diff --git a/project/tests/test_sensitive_data_in_request.py b/project/tests/test_sensitive_data_in_request.py
index db8b03a7..9eceb693 100644
--- a/project/tests/test_sensitive_data_in_request.py
+++ b/project/tests/test_sensitive_data_in_request.py
@@ -73,3 +73,15 @@ def test_password_in_batched_json(self):
                 self.assertEqual(datum['username'], RequestModelFactory.CLEANSED_SUBSTITUTE)
                 self.assertEqual(datum['password'], RequestModelFactory.CLEANSED_SUBSTITUTE)
                 self.assertEqual(datum['x'], 'testunmasked')
+
+    def test_authorization_header(self):
+        mock_request = Mock()
+        mock_request.META = {'HTTP_AUTHORIZATION': 'secret'}
+        mock_request.body = ''
+        mock_request.get = mock_request.META.get
+        factory = RequestModelFactory(mock_request)
+        headers = factory.encoded_headers()
+        json_headers = json.loads(headers)
+        
+        self.assertIn('AUTHORIZATION', json_headers)
+        self.assertEqual(json_headers['AUTHORIZATION'], RequestModelFactory.CLEANSED_SUBSTITUTE)
diff --git a/silk/model_factory.py b/silk/model_factory.py
index ba4a3e46..e1442ead 100644
--- a/silk/model_factory.py
+++ b/silk/model_factory.py
@@ -74,12 +74,18 @@ def encoded_headers(self):
         to the name. So, for example, a header called X-Bender would be mapped to the META key HTTP_X_BENDER."
         """
         headers = {}
+        sensitive_headers = {'AUTHORIZATION'}
+
         for k, v in self.request.META.items():
             if k.startswith('HTTP') or k in ('CONTENT_TYPE', 'CONTENT_LENGTH'):
                 splt = k.split('_')
                 if splt[0] == 'HTTP':
                     splt = splt[1:]
                 k = '-'.join(splt)
+
+                if k in sensitive_headers:
+                    v = RequestModelFactory.CLEANSED_SUBSTITUTE
+
                 headers[k] = v
         if SilkyConfig().SILKY_HIDE_COOKIES:
             try: