Reviewing database sensitivity

Learn how to review the sensitivity rating of each database field to improve the accuracy of the tests and results.

Updated over a week ago


Every time a new datatype or database field is added to your app, we'll ask you to review its sensitivity.

These field reviews give you the following benefits:

  • Getting pertinent alerts when a vulnerability is found.

  • More precise results regarding issue gravities.

  • Running appropriate checks on the database.

Default setting and AI

When a database field is first discovered, we automatically assign it a rating with our Predict AI. This rating is based on parameters such as the field name and type. This rating persists until you define the sensitivity manually.

How to review fields manually?

Which rating should I give to my database field?

As a general rule, every field that you wouldn't want anyone to have access to is sensitive.

You can use the following table to find details about each rating:




🟒 Not sensitive

Irrelevant information or relative to your app operation.

Signup step or Blog content

πŸ”΄ Sensitive

Personal data of your users, or highly sensitive data.

User First Name, Company Email, API Tokens, or Invoice File

I'm not sure what rating to assign.

No worries, if you're not sure what to do, you can always ask our team for advice.

Simply open a new chat using the bottom-right corner button and give some context about your database field to our agent.

Did this answer your question?