System and method for data masking

What is claimed is: 1. A computer system for masking data, the system comprising: one or more processors; and one or more memories operatively coupled to at least one of the one or more processors and having instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: receive a request directed to a network service; apply a rule set to the request to identify sensitive data which is responsive to the request; rewrite the request, based on the rule set, such that the rewritten request will result in the sensitive data being retrieved and converted into a masked format according to one or more instructions in the rewritten request; and transmit the rewritten request to the network service. 2. The system of claim 1 , wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: receive a response from the network service in response to the modified request; apply the rule set to the response to identify additional sensitive data in the response; rewrite the response, based on the rule set, such that the additional sensitive data in the response is converted into a masked format; and transmit the rewritten response. 3. The system of claim 1 , wherein the masked format comprises a format that replaces the sensitive data with a computed value. 4. The system of claim 1 , wherein the request is intercepted. 5. The system of claim 1 , wherein the masked format comprises a format that masks at least a portion of the sensitive data. 6. The system of claim 1 , wherein the masked format comprises a format that concatenates a string to at least a portion of the sensitive data. 7. The system of claim 1 , wherein the masked format comprises a format that replaces the sensitive data with fictitious data. 8. The system of claim 1 , wherein the sensitive data comprises a row in a database and wherein the masked format masks data corresponding to the row. 9. The system of claim 1 , wherein the request includes a request for personally identifiable information and at least one rule in the rule set is configured to identify the personally identifiable information as sensitive data. 10. The system of claim 1 , wherein the request includes a request for confidential information and at least one rule in the rule set is configured to identify the confidential information as sensitive data. 11. The system of claim 1 , wherein at least one rule in the rule set is configured to identify sensitive data based upon user classification. 12. The system of claim 1 , wherein the instructions that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to apply the rule set further cause at least one of the one or more processors to: apply a request complete rule, wherein the request is determined to be incomplete; transmit a request for missing data to the network service, wherein the missing data is the incomplete portion of the request; receive the missing data from the network service; and reformat the request with the missing data. 13. The system of claim 1 , wherein the instructions that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to apply the rule set further cause at least one of the one or more processors to: apply a reverse mask rule, wherein the request is determined to comprise masked data; and rewrite the request, based on the rule set, such that the request is rewritten to reverse mask the masked data. 14. The system of claim 1 , wherein the instructions that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to apply the rule set further cause at least one of the one or more processors to: apply an update rule, wherein the request is determined to be an update request; and transmit the update request to the network service. 15. At least one non-transitory computer-readable medium storing computer-readable instructions that, when executed by one or more computing devices, cause at least one of the one or more computing devices to: receive a request directed to a network service; apply a rule set to the request to identify sensitive data which is responsive to the request; rewrite the request, based on the rule set, such that the rewritten request will result in the sensitive data being retrieved and converted into a masked format according to one or more instructions in the rewritten request; and transmit the rewritten request to the network service. 16. The at least one non-transitory computer-readable medium of claim 15 , further storing computer-readable instructions that, when executed by at least one of the one or more computing devices, cause at least one of the one or more computing devices to: receive a response from the network service in response to the modified request; apply the rule set to the response to identify additional sensitive data in the response; rewrite the response, based on the rule set, such that the additional sensitive data in the response is converted into a masked format; and transmit the rewritten response. 17. The at least one non-transitory computer-readable medium of claim 15 , wherein the masked format comprises a format that replaces the sensitive data with a computed value. 18. The at least one non-transitory computer-readable medium of claim 15 , wherein the request is intercepted. 19. The at least one non-transitory computer-readable medium of claim 15 , wherein the masked format comprises a format that masks at least a portion of the sensitive data. 20. The at least one non-transitory computer-readable medium of claim 15 , wherein the masked format comprises a format that concatenates a string to at least a portion of the sensitive data. 21. The at least one non-transitory computer-readable medium of claim 15 , wherein the masked format comprises a format that replaces the sensitive data with fictitious data. 22. The at least one non-transitory computer-readable medium of claim 15 , wherein the sensitive data comprises a row in a database and wherein the masked format masks data corresponding to the row. 23. The at least one non-transitory computer-readable medium of claim 15 , wherein the request includes a request for personally identifiable information and at least one rule in the rule set is configured to identify the personally identifiable information as sensitive data. 24. The at least one non-transitory computer-readable medium of claim 15 , wherein the request includes a request for confidential information and at least one rule in the rule set is configured to identify the confidential information as sensitive data. 25. The at least one non-transitory computer-readable medium of claim 15 , wherein at least one rule in the rule set is configured to identify sensitive data based upon user classification. 26. The at least one non-transitory computer-readable medium of claim 15 , wherein the instructions that, when executed by at least one of the one or more computing devices, cause at least one of the one or more computing devices to apply the rule set further cause at least one of the one or more computing devices to: apply a r