Product Updates, Security & Compliance

Elevating Security: Protect Sensitive Data with HARmor

On the ever-evolving battleground of cybersecurity, each data breach is a stark reminder of the vigilance needed to protect sensitive information. A recent security incident, resulting in unauthorized access to HAR (HTTP Archive) files containing sensitive customer data, raised alarms across the industry. 

HAR files, which record detailed information about web browser interactions with sites, are treasure troves for cybercriminals unless handled with utmost care. This event underscores the critical necessity of securing HAR files, as both a compliance measure and a fundamental aspect of maintaining user trust.

Understanding the Benefits and Risks of HAR Files

Developers and support teams use HAR files extensively to diagnose issues in web applications by logging all the web interactions between browsers and sites. They include the URLs of visited pages, timing of each request, response status codes, headers, cookies, and sometimes even body content. The detailed insights they offer are invaluable, but they are a double-edged sword. Embedded within the HAR files can be session tokens, API keys, passwords, and other sensitive data that could give an attacker the keys to the kingdom if exposed.

The risks of improperly secured HAR files are immense. Intruders can exploit their contents for unauthorized access to user accounts and exposure of personal and financial data. They can even serve as a foothold for further attacks against an organization’s infrastructure. In the publicized breach of a software vendor that involved HAR files, sensitive customer data was compromised.

Introducing HARmor: Armor for HAR Files

Worldwide, HAR files need to be inoculated against possible intrusions, particular in customer support departments where user sessions are recorded. In direct response to this widespread need for data protection, our team at Frontegg has developed HARmor. This open-source tool revolutionizes the way HAR files are sanitized, cleaned, and encrypted. 

HARmor is more than just a utility, however. It also expresses our commitment to security and our belief in the power of open-source collaboration. At its core, HARmor is designed to be user-friendly and interactive, allowing users to clean and sanitize data from their HAR files selectively. Here’s what sets HARmor apart:

  • Sanitization: HARmor can detect and scrub sensitive information, from cookies and passwords to authorization headers and query parameters, as well as JSON body keys. HARmor also sanitizes based on URLs, and removes JWT signatures.
  • Cleaning: HARmor removes unnecessary data bloat, reducing the risk of accidental data exposure.
  • Encryption: HARmor ensures that the sanitized HAR files are encrypted, thereby adding a layer of security in the event of unintended dissemination.
  • No Global Installation Needed:  Use HARmor directly with npx, anywhere you need it.

The critical innovation of HARmor lies in its interactivity and customization. It’s built intuitively, allowing users to interact in real time with the data they’re cleaning. This level of user control is a first in HAR file management.

HARmor lets users choose between two modes of operation: Direct Sanitization and Template Mode. Direct mode guides users along an interactive journey through a structured questionnaire, to ensure each data point is reviewed and sanitized as necessary. 

Template mode, where users can create, save, and reuse customized templates to enhance workflow, is one advantage of HARmor’s functionality. These templates enable companies to define their own standards of cleaning HAR files that can be consistently applied across all operations. This is particularly useful for organizations with unique cookies, headers, or sensitive data patterns specific to their business.

Building a Security Community to Keep Up With New Threats

Beyond individual use, these templates can be shared with the broader developer community through HARmor’s repository, allowing others to benefit from proven data sanitization patterns. The HAR file issue is a sobering reminder that our security strategies must evolve in tandem with the sophistication of threats we face. The open-source, community-driven approach with HARmor not only makes mitigation of this threat much easier, but also fosters an ecosystem of collective security responsibility. 

For detailed usage examples and a deeper dive into HARmor’s capabilities, visit our GitHub repository at frontegg/harmor or harmor.dev website.