Sensitive Data

Protecting sensitive data—such as personally identifiable information (PII), financial data, IP addresses, etc.—is essential for any organization. Unauthorized access or misuse of this information can lead to reputation damage, legal consequences, and financial loss. By automating the detection of sensitive data in your environment, Panoptica helps streamline your data protection processes, reducing the risk of data breaches and ensuring compliance with regulations such as GDPR and CCPA.

To view the list of Sensitive Data that Panoptica is scanning for, navigate to Settings in the main navigation pane, then API Security. Go to the Sensitive Data subtab.

For each Pattern Name, the table details the Category of sensitive data identified (PII vs network data), along with the pattern type and whether the pattern is active or not. Panoptica scans for sensitive data in:

• The request and response headers
• The event body
• The authentication object (JWT)
• URLs
• Cookies

Click on any row in the table to pop up a side window that displays additional details about that pattern.

• Click Copy Link to save a URL to this detail view. This is useful for recording the details or sharing this information with others.
• Under Regular Expression you'll find the content pattern Panoptica is scanning for.
• If there are any APIs in your environment containing this pattern, they will appear under Affected APIs.

Clicking the API name will open the API Asset Details in a new tab, where you can view additional information on the affected API.

Browse to the Sensitive Data subtab to learn about the sensitive data Panoptica has discovered, including endpoint details and when it was last observed.

📘

Privacy Note

Being sensitive, the data itself never leaves your environment. Panoptica is simply notifying you of the presence of such information in your APIs, and where it resides.