How to add Custom Data Elements (Regex rules) to Strac DSPM & DLP Platform?

Strac ships with world-class ML detectors for the most common and compliance-critical data elements (PII, PHI, PCI, secrets, etc.). If you haven’t seen the full list, start here: Strac Catalog of Sensitive Data Elements.

Sometimes you’ll also want to detect organization-specific formats—internal IDs, bespoke reference numbers, or niche patterns. That’s exactly what Custom Data Elements (regex rules) are for.‍ With Custom Data Elements, you can create your own regex-based rules that work alongside Strac’s ML detectors. This lets you capture specialized identifiers, proprietary codes, or unique patterns that aren’t covered by default.

✨ How to Create and Test Custom Data Elements (Regex Rules) in Strac?

‍

When Should You Create Custom Data Elements?

While most customers rely solely on our built-in ML detectors, custom regex rules are helpful when:

• You have organization-specific identifiers (e.g., internal project codes, membership IDs, unique document tags).
• You operate in a niche industry with unique data formats not covered in standard compliance catalogs.
• You need temporary or project-specific detection rules for a special audit, migration, or investigation.

Example: If your HR department uses a unique alphanumeric code like HR-XXXX-2025, you can create a regex to flag any instance of it in documents, messages, or databases.

How to Add a Custom Data Element in Strac DSPM & DLP Platform

1. Log in to Strac Vault
   Sign in to your Strac admin dashboard with your admin credentials.
2. Navigate to Global Settings
   In the left-hand menu, go to:
   Admin → Global Settings → Custom Data Elements
3. Click "Add Custom Data Element"
   You’ll see the Custom Rules page where you can view, edit, and manage existing elements.
4. Enter Your Custom Rule Details
   • Name: A descriptive name for your custom rule (e.g., Employee Badge ID).
   • Description: Optional, but useful for explaining the purpose of the rule.
   • Regex: Your custom regular expression pattern for detecting the data.
   • Keywords (optional): Add related keywords to help contextual detection.
   • Distance (optional): Specify how close keywords and matches should be for detection.
5. Save Your Rule
   Click Save to activate your custom data element. It will now work alongside Strac’s pre-built detectors.

How to Test Your Custom Data Element in Strac DSPM & DLP Platform

Before deploying your custom regex into full scanning, Strac gives you a built-in Test feature so you can confirm that your rule works exactly as intended.

Here’s how to test it:

1. Locate Your New Rule
   After saving, your rule will appear in the Custom Data Elements table.
2. Click the “Test” Button
   This opens a small input area where you can paste or type sample text.
3. Run the Test
   • If the regex matches, Strac will highlight the detected portion.
   • If no matches are found, you’ll know your pattern may need adjusting.
4. Refine and Re-Test
   Modify your regex and test again until you’re confident in its accuracy.

Why testing matters:
A poorly tuned regex can either miss sensitive data (false negatives) or over-flag irrelevant text (false positives). Testing before deployment ensures your detection is both accurate and efficient.

Regex best practices that work well in Strac

• Be specific. Prefer EMP-\d{4}-[A-Z]{2} over EMP-.*.
• Anchor when format is fixed. Use ^…$ when the token occupies a full field/line.
• Use keywords + distance to cut noise:
  • Keywords: ["employee id","badge","eid"]
  • Distance: 50 (match must appear within 50 chars of a keyword)
• Escape special characters. . + ? ( ) [ ] must be escaped when literal.
• Avoid catastrophic backtracking. Keep patterns linear (e.g., avoid nested .* with backreferences).
• Document intent. Add the example format and 2–3 sample strings in the Description.

Example patterns (adapt as needed):

• Internal Badge: EMP-\d{4}-[A-Z]{2}
• Project Code: PRJ-[A-Z]{3}-\d{6}
• HR Code (year-bound): HR-\d{4}-[A-Z]{3}

Pair with keywords like ["employee","badge","project","code"] and a distance of 50–80 to improve precision.

How Custom Data Elements Work with Strac’s ML Detectors

Adding a custom regex does not disable or replace Strac’s existing ML detectors. Instead, it supplements them—meaning your sensitive data detection will now catch:

1. All patterns detected by Strac’s ML models (SSNs, credit cards, health records, etc.).
2. Your custom-defined regex patterns.

This hybrid approach ensures maximum coverage while allowing you to tailor detection to your exact needs.

Next Steps

• Review our Strac Catalog of Sensitive Data Elements to see if a built-in detector already covers your requirement.
• Create and test your first custom regex in Admin → Global Settings → Custom Data Elements.
• Monitor detection results and fine-tune as needed.

With Strac’s combination of ML intelligence and customizable regex rules, you have complete control over what sensitive data your organization detects and protects.