Privacy Policy
Last updated on 2019-12-31.
Analytics
STIG Spider collects minimal analytics in order to improve the functionality of the site. It includes, but may not be limited to:
- Sign in/out events.
- The web browser you use.
- The operating system you use.
Cookies
This site uses cookies to:
- Remember if you have accepted the pop-up informing you that cookies are used.
- Remember who you are (if you checked 'Remember me' when logging in).
- Remember the device you signed in with if you are using two-factor authentication (and checked 'Remember this device' when logging in).
Logging
This site performs logging in line with industry-standard web server request logging. This includes, but may not be limited to:
- Your IP address.
- The time of your request.
- The URL of the page you are requesting.
- The result code of your request (was it successful, an error, a redirect, etc.).
Security
STIG Spider has been developed using industry best-practices and with the OWASP Top 10 in mind. It is also regularly updated when vulnerabilities are reported by upstream vendors. Please check our Blog for more information.
Tracking
This site does not perform any tracking.
Your Data
The only data this site uses and stores is information that you directly provide when either contacting us for more information or when you create an account. This includes your:
- Email address(es).
- Name.
- Organization.
-
If you create an account the following additional information is collected:
- Cryptographically secure hashed and salted representation of your password (not your actual password).
- Subscription level (free or otherwise).
The data you provide us is not forwarded or sold to any other parties.
Your data is encrypted in transit (using the latest version of TLS) and is also encrypted at rest using industry-standard algorithms.
When you are signed in to STIG Spider, you can download and/or delete your data.