The challenge
Protect sensitive data at the source
Security teams must process large volumes of sensitive information from user credentials and PII to configuration details. Without controls, this data flows into SIEMs and analytics platforms, increasing compliance risks, exposing private data, and adding noise. Manual scrubbing is unreliable, time-consuming, and impossible to scale.
The Solution
DataStream – intelligent security telemetry pipeline
Policy-based redaction
Define redaction and masking policies directly in the pipeline to automatically protect sensitive fields like credentials, PII, or tokens.
Context-aware masking
Target specific data types or fields based on source, dataset, or event context, ensuring precision without losing analytical value.
Consistent application
Redaction happens automatically and consistently across all incoming data, removing the risk of human error or uneven coverage.
Compliance alignment
Policies are designed to meet regulatory requirements (GDPR, HIPAA, PCI DSS) and support secure audits without exposing sensitive data.
Key benefits
Why this approach works
Frequently asked questions
What data can be redacted or masked?
Common fields include usernames, passwords, IPs, tokens, and PII (emails, phone numbers), but policies can be extended to any field.
Does redaction affect SIEM rules or analytics?
No. DataStream keeps the structure and context intact, so correlations and detection rules still work accurately.
Is redaction reversible?
No. Once data is masked or removed, it cannot be restored, ensuring compliance and privacy.
How is this configured?
Redaction and masking policies are managed through the UI with no-code rules, making setup quick and scalable.
Get DataStream on Azure Marketplace
Deploy DataStream in minutes with Azure Managed Identity support built in. No credential management, no manual setup.