Discover Sensitive Data & Compliance

Log into Console.

Click Web App & API Protection.

Confirm the correct namespace is selected.

Select Manage > API Management > Sensitive Data Discovery.

In the Name field, enter a name for the new discovery.

Optionally, select a label and enter a description.

Select compliance framework(s) you wish to follow (GDPR, HIPAA, PCI-DSS, etc.)

If there are data types in compliance frameworks you have selected, and you don't want them labeled as sensitive data, you can add them to the Disabled Built-In Sensitive Data Types list. For each such item,

• Click Add Item
• Select a sensitive data type from the new drop-down list.

If you require custom data types, then click Configure under Defined Custom Sensitive Data Types to start building a list. For each such item,

• Click Add Item
• Select a previously defined custom sensitive data type from the new drop-down list. If you need to create a new one, you can click Add Item from the drop-down list or follow Step 2 below.
• Click Apply when you have finished building the list.

Click Save and Exit to save your new discovery.

Navigate to Security > API Management > Data Types

Click Add Data Type.

In the Name field, enter a name for the new data type.

Optionally, select a label and enter a description.

Click Configure under Data Type Rules to start building a rule list. For each rule you want to create,

• Click Add Item.
• Specify the Detection Rule: From the Pattern Choice menu, select how to search for the Data Type. You can search by Key Pattern, Value Pattern, or Key-Value Pattern. For each of these options, you can match by exact value or using regular expressions (regex) using the menu options provided.
• Click Apply to complete rule creation.
• Click Apply to save the list of Data Type Rules.

Make sure Mark as Sensitive Data is checked to enable vulnerability detection.

Check the Mark as PII checkbox if your data type is for personal identifiable information.

Use the Relevant Compliances drop-down menu to select compliances that enforce this data type.

Click Save and Exit to save the data type.

Navigate to Manage > Load Balancers > HTTP Load Balancers

Select ...>Manage Configuration for your load balancer to view its configuration. Next select Edit Configuration in the upper right corner to edit its configuration.

Scroll down to the API Protection section.

In the Sensitive Data Discovery drop-down menu, select either Default or Custom.

• For Custom, select an existing discovery or click Add Item from the Specify Sensitive Data Discovery drop-down menu. See Step 1 above for information on creating a new Sensitive Data Discovery.

Click Save and Exit to save changes to the load balancer.

Navigate to Overview > Security.

Scroll to the bottom and click the name of your load balancer in the Application Delivery section. This will bring up the security dashboard for that load balancer.

Click the API Endpoints tab.