An APM tool can become the weakest point in your data security practices. When you enable different security mechanisms (such as MFA) to control access to your data, your monitoring tool can read and save this into its database.
Thundra is no exception. When you instrument your code with Thundra libraries, our code runs along with yours and gathers data about the life cycle of your serverless-centric transactions. After the execution ends, our libraries report the data to our backend in order to help you troubleshoot issues with your serverless-centric apps.
But we know this may not always be ideal. That’s why Thundra provides as many configurations as possible, so you are able to control and monitor what data you share with us. Thundra offers numerous masking possibilities in every language in our libraries. When you mask a particular field and/or data, our libraries don't report this data to our backend. For example, when you set the following variable as true, our libraries won't send SQS messages in your applications but will continue to show how long it took to receive the callback from SQS:
In order to use Thundra’s masking feature, see the following pages: