Privacy redaction

Before sharing evidence

Use this page before publishing a report, sending a ticket export, opening a public report link or sharing screenshots and HTML snapshots with another person. Privacy redaction keeps evidence useful without exposing secrets, credentials, payment details, private account content or unrelated customer data. Redaction is not a workaround for unsupported scope. If the page is private, out of scope, login-only or unsafe to scan, WebRiskOps should exclude or explain the missing evidence instead of trying to capture it.

• Redact secrets, tokens, credentials and payment method details from stored evidence.

Check redaction before sharing

Follow the path `Reports → Technical appendix → Evidence artifacts → Privacy redaction → Publish or export`.

1. Open /reports/{report} or /scans/{scanRun} for the evidence you plan to share. Result: the page shows the exact scan run, report, artifact and issue context before publication or export.
2. Check Technical appendix, issue evidence, screenshots and HTML snapshots before publishing or exporting. Result: customer-visible evidence is reviewed as one set instead of one isolated field.
3. Look for secrets, tokens, credentials, payment details, personal form values and private account content. Result: sensitive values are identified before a report, ticket or public link exposes them.
4. Confirm redaction or exclusion is already applied in the customer-visible text. Result: the report explains that data was removed without showing the removed value.
5. Stop sharing if unredacted sensitive data appears. Result: the artifact stays private until redaction, exclusion or a new safe scan result exists.
6. Continue to Failure and skipped-page meanings when evidence is unavailable because redaction or private scope blocked capture. Result: missing evidence is explained without bypassing privacy boundaries.

What must be redacted

Customer-visible evidence must not expose secret or private values.

• API keys, tokens, credentials, session identifiers, cookies and authorization headers.
• Payment card numbers, payment authorization details and provider secrets.
• Personal form values, private account content, admin pages and support inbox content.
• Internal paths, local filesystem paths or diagnostics that reveal secrets or private infrastructure.
• Data from another account, client workspace, project, domain or report.

When to stop sharing

Stop the flow when privacy state is unclear. Do not publish, export or link evidence while the sensitive value is still visible.

• Unredacted secret means keep the artifact private and regenerate or redact before sharing.
• Payment data means remove the artifact from customer-facing output.
• Private account content means exclude the page or document scoped access before retrying.
• Unclear owner/client data means confirm the account and project before export.
• Missing artifact after redaction means explain the limitation instead of inventing evidence.

Continue to skipped-page meanings

When redaction blocks capture or sharing, continue to [Failure and skipped-page meanings](/docs/projects/failure-and-skipped-page-meanings). That page explains how unavailable, skipped, private and incomplete evidence states should appear in the product flow.