What kinds of customer data does Zero-X access, process, or store?

Zero-X accesses and processes the following types of customer data to provide cloud security services:

  • AWS: Access keys, secret keys, account IDs, and region configurations
  • GCP: Service account credentials, project IDs, and region settings
  • Azure: Tenant IDs, subscription IDs, client IDs, client secrets, and resource group configurations
  • Purpose: To securely connect to your cloud environments and perform security assessments
  • Resource Inventory: Information about your cloud resources (compute instances, storage buckets, databases, networking components, etc.)
  • Resource Metadata: Resource names, IDs, tags, configurations, and status information
  • Purpose: To maintain an accurate inventory of your cloud assets for security monitoring and compliance tracking
  • Vulnerability Findings: Security vulnerabilities detected in your cloud resources
  • Compliance Assessment Results: Results from compliance framework scans (SOC 2, ISO 27001, GDPR, PCI DSS, HIPAA, CIS benchmarks, etc.)
  • Security Events: Security events and incidents from your SIEM/XDR integrations (Wazuh, CloudTrail, etc.)
  • CIEM Data: Cloud Infrastructure Entitlement Management data including IAM identities, roles, and permissions
  • Purpose: To provide security insights, compliance monitoring, and risk assessment
  • Cost Explorer Data: Cloud cost and usage information from AWS Cost Explorer, Azure Cost Management, and GCP Billing
  • Purpose: To help you understand and optimize your cloud spending
  • User Account Information: Names, email addresses, roles, and authentication credentials
  • Organization Information: Organization names, subscription details, and configuration settings
  • Purpose: To manage user access, provide multi-tenant isolation, and deliver personalized services
  • GitHub/GitLab/Bitbucket: Repository access tokens and webhook configurations (when integrated)
  • Docker Hub/ECR: Registry credentials and image metadata
  • BigQuery: Project IDs, dataset IDs, and table configurations
  • Purpose: To extend security monitoring to your development and container infrastructure

Important Notes:

  • All sensitive credentials (access keys, secrets, tokens, passwords) are encrypted at rest using AES-256-GCM encryption
  • Zero-X only accesses data necessary to provide security services
  • You maintain full control over which data sources are connected and can disconnect them at any time
  • Zero-X does not access or store your application data, customer data, or business content stored in your cloud resources