We are excited to announce a significant new addition to Upwind’s API Security capability – the automatic discovery and classification of sensitive data flows.
Upwind automatically tracks sensitive data routes and classifies sensitive data as PCI, PII, and PHI by analyzing API samples recognized by the Upwind sensor, making it easy to identify where you are at elevated risk.
Examples of sensitive data that Upwind identifies include:
- PHI data: patient information, medical records & insurance information
- PII data: SSNs, IDs and emails
- PCI data: credit cards and billing information
How Upwind Identifies Sensitive Data Flows
In order to identify sensitive data flows, Upwind searches for patterns at the packet level and then masks any data found, ensuring it remains secure and is never sent outside of your environment. When an API request for sensitive data is detected, Upwind labels it with a sensitive data tag and classifies it by its type and category, such as PCI for a MasterCard number. We are continuing to extend this capability, and customers will soon be able to create their own custom regular expression (regex) to classify sensitive data.
Use Upwind’s automated sensitive data flow tracking to easily understand API data security risks, prioritize remediation efforts for APIs with sensitive data flows, and ensure a proactive approach to data security.
Learn More
To learn more about Upwind API Security, visit the Upwind Documentation Center (login required), or schedule a demo.
