Menu

    How we protect your Vulnerability Data on the SCW Platform

    Avatar
    Secure Code Warrior Elves
    • Updated
    Follow

    This article explains how Secure Code Warrior (SCW) handles the security data provided to us by customers.

    Vulnerability Data - any information about security flaws, coding errors, weaknesses, or misconfigurations either provided by you to us or identified while you or your End Users are using the SCW Platform. It includes:

    • Vulnerability findings and reports
    • Records of remediation attempts
    • Security testing results
    • Code snippets with vulnerabilities
    • Related metadata

    Important Note: Vulnerability Data may contain your proprietary code and other confidential information.

    SCW stores all Vulnerability Data in secure, access-controlled environments and protect it using industry-standard security measures, including encryption in transit and at rest. Access to Vulnerability Data is restricted to authorised personnel on a least-privilege basis and is used solely for the purpose of providing insights and recommendations to you based on the data you provide, and for maintaining and improving the platform.

    SCW implements strict measures to prevent the re-identification of the Vulnerability Data, such as data aggregation and regular risk assessments.

    Permitted Uses of De-identified Vulnerability Data

    SCW uses this data solely to improve the platform and provide better security intelligence. Permitted uses include:

    • Platform Delivery: To provide the SCW Platform and related services.
    • User Education: To provide targeted training content to your End Users.
    • Platform Enhancement: To improve functionality and user experience of the SCW Platform.
    • Market Insights: To create aggregate statistics and analytical insights.
    • Benchmarking & Reporting: To generate anonymized industry reports.
    • Content Development: To develop new security training modules.

    What SCW Will NOT Do with Your Data

    SCW will not:

    • Attempt to re-identify you or your End Users from the data.
    • Sell, rent, or commercialize the data to third parties.
    • Use the data to target advertising or marketing.
    • Disclose the data to any third party, except as strictly required to provide the platform or as permitted by our agreement.

    Data Survival

    Our commitments to handling and protecting your Vulnerability Data will continue to apply even after your subscription or agreement has ended, for as long as SCW retains the data.

    Your data may be deleted upon request by contacting support@securecodewarrior.com.

    Related articles

    Comments

    0 comments

    Article is closed for comments.