# Security information ## 🇫🇷 Hosting All of our data and application is hosted in France on AWS Servers (eu-west-3). ## 🔐 Compliance
## ☁️ Sub-Providers Our main sub-providers are : AWS (cloud), Google (IdP), Microsoft (IdP), Okta (IdP), Github (Version Control) ## ⚙️ Infrastructure schema
## ⚙️ Functional levels Our solution offers three distinct levels of functionality plus an extra ### Premium - Diagnostic: A one-time in-depth automatic diagnostic to uncover Shadow IT, prevent security risks, cut down on unused tool costs and pinpoint critical concerns. #### Anonymous Collection: This level provides anonymous data collection, tracking usage events such as timestamps and accessed domains across 110,000+ whitelisted domains. It is ideal for environments needing high security with minimal data exposure. #### Identified Collection: In addition to basic monitoring, this level includes identified data collection. It captures user-specific information like email addresses and domain cookies to ensure accurate tracking of user activity. This level also supports integration with major IdPs (Microsoft, Okta, Google) for directory and SSO event synchronization. Examples of outcomes include identifying unauthorized SaaS usage or detecting policy violations based on user activity. ### Business Plan - Shadow IT Manage Shadow IT effortlessly with the Business Package, offering real-time monitoring and proactive protection for all online tools used by your teams. ### Enterprise plan - Shadow IT & FinOps: Streamline SaaS management with the Enterprise package, offering smarter cost control and spend management systems alongside with advanced security features. ### Advanced Software Analysis This specific use case focuses on timely audits and reviews, providing a comprehensive overview of a SaaS real usage—ideal for contract renewals, for example. Deliverables are provided as Excel sheets, offering significantly more data than what is available in Avanoo’s web app. ## 🙅 Data collected : ### IdP (Google Workspace, Okta, Microsoft Entra, CSV)
SSO IntegrationsAnonymousIdentifiedAdvanced software analysis
List of Users (email, name, Id, team, admin status)falsetruetrue
Users relationship (manager)falsetruetrue
Groups and Organization unitsfalsetruetrue
Historical log eventsfalsetruefalse
Token of authentifications for external appsfalsetruefalse
Timestamp of tokensfalsetruefalse
Scopes granted to external appsfalsetruefalse
### Browser extensions (Chrome, Chromium, Edge, Firefox, Safari)
Browser extensionsAnonymousIdentifiedAdvanced software analysis
URLstruetruefalse
Email used to connectfalsetruefalse
Timestamptruetruefalse
Users nudge responsesfalsetruefalse
### 2000+ integrations
Direct Integrations to SaaS AppsAnonymousIdentifiedAdvanced software analysis
Usersfalsetruetrue
Authentification methodfalsetruefalse
Date of creation and desactivationfalsetruetrue
Permissions and licences levelsfalsetruetrue
Historical eventsfalsetruetrue
### Google Workspace and Microsoft Office 365
EmailsAnonymousIdentifiedAdvanced software analysis
UserIdfalsetruefalse
VendorIdfalsetruefalse
Timestampfalsetruefalse
## 🗄️ Recognised Applications: All applications that are part of our database can be recognised by both the SSO, the browser agent and the emails addons. This whitelist currently contains more than 110,000 apps. This whitelist is also : * Customizable. * Weekly updated, especially with new AI tool. * Can contain custom client URLS for on premise applications accessed via the browser. ## 📗GDPR Compliance and Validation: All solutions are GDPR compliant, addressing the stringent data protection requirements of the insurance industry. The anonymous option is particularly beneficial in security-sensitive environments, as it only collects usage events without personal information. Furthermore, all data traffic is encrypted to prevent leakage in case of interception. Upon receipt, traffic is secured using AWS Cognito resource access control, ensuring no unauthorized access. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.avanoo.ai/public-knowledge-base/security-information.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.