I need a solution
Has anyone written/configured DLP to prevent credit card numbers from being stored in DLP? Including the card numbers in the data means that I have to be audited each year for PCI compliance when I really don't need the full number.
I would like DLP to mask the appropriate digits needed for PCI compliance before it is stored in the incident database. I still know that someone tried to send CC data, but don't care about the number used.
I started down the Server FlexResponse route, but didn't get very far.
Thoughts?