Data Flow & AI Processing
Plain-language complement to our Privacy Policy. When the two ever appear to conflict, the Privacy Policy is legally binding; this page exists to make the same facts visible without a legal-document reading.
your env → us
Scanner findings (CVE, file path, snippet) · Repo metadata · CI/CD configs · AWS topology metadata · ECR image digests · Tenant repositories cloned into ephemeral workers for scan and analysis jobs
us → Bedrock
Rule identifiers · File paths · Configuration files or snippets · Finding metadata · Relevant source files or excerpts from the cloned repo when needed for classification, narrative, or reachability analysis. Production inference is served by Anthropic Claude through AWS Bedrock inside VigilChain's AWS environment by default; tenants with Bring Your Own AI Key route to their own Anthropic account instead.
not requested
Application secrets · Environment variables · Customer data inside your services · Database contents · DB credentials · Known secret patterns before AI calls, when detected
| Integration | Permission scope | Justification | What we cannot do |
|---|---|---|---|
| GitHub App | contents:read, metadata:read, checks:read, pull_requests:read on selected repos | Clone selected repositories into VigilChain workers for transient scan and analysis jobs; read CI status; read PR metadata for owner mapping | Push, merge, delete, modify branch protection, install other apps |
| AWS cross-account IAM role | Read-only on EC2, ECS, ECR, ELB, IAM, CloudWatch, S3 metadata. Trust policy requires our account ID + external-id | Discover topology to map deployment chain | Create, modify, or delete any resource in your AWS account |
| Scanner outputs (SAST / SCA / cloud posture) | Generated by VigilChain workers from cloned repos, dependency and container metadata, and read-only cloud metadata | Produce findings for deployment-chain ranking | Access scanner credentials; require you to modify your CI workflow for SAST results |
| Jira / Linear / GitHub Issues | Write-scoped to the project you specify | Create and update tickets for findings | Read other projects, modify project settings, delete tickets you didn't author |
| Category | Stored where | Retained how long | Encryption |
|---|---|---|---|
| Source code (transient) | Worker checkout + scratch volume during scan and analysis job | Duration of scan or analysis job, then purged | TLS 1.2+ in transit; encrypted scratch volume |
| Scanner findings (CVE, path, snippet) | Tenant DB row | Life of finding (or until you delete it) | AES-256 (RDS, KMS) |
| Asset metadata (repo names, ECR digests, ALB DNS, task defs) | Tenant DB row | Life of account | AES-256 |
| Account & user data | Tenant DB row | Life of account; deleted within 60 days of closure | AES-256 |
| Audit logs | Tenant DB row | 7 years | AES-256 |
| RDS backups | AWS RDS snapshots | 30 days | AES-256 (KMS) |
| AI prompts & responses (production Bedrock path) | AWS Bedrock inside VigilChain's AWS environment | Not retained by Anthropic. AWS-side logging follows VigilChain's retention policy. | AES-256 (KMS), TLS 1.2+ in transit |
| AI prompts & responses (direct Anthropic API; Bring Your Own AI Key tenants and internal operator tooling) | Anthropic infrastructure | Up to 30 days for trust-and-safety review; not used for model training | Anthropic-controlled, TLS 1.2+ in transit |
Rule classification. Rule ID, scanner name, and rule description text. Used to map vendor rules to canonical VC taxonomy.
Dedup confirmation. Rule IDs and metadata for the candidate cluster. Usually only the cluster's metadata, though AI-assisted analysis may inspect related source files from the cloned repository when needed to resolve an ambiguous match.
Repo deployment-chain analysis. CI/CD config files (.github/workflows/*.yml, Dockerfile, infra-as-code like Terraform *.tf). These configuration files may be inspected from the cloned repository to map build, image, and deployment relationships.
Finding narrative + reachability. File path, rule context, and relevant source code from the cloned repository when needed to explain the finding or assess code-path reachability. The amount of context depends on the rule, language, and repository structure.
Reachability today is deployment-chain reachability (deterministic) plus AI-assisted code-path analysis (advisory). Not deterministic call-graph reachability today. Production AI inference is served by Anthropic Claude through AWS Bedrock inside VigilChain's AWS environment; prompts and responses are not used to train models and are not retained by Anthropic on this path. Tenants with Bring Your Own AI Key route AI traffic to their own Anthropic account, governed by Anthropic's standard direct-API terms (up to 30 days trust-and-safety retention; not used for training). Per-tenant AI disable is on the roadmap.
| Control | Today | Roadmap |
|---|---|---|
| Per-tenant AI disable | — | planned |
| No-training, no-retention by Anthropic on production path | ✓ via AWS Bedrock | — |
| Private model / on-prem inference | — | not committed |
| Snippet-window size cap | 30 lines | configurable per tenant |
| Pre-AI secret redaction | ✓ | — |
The Privacy Policy is the legally binding policy. Our Security page covers responsible disclosure and safe harbor. A DPA is available on request at legal@vigilchain.com.