Data classes
A data class is the category of sensitivity ThreatLens assigns to a request or document. Classification is based on the actual content, in real time — not on the file name or location.
Every request is mapped to exactly one class, which then drives the policy matrix lookup.
The default catalog
| Data class | Typical examples | Default risk |
|---|---|---|
| Source code / secrets | API keys, credentials, connection strings, private code | Critical |
| PCI / payment data | Card numbers, payment account details | Critical |
| Strategy / board confidential | Board decks, M&A, forecasts marked confidential | Critical |
| PII / personal data | Names + identifiers, SSNs, national IDs, passports | High |
| Financial data | Revenue, forecasts, internal financials | High |
| HR data | Compensation, performance, employee records | High |
| Legal / contractual | Contracts, legal advice, settlements | High |
| Customer data | Customer records and account details | Medium |
| Public / non-sensitive | Published material, general questions | Low |
| Unknown | The classifier is not confident | High (protected by default) |
When ThreatLens can't confidently classify content, it treats it as higher-risk and routes it to a trusted destination — it never assumes "unknown" means "safe."
Why classes matter
Data classes are the rows of your policy matrix. For each one, you decide the minimum trust tier a destination must meet and what happens when it doesn't. That's how a single, readable table governs every possible request.
The catalog above is the default. Administrators can tune how each class is handled per organization.