The SAPDevConnRule connection rule uses the Client/Application Information matcher to identify incoming requests. The matcher contains items on the exclude list that identify SAP clients. The connection rule is applied to any request that comes from a tool that is not on the exclude list. The rule action specifies that Dynamic Data Masking uses the SAPDevRuleSet security rule set for the request.

For example, if the development team accesses the database through SQL Developer, the SAPDevConnRule rule directs the request to the SAPDevRuleSet security rule set.