AppMap data inspector
This proof of concept analyzes data snapshots captured in an appmap file. It surfaces useful insights about how the data is used, where it’s stored and what it may contain. In short, it shows you how you’re handling various kinds of data within your application.
This project attempts to identify the following:
- Sensitive values such as passwords and auth tokens
- Encrypted values such as password hashes
- Unencrypted values which should ideally be encrypted
- Data persisted within a database
- Data provided by a user, such as an HTTP request parameter
- Personally identifiable information such as social security numbers or email addresses
- Data logged to
A single data object can have many of these identifiable “traits”. In fact, the most useful insights come from a combination of traits. For example, personally identifiable information appearing in application logs or sensitive data that persists in a database unencrypted. Try it out with your own data!
Data snapshot analysis performed in this demo is an experimental proof of concept. It aggregates AppMap data from HTTP requests, SQL queries and function call parameters to identify various traits detailed above.
The example uses AppMap data recorded from Discourse, an open source discussion platform written in Ruby. The data used in this example was recorded from a Discourse test case using the appmap-ruby client, and uploaded to the AppLand sandbox. Because the Discourse application is open source and public on AppLand, the recorded scenario data is freely downloadable.
To obtain the download URL for any scenario, click Properties and then find the Raw data link:
The AppLand sandbox hosts a number of AppMap recordings across many different applications. Each individual recording, or “scenario”, has a visual representation depicting both logic and data flow. Check out the example Discourse data used in the demo on AppLand.