24x7 continuous auditing that monitors your network
Instant, no obligation spot audit
Your cyber peace of mind is our priority, so we apply best practices in cybersecurity to our Sherlock® solution cyber security and data privacy best practices to our Sherlock® solution.
But if the ProHacktive Service allows me to map the flaws in my computer network, isn't there a risk to my data on the ProHacktive server?
Excellent question! The answer is no. Here's why:
The General Data Protection Regulation (GDR) is clear on this point: the best protection of a piece of data is not to have it. At ProHacktive, we like this maxim. We have designed our hardware solution to keep the data collected from your network to a bare minimum.
The data collected on your bucket is kept to a minimum.
• Changes in the number of connected devices• Changes in the number of devices by criticality level• Changes in the overall ProHacktive security rating of your network• The public IP address and gateway IP address of your network
• The IP address and MAC address of the Sherlock® solution• The physical data of the Sherlock® solution (temperature, voltage, CPU, GPU, RAM, HDD statistics and internal software statistics)
Prohacktive therefore does not collect ANY sensitive or personal data on its servers.
No sensitive data or personal data is stored on its servers.
• Types of connected devices• IP addresses of connected devices• MAC addresses of connected devices• Installed OS and software of devices• Emails and phone numbers that the Sherlock® solution might detect on devices• Contact lists that the Sherlock® solution might detect on the devices• User and administrator names that the Sherlock® solution might detect on the devices• Data on the devices' hard drives or servers (documents, photos, videos...)• etc...
All the data collected above are for the exclusive purpose of the cyber security offer of ProHacktive:
• Mapping your network• Discovering and alerting on known security vulnerabilities in real time• Tracking the physical state of the Sherlock® solution• Generating audit reports• Generating vulnerability reports• Detecting new devices connected to your network
None of this data is used for any other purpose, nor is it given away, free or otherwise, to any third party.
ProHacktive processes the above mentioned data for the entire duration of the contract. At the end of our partnership, ProHacktive will recover the Sherlock® solution and completely reset it within three (3) months. All data contained in the Sherlock® solution is destroyed except for the following data which is anonymized and archived for statistical purposes:
• Evolution of the number of connected devices• Evolution of the number of devices by criticality level• Evolution of the overall ProHacktive security score of your network• Evolution of the health status of the device
Your business will not be subject to the same cyber risks depending on the types of data being processed. Contact us to determine the most suitable ProHacktive solution for your organisation and business.
No sensitive information leaves the corporate network. All confidential information stays on the Sherlock® solution and is only accessible by logging in from the corporate network. In reality, ProHacktive is unable to store your data on its network. Our hardware was simply not designed for the purpose of transmitting personal data.
ProHacktive does not have access to:
• Nor to any personal data on your network• Nor to any sensitive data• Nor to the types of security breaches
The reasons are simple:
• We want to respect the law• We want to respect our philosophy and values• We want to establish a relationship of trust with our customers• We don't want to become the target of all the hackers in the world attracted to our customers' network vulnerabilities and personal data
In sum, the only personal data processed by ProHacktive is the administrative information necessary for the execution of the ProHacktive Service (last name, first name, email and mobile phone number of the contractual contact) obtained at the time of signing the contract.
When we start a partnership with a customer, we obviously have to create a customer account and therefore collect data. In this case too, we limit the processing to the strict minimum.
• Name of contact• First name of contact• Email and mobile phone number of contractual contact (if non-professional)
And that's it! All other processed data is related to the company's legal & administrative information and billing information (postal address, payment information...).
The data is used to process the contractual contact's information.
All the above mentioned collected data are collected for the exclusive purpose of the execution of the contract between ProHacktive and the Client:
• Company legal information• Company administrative information• Company billing information• Company contractual contact administrative information
ProHacktive processes the above mentioned data for the duration of the contract. At the end of our partnership, Prohacktive deletes these personal data within three (3) months. Under no circumstances will it be transferred, free of charge or otherwise, to a third party.
Please note that the data will not be transferred to a third party.
ProHacktive works with partners and subcontractors: distributors, resellers, outsourcers, auditors, pentesters, etc... As stipulated in the RGPD, they « present sufficient guarantees regarding the implementation of technical measures » (Article 28). Moreover, they have all accepted by oral agreement our charter of good conduct and compliance RGPD. By this charter, they commit themselves to respect the philosophy and values of ProHacktive towards the processing of personal data and the security of your computer networks.
Like ProHacktive, our subcontractors and partners do not have access to your network data.
• Changes in the number of connected devices• Changes in the number of devices by criticality level• Changes in your network's overall ProHacktive security score• Your network's public IP address and gateway IP address
• The IP address and MAC address of the Sherlock® solution• The physical data of the Sherlock® solution (temperature, voltage, CPU, GPU, RAM, HDD and internal software statistics)
ProHacktive's subcontractors therefore do not collect ANY sensitive data or personal data on your network.
• The types of connected devices• The IP addresses of the connected devices• The MAC addresses of the connected devices• The installed OS and software of the devices• The emails and phone numbers that the Sherlock® solution might detect on the devices• The contact lists that the Sherlock® solution could detect on the devices• The names of users and administrators that the Sherlock® solution could detect on the devices• The data on the devices' hard disks or servers (documents, photos, videos...)• etc...
A feeling of déjà vu? Normal, the very structure of ProHacktive services simply does not allow for the collection of this data.
• CNIL website: https://www.cnil.en/• Text of the RGPD : https://www.cnil.fr/fr/reglement-europeen-protection-donnees
For any additional information, please contact us at support@prohacktive.io or by mail at the following address ProHacktive, 8 rue des métiers, 05000 Gap, France.
DPO rent: Pierre Kessler