Ctrlk
Go to websiteGo to AvanooBook a call

Security information

We build our products with security in mind from design to deployment ensuring that we have the infrastructure, automation and monitoring necessary to protect your data.

πŸ‡«πŸ‡· Hosting

All of our data and application is hosted in France on AWS Servers (eu-west-3).

πŸ” Compliance

☁️ Sub-Providers

Our main sub-providers are : AWS (cloud), Google (IdP), Microsoft (IdP), Okta (IdP), Github (Version Control)

βš™οΈ Infrastructure schema

βš™οΈ Functional levels

Our solution offers three distinct levels of functionality plus an extra

Premium - Diagnostic:

A one-time in-depth automatic diagnostic to uncover Shadow IT, prevent security risks, cut down on unused tool costs and pinpoint critical concerns.

Anonymous Collection:

This level provides anonymous data collection, tracking usage events such as timestamps and accessed domains across 110,000+ whitelisted domains. It is ideal for environments needing high security with minimal data exposure.

Identified Collection:

In addition to basic monitoring, this level includes identified data collection. It captures user-specific information like email addresses and domain cookies to ensure accurate tracking of user activity. This level also supports integration with major IdPs (Microsoft, Okta, Google) for directory and SSO event synchronization. Examples of outcomes include identifying unauthorized SaaS usage or detecting policy violations based on user activity.

Business Plan - Shadow IT

Manage Shadow IT effortlessly with the Business Package, offering real-time monitoring and proactive protection for all online tools used by your teams.

Enterprise plan - Shadow IT & FinOps:

Streamline SaaS management with the Enterprise package, offering smarter cost control and spend management systems alongside with advanced security features.

Advanced Software Analysis

This specific use case focuses on timely audits and reviews, providing a comprehensive overview of a SaaS real usageβ€”ideal for contract renewals, for example. Deliverables are provided as Excel sheets, offering significantly more data than what is available in Avanoo’s web app.

πŸ™… Data collected :

IdP (Google Workspace, Okta, Microsoft Entra, CSV)

SSO Integrations
Anonymous
Identified
Advanced software analysis

List of Users (email, name, Id, team, admin status)

Users relationship (manager)

Groups and Organization units

Historical log events

Token of authentifications for external apps

Timestamp of tokens

Scopes granted to external apps

Browser extensions (Chrome, Chromium, Edge, Firefox, Safari)

Browser extensions
Anonymous
Identified
Advanced software analysis

URLs

Email used to connect

Timestamp

Users nudge responses

2000+ integrations

Direct Integrations to SaaS Apps
Anonymous
Identified
Advanced software analysis

Users

Authentification method

Date of creation and desactivation

Permissions and licences levels

Historical events

Google Workspace and Microsoft Office 365

Emails
Anonymous
Identified
Advanced software analysis

UserId

VendorId

Timestamp

πŸ—„οΈ Recognised Applications:

All applications that are part of our database can be recognised by both the SSO, the browser agent and the emails addons. This whitelist currently contains more than 110,000 apps. This whitelist is also :

  • Customizable.

  • Weekly updated, especially with new AI tool.

  • Can contain custom client URLS for on premise applications accessed via the browser.

πŸ“—GDPR Compliance and Validation:

All solutions are GDPR compliant, addressing the stringent data protection requirements of the insurance industry.

The anonymous option is particularly beneficial in security-sensitive environments, as it only collects usage events without personal information. Furthermore, all data traffic is encrypted to prevent leakage in case of interception. Upon receipt, traffic is secured using AWS Cognito resource access control, ensuring no unauthorized access.

NextBrowsers Extensions

Last updated