Mask Sensitive Data on Prisma Cloud

Prisma Cloud Data Security can now mask how data is stored in snippets. A snippet is a piece of data that matches the Add a New Data Pattern in Prisma Cloud that you want to identify within your files. Snippet masking enables you to control how this sensitive data, such as credit card numbers or Social Security numbers, displays to administrators who can view the snippet within Prisma Cloud.
  1. Select
    Settings
    Data
    Snippet Masking.
  2. Select your masking option.
    There are three types of masks that you can apply to your sensitive data. The default option is
    Partial Mask
    which displays only the last four characters in clear text such as XXXX-XXXX-XXXX-1234. If you do not want to cloak sensitive data then you can toggle
    Do not mask
    which displays your data in plain text such as 1234-1234-1234-1234. The last option is
    Full Mask
    which cloaks all the values of the sensitive data such as XXXX-XXXX-XXXX-XXXX. When a mask is applied, 200 bytes before and after the pattern match is displayed.
  3. View snippets on Prisma Cloud.
    Before you can view a masked snippet, you will need to enable data security, add an AWS account and enable data security, and use the data policies to scan.
    1. Select
      Inventory
      Data
      Total Resources
    2. In the
      BUCKET NAME
      column, click the bucket that you want to analyze.
    3. In the
      OBJECT NAME
      column, click the object.
    4. View the masked snippet.
      The
      Snippet Status
      column displays the current Data Inventory of the scan. In order to view your masked data the
      Snippets Status
      must show a hyperlink with the anchor text of
      Available
      . Below is an example of the partial mask applied:

Recommended For You