Sep 06 2024: Trace spans are captured at runtime after decrypting requests, potentially exposing sensitive data. This can lead to various risks such as data breaches, compliance violations, privacy issues, and attack surface exposure. However, Lumigo's automatic tracing collects only essential metadata, and with proper configuration, sensitive information is masked in the runtime, ensuring it doesn't reach the backend. Lumigo also prioritizes security with SOC2, ISO 27001, HIPAA, and GDPR certifications, encrypted data transmission, and regular reviews and audits to prevent sensitive information exposure.