Getting Started with Detections

Available for the following Plan types:

FullStory Enterprise

FullStory Business

FullStory for Mobile Apps

FullStory Free

Available for the following User roles:

Admin

Architect

Standard

 

Note: Detections is an early access limited release. If you are interested in gaining early access to this feature, please fill out this form and our team will be in contact with you.

FullStory goes to great lengths to ensure you don't capture sensitive data in your account. In addition to providing customers with settings to prevent sensitive data from being captured, we also offer a way to detect sensitive PII in nearly real time.

Detections monitors for the presence of possibly-sensitive data and provides relevant sessions for further investigation. False-positives can be flagged to ignore. True-positives can be resolved by adding a new mask or exclusion rule. Support can assist if session data needs to be deleted.

How It Works

To make this feature possible, we’ve introduced a new event type: A Detection Event monitors for the presence of any string that matches a predefined, Detection Rule pattern. These events will be generated anywhere that FullStory is capturing data in the DOM. 

The Detections includes two predefined Detection Rules to monitor for Passwords and Credit Card Numbers.

Investigating Detection Events

Detections will automatically aggregate and rank similar Detection Events by volume within the chosen time range. Select ‘Watch Sessions’ from the kabob menu to populate a playlist of sessions specific to a given Detection Event. 

image3 1.png

Clicking play for any session will start replay a few moments before the Detection Event was generated. You can select the Detection Event in the Event Stream in order to pause replay at the exact moment in question.

image4 1.png

To avoid compounding the problem of unwanted PII, FullStory avoids reprinting the string in the Event Stream. To assist in finding the data in question, you can select the Detection Event from the event stream and playback will highlight the element in question with a pink border. However, in some cases Detection Events are triggered by attributes not visible on page. For these situations, admins can expand the Detection Event in the event stream to further investigate the CSS selector for any issues. 

False Positives

False-positives can be common, especially when first getting started with Detections. If you’ve confirmed the presence of a false-positive, you can easily add an Ignore Rule to stop generating future Detection Events that match that Type + Source + Detail + Selector (if applicable). Note that events previously generated will remain visible in playback until their associated sessions expire. However, by default these events will be hidden from the the Detections UI.

image1 1.png

Advanced users can edit any created Ignore Rule to be more or less specific.

 

Need to get in touch with us?

The FullStory Team awaits your every question.

Contact us