Reduce False Positives with Dependent Sensitive Data Detections

Impart Security
Published on
April 16, 2024
Read time
Impart Security
April 16, 2024

Impart Security is happy to share another runtime protection enhancement called Dependent Sensitive Detections.

Detecting Personally Identifiable Information (PII) is hard since it’s easy to miss sensitive information like CVV numbers and zip codes. Most API security solutions solve this by relying on simple Regex rules that look for three or five digits in a row. However, this approach is prone to generating a high rate of false positives, which can render the detection useless and create additional work for security teams to validate findings that indicate sensitive data.

With Impart’s Dependent Sensitive Detections, you can now create dependency graphs of different PII detections to improve accuracy and avoid false positives. In the example brought up earlier, one way to avoid generating thousands of false positives using Regex would be to only execute CVV or zip code-based detections if there is a higher confidence detection in place. For example, a credit card number detection, which is a built-in security function of our API security platform and often correlated with CVV and zip code, can be validated using the third-party Luhn algorithm. These detections can be designed in our graph editor.

Contact us at to see how Dependent Sensitive Detections can help to reduce your false positive fatigue and be sure to follow us on LinkedIn for more product updates.

Subscribe to newsletter

Want to learn more about API security? Subscribe to our newsletter for updates.

By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

See why security teams love us