Threatrix Documentation
Threatrix
  • Getting Started
  • Developer Quick Start
  • SecureShip
    • Artifactory Scanning
    • ThreatAgent Scanning
  • Threat Center
    • Creating Account
      • OAuth Login
    • Entity Dashboard
    • User Profile
  • AICertify
    • Reviewing Results
  • codecertify
    • Quick Start
    • Project Summary Tab
    • Components Tab
      • Custom Components
        • Adding
        • Editing
        • Important Notes
      • Header Panel
      • Module Tree Panel
      • Results Panel
        • Card View
        • Risk Graph View
      • Audit History
    • Assets Tab
      • Custom Asset Matches
        • Adding Asset Match
  • securecore
    • Project Dashboard
    • ThreatScan
    • Scan Results
  • Threat Agent
    • Threat Agent Overview
    • Threat Agent - Installation & Scanning
    • Scan Summary Reports
    • Resolving Errors
    • Scanning Container Images
  • Integrations
    • Dependency Managers
      • RENV
    • Build Integrations
      • AWS CodeBuild
      • Azure DevOps
      • Bitbucket Pipeline
      • CircleCI
      • GitHub Action
      • GitLab Pipeline
      • Jenkins Pipeline
    • SCM Integrations
      • GitLab
      • Bitbucket
    • Issue Management
      • Jira
    • Notifications
  • Policy Management
    • Policy Overview
    • Creating Policies
    • Policy Conditions
    • Policy Actions
    • Policy Scopes
  • Administration
    • User Management
    • Organization Settings
      • Organization Knowledge Base
      • Integration
        • Slack Integration
        • Jira Integration
        • Service Keys
    • RBAC
    • Entity Management
    • Okta
      • Okta Org2Org Integration
  • GraphQL API
    • API Overview
  • Resources
    • Dependency Managers
      • PIP
    • Dictionary
    • Licenses
    • Security & Privacy
    • Binary File Support
  • Hybrid / On Premise
    • Getting Started
    • Installation
    • Upgrade
    • Setup
    • Cloud Data Disclosure
    • Troubleshooting
Powered by GitBook
On this page

Was this helpful?

  1. Hybrid / On Premise

Cloud Data Disclosure

Anonymous portions of your scan are sent to Threatrix cloud environment to be matched with our cloud knowledge base.

Data is transmitted to our server using 256bit encryption.

None of the data that's transmitted to our cloud is ever persisted. It's stored in memory during processing and immediately expunged from memory after use.

Your scan results data are stored in your local, on premise, database for your Threatrix Hybrid deployment and only available to you. Threatrix does not have access to your scan results.

The following data is sent to our cloud with every scan:

  1. Software bill of materials for each supported dependency manager in your project. This data is used to build a dependency tree for declared dependencies and returns the associated licenses and vulnerabilities.

  2. Random cryptographic hashes derived from portions of your source code. This data is used to determine what parts of your source code are open source and return the associated provenance and license data.

  3. source file names

  4. source file size

PreviousSetupNextTroubleshooting

Last updated 11 months ago

Was this helpful?