sets. You can also filter sensitive data based on Data Types or you can choose to view sensitive data exposed in a specific API Endpoint. This helps you in identifying if an API is exposing any unintended sensitive data. You can also view the associated risk score with the API Endpoint. By default, the Endpoints tab lists all the APIs and the associated sensitive data.