Output Filter Security Pattern Filter data before sending it to an external entity, ensuring that only necessary and authorized data elements are transmitted. This prevents excessive data exposure and enforces data minimization. Problem Addressed Entity receives excessive data : System sends more data than the receiver needs or is authorized to see, leading to: - Exposure of sensitive data (PII, credentials, internal identifiers) - Privacy violations (GDPR, CCPA) - Increased attack surface - Data leakage through traffic interception Core Principle Never rely on the client to filter sensitive…