Sensitive data protection

Configure a data obfuscation profile to prevent unauthorized access to sensitive or personal identifiable information in IBM® QRadar®.

Data obfuscation is the process of strategically hiding data from QRadar users. You can hide custom properties, normalized properties such as user names, or you can hide the content of a payload, such as credit card or social security numbers.

The expressions in the data obfuscation profile are evaluated against the payload and normalized properties. If the data matches the obfuscation expression, the data is hidden in QRadar. The data might be hidden to all users, or only to users belonging to particular domains or tenants. Affected users who try to query the database directly can’t see the sensitive data. The data must be reverted to the original form by uploading the private key that was generated when the data obfuscation profile was created.

To ensure that QRadar can still correlate the hidden data values, the obfuscation process is deterministic. It displays the same set of characters each time the data value is found.