The safest strategy to avoid having personally identifiable information exposed is not to use actual production data in load tests. However, if you need to use data from the production environment to create a load test script, there are some recommendations on how to secure sensitive information, such as user credentials, credit card details, etc., while configuring load tests scenarios in LoadView.
By default, the video of web pages and web application test transactions is captured on a Reference Load Injector (Reference LI) on each load test run. Capturing a video of test sessions allows you to understand how the page or application appears and performs for a real user. The video can then be used for troubleshooting purposes.
Even though the reference video and screenshots helps with error troubleshooting, keep in mind that they can be accessed by other authorized users of your Dotcom-Monitor account from within the Session Report.
Also, you may need to use production data while recording a test script with the EveryStep Web Recorder, or as a part of the HTTP requests to the target resource. We will display such data on the Waterfall Chart or in the EveryStep script body.
Disabling Test Sessions Recording
If you use production data to set up a load test, and you don’t want to capture the video of test transactions, you can disable Reference LIs in the test scenario settings.
For troubleshooting purposes, you can enable Reference LIs back at any time.
Encrypting Sensitive Data in Test Scripts
To encrypt any string data in the EveryStep script, convert them to context parameter and save to a central Secure Vault. This way, the data values will be hidden in the scripts and reports, including Online Reports and Waterfall charts. For more details, see How to Secure Passwords and Other Sensitive Information in EveryStep Recorder..