Q&A: What is a "sensitive parameter" in the WAF policy?



  • What is the sensitive parameter option in the WAF policy?
  • How can I make it so that parameters like Password or that contains Personal Identifiable Information (PII) DOES NOT show up in the WAF violation logs



  • WAF
    • WAF questionnaire
    • WAF policy




WAF Policy

  • An option is available to each parameter entity (wildcard/explicit)
    • Allows the option to hide/mask content within the parameter value so that the content is/are not visible in logs nor in the user interface


If you find that you have parameters and would like to make them not visible, please open a ticket with the SOC and report the list of parameters to mask the values on or provide Support ID(s). 


Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request