Login Start Free Trial Login Start Free Trial
 

Sensitive Data Identification

This feature is available on the StackHawk Enterprise plan.

As part of API Discovery, StackHawk analyzes connected code repositories for references to regulated or sensitive data types, helping teams to understand which APIs may introduce higher risk.

Repositories with detected sensitive data are flagged in your Attack Surface view, allowing you to filter and prioritize testing efforts based on data exposure. This helps your team focus on the APIs that matter most — the ones tied to sensitive or compliance-relevant data.

What We Detect

StackHawk currently detects the following sensitive data types:

  • PII (Personally Identifiable Information)
  • PCI (Payment Card Industry data)
  • PHI (Protected Health Information)

These labels will appear in the Attack Surface Table, giving you instant visibility into which repositories may contain sensitive data and should be prioritized for review and testing.

Supported Languages

Sensitive Data identification happens for code repos written in a supported language. Languages currently supported include:

  • C#
  • Go
  • Java
  • JavaScript
  • Kotlin
  • Typescript
  • Python
  • Rust
  • Scala
  • PHP

Please reach out to us at product@stackhawk.com if you have concerns about your code repositories in a language not listed above.