Security, privacy and compliance boundaries
Understand the security, privacy and compliance boundaries that apply to WebRiskOps evidence, artifacts, reports and customer responsibilities.
Customers, agencies, developers and security reviewers
Feature availability
Product, package, provider and deployment boundaries for this page.
- Available from
- Current documentation
- Deployment modes
- cloudself-hosted
Boundary map
Use this section when a reviewer needs one place for data, privacy, retention, secret and non-certification limits.
- Data collected and excluded
- Artifact retention
- Secret handling
- Personal data boundaries
- Non-certification and legal boundaries
- Customer responsibilities
Automated safeguards
WebRiskOps should keep routine safeguards inside the product workflow instead of asking customers to expose sensitive values.
- Evidence is tied to accepted public scope.
- Artifacts keep customer-safe screenshots, snapshots and issue evidence.
- Secret-like values are redacted before customer-visible storage.
Customer-owned decisions
Customers still own authorization, environment changes and formal compliance decisions.
- Confirm authorization before scanning.
- Review evidence before acting on a report.
- Use qualified legal or compliance counsel for formal opinions.
Was this page helpful?
Feedback goes into the product documentation review queue.