Getting Started with Detections (beta)

Available for the following Plan types:

FullStory Enterprise

FullStory Business

FullStory for Mobile Apps

FullStory Free

Available to the following User roles:

Admin

Architect

Standard

 

 

This feature is currently in beta. To learn more about testing it out, contact support@fullstory.com.

FullStory goes to great lengths to ensure you don't capture sensitive data in your account. In addition to providing customers with settings to prevent sensitive data from being captured, we also offer a way to detect sensitive PII in nearly real time.

Detections monitors for the presence of possibly-sensitive data and provides relevant sessions for further investigation. False-positives can be flagged to ignore. True-positives should be reported for resolution.

How It Works

This feature is built around a specific event type known as a Detection Event. These types of events monitor for the presence of any string that matches a predefined, Detection Rule pattern. These events will be generated anywhere that FullStory is capturing data - including the DOM, network headers & bodies, console logs, and URLs. 

The Detections Beta includes two predefined Detection Rules to monitor for Social Security Numbers and Credit Card Numbers.

Investigating Detection Events

Detections will automatically aggregate within a table and rank similar Detection Events by volume within the chosen time range. Within the table, select ‘Watch Sessions’ from the vertical ellipses at the end of a row to populate a playlist of sessions specific to a given Detection Event. 

FullStory 2022-03-11 at 9.25.26 AM.jpg

Clicking play for any session will start replay a few moments before the Detection Event was generated. You can also select the Detection Event in the Event Stream in order to pause replay at the exact moment in question.

FullStory 2022-03-11 at 9.31.57 AM.jpg

To avoid compounding the problem of unwanted PII, FullStory avoids reprinting the string in the Event Stream. But the Detection Event’s Source will give you a clue for where to look:

  • UI Element, InputElement, and NavigationURL sources are usually visible on a page
  • NetworkURL, RequestHeader, ResponseHeader, RequestBody, and ResponseBody sources will be found in Dev Tools under the Network tab
  • ConsoleLog and Exception sources will be found in Dev Tools under the Console tab

False Positives

False-positives are very common, especially when first getting started with Detections. If you’ve confirmed the presence of a false-positive, you can easily add an Ignore Rule to stop generating future Detection Events that match that Type + Source + Detail + Selector (if applicable). Note that events previously generated will remain visible until their associated sessions expire. However, you have the option of adjusting the time range to filter these events out of the aggregated list.  

FullStory 2022-03-11 at 9.36.37 AM.jpg

Modify Ignore Rules

There are advanced options that allow you to edit any created Ignore Rule to be more or less specific. You can edit any Ignore Rule by selecting 'Edit' from the vertical ellipses with the Detections Ignore Rules table. 

FullStory 2022-03-11 at 9.39.33 AM.jpg

True Positives

If you’ve confirmed the presence of unwanted PII, please reference What to do if sensitive data has been captured to begin immediate steps to resolve. 

 

Need to get in touch with us?

The FullStory Team awaits your every question.

Contact us