General availability: Sensitive Data Protection for Application Gateway Web Application Firewall
Share
Services
Azure's regional Web Application Firewall (WAF) running on Application Gateway now supports sensitive data protection through log scrubbing. When a request matches the criteria of a rule, and triggers a WAF action, that event is captured within the WAF logs. WAF logs are stored as plain text for debuggability, and any matching patterns with sensitive customer data like IP address, passwords, and other personally identifiable information could potentially end up in logs as plain text. To help safeguard this sensitive data, you can now create log scrubbing rules that replace the sensitive data with "\*\*\*\*\*\*".
Sensitive data protection using log scrubbing supports the creation of rules using the following variables:
* Request Header Names
* Request Cookie Names
* Request Arg Names
* Request Post Arg Names
* Request JSON Arg Names
* Request IP Address
Learn more about [log scrubbing rules](https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/waf-sensitive-data-protection).
Learn how to [create your own log scrubbing rules](https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/waf-sensitive-data-protection-configure) for sensitive data protection.
* Application Gateway
* Web Application Firewall
* Features
* Security
* [ Application Gateway](https://azure.microsoft.com/en-gb/products/application-gateway/)
* [ Web Application Firewall](https://azure.microsoft.com/en-gb/products/web-application-firewall/)
What else is happening at Microsoft Azure?
Read update
Services
Share
Read update
Services
Share
We’re retiring Azure Time Series Insights on 7 July 2024 – transition to Azure Data Explorer
May 31st, 2024
Services
Share