PII Protection

Overview

PII Protection helps organizations detect and protect sensitive personal data during user activity. It uses PII Rules to identify sensitive values and apply the selected protection method when a match is found.

PII Rules support both keyword-based and regex-based matching. This allows organizations to protect fixed terms as well as structured data such as credit card numbers, social security numbers, phone numbers, and other regulated information.

How it works

PII Protection evaluates content against configured PII Rules and protects matched values based on the selected settings.

Protection can be applied to both Data Entry and Content Display.

In Data Entry, DefensX inspects content as it is entered. When a protected value is detected, the user sees a Sensitive Data Blocked message and the matched value is protected based on the configured method.

Screenshot%202026 04 14%20at%2014.25.28

Asterisk replaces the matched value with asterisk characters, ensuring that no original data remains to be sent:

Screenshot%202026 04 14%20at%2014.26.36

In Content Display, DefensX protects matched sensitive values when they appear in displayed content.

Blur visually obscures the matched value:

4e53afc9 bc06 44da bc28 cc2b3a9ef4e1

PII Rules

PII Rules define the values and patterns that DefensX should detect and protect.

Keyword-based rules are used for known words, phrases, or fixed terms.


Regex-based rules are used for structured data patterns such as credit card numbers, social security numbers, and other formatted identifiers.

This allows organizations to configure detection based on their data protection requirements.

Configuration

To configure PII Protection, first create the required PII Rules by adding keyword or regex and selecting the required protection scope, such as Data Entry and Content Display.

Screenshot%202026 04 13%20at%2020.23.08

+New Keyword Rule:

Screenshot%202026 04 13%20at%2020.24.38

+New Regex Rule:

Screenshot%202026 04 13%20at%2020.23.51
Screenshot%202026 04 13%20at%2020.24.16

Next, create a Custom URL Group and add the relevant addresses.

Then apply the PII Protection Rules in the relevant policy. The policy action must be set to Allow, Isolate or ReadOnly as this is required for PII Protection enforcement.

Screenshot%202026 04 14%20at%2014.10.50

Once configured, addresses included in the Custom URL Group are evaluated against the assigned PII Rules.

Summary

PII Protection helps organizations protect sensitive personal data by detecting matched content and applying the configured protection method. With support for keyword and regex matching across Data Entry and Content Display, it provides flexible protection based on organizational requirements.