diff --git a/guard/core/checks/helpers.py b/guard/core/checks/helpers.py
index 6f7d438..6c5fbe2 100644
--- a/guard/core/checks/helpers.py
+++ b/guard/core/checks/helpers.py
@@ -285,8 +285,9 @@ def _get_effective_penetration_setting(
     penetration_enabled = config.enable_penetration_detection
 
     if route_config and hasattr(route_config, "enable_suspicious_detection"):
-        route_specific_detection = route_config.enable_suspicious_detection
-        penetration_enabled = route_specific_detection
+        if route_config.enable_suspicious_detection is not None:
+            route_specific_detection = route_config.enable_suspicious_detection
+            penetration_enabled = route_specific_detection
 
     return penetration_enabled, route_specific_detection
 
diff --git a/guard/decorators/base.py b/guard/decorators/base.py
index 854fc3c..30636f0 100644
--- a/guard/decorators/base.py
+++ b/guard/decorators/base.py
@@ -32,7 +32,7 @@ def __init__(self) -> None:
         self.max_request_size: int | None = None
         self.allowed_content_types: list[str] | None = None
         self.time_restrictions: dict[str, str] | None = None
-        self.enable_suspicious_detection: bool = True
+        self.enable_suspicious_detection: bool | None = None
         self.require_referrer: list[str] | None = None
         self.api_key_required: bool = False
         self.session_limits: dict[str, int] | None = None