Skip to main content

Frequently asked questions

Which sources does ThreatKey support?

Tons! You can connect your ThreatKey account to any data source that has an integration. ThreatKey has a growing list of integrations, so if you don't see the one you need, let us know and we'll add it to our roadmap. Our goal is to make ThreatKey work with all of your data sources. You can browse the sources we support by going to the Environment tab and clicking Sources.

How does collaboration work on ThreatKey?

You can invite anyone to collaborate on your ThreatKey organization. You should only invite people you trust, because they will have access to all of your findings. You can invite people to your organization by going to the Settings tab and clicking Invite Collaborators.

Do you have a white-glove setup service?

ThreatKey's team of experts that can help you connect your data sources to ThreatKey. Just send us a message with the chat widget in the bottom right corner of your screen and we'll get you set up.

Interested in becoming a partner?

To become a partner, please reach out to us with the chat widget in the bottom right corner of your screen. We're always looking for new partners to help us grow and expand our reach to new customers. We look forward to hearing from you!

Support

Getting in touch with ThreatKey

You can chat with us using the widget in the bottom right corner of your screen. We're available 24/7 to answer any questions you may have. We look forward to hearing from you!

Governance, risk, and compliance

Does ThreatKey support role-based access control (RBAC)?

Yes, ThreatKey supports role-based access control. You can create roles for your organization and assign users to those roles. Soon, you will be also be able to create roles for your sources and assign users to those roles. Role-based access control lets you decide who has access to what data in ThreatKey.

Does ThreatKey sell or share the content of findings with third parties?

No, we don't sell or share the content of your findings with third parties. We only use the content of your findings to help you find more misconfigurations in your applications and infrastructure. We don't sell or share your findings with anyone.

What access does ThreatKey have to findings?

ThreatKey has multiple levels of internal access controls to ensure that only the right people have access to your findings. We also have a team of security experts that reviews all of our internal access controls on a regular basis to ensure that they're working as intended. Access is only granted via a secure process that requires two-factor authentication and an explicit access grant from the owner of your ThreatKey organization.

What access does ThreatKey have to data in sources?

ThreatKey doesn't have access to data within your sources. We only have access to the metadata about your source, such as the name and type of source and configuration details. Unless otherwise stated, we don't have access to the content of your sources, such as the data in your databases or the code in your repositories, unless you explicitly grant us access to that data.

Is ThreatKey compliant with GDPR and CCPA?

Yes, ThreatKey complies with GDPR and CCPA. We take your privacy very seriously. We will never sell or share your data with anyone. We only use your data to help you find more vulnerabilities in your applications and infrastructure. We also have a team of security experts that reviews all of our internal access controls on a regular basis to ensure that they're working as intended.

Is ThreatKey SOC 2 Type 2 certified?

Yes, ThreatKey is SOC 2 Type 2 certified. We take your privacy very seriously. We only use your data to help you find more misconfigurations in your applications and infrastructure. We also have a team of security experts that reviews all of our internal access controls on a regular basis to ensure that they're working as intended. If you have any questions about our SOC 2 Type 2 certification, please reach out to us with the chat widget in the bottom right corner of your screen.

Has ThreatKey undergone penetration testing?

Yes, ThreatKey has undergone penetration testing. At ThreatKey, we run a comprehensive security program that includes regular penetration testing by a third party. We also have a team of security experts that reviews all of our internal access controls on a regular basis to ensure that they're working as intended. If you have any questions about our penetration testing, please reach out to us with the chat widget in the bottom right corner of your screen. We're always happy to answer any questions you may have.

Troubleshooting

Signing in isn't working

If you are having trouble signing in, please try the following steps:

  1. Make sure you are using the correct email address.
  2. Make sure you are using the correct URL of your organization.
  3. Make sure you are using the correct method to sign in. You may need to use SSO instead of email.
  4. Clear your browser cache and cookies.
  5. Try signing in from a different browser or device.
  6. Try signing in from a different network. For example, you might need to sign in from your work network instead of your home network.
  7. Make sure any email filters you have set up aren't blocking emails from ThreatKey.
  8. Make sure any email detonation software isn't interfering with emails from ThreatKey (certain email security software may automatically detonate emails from ThreatKey, invalidating your link).

Connecting a source isn't working

You may not be able to connect a source for a variety of reasons.

  1. You may not have the correct permissions to connect a source.
  2. Your session may have expired. You may need to sign in again.
  3. The source may be unavailable on your current plan. You may need to upgrade to a higher plan.
  4. The source may be unavailable due to a temporary outage. For example, new enrollments of the source may be a paused during maintenance.
  5. The source may be unavailable as you have reached your limit of sources you can connect on your current plan. You may need to delete an existing source before you can connect a new one.

Inviting a collaborator isn't working

ThreatKey doesn't allow you to invite personal email addresses to your organization. This is to prevent people from accidentally inviting people they don't know to their organization. If you would like to invite someone to your organization, please use their work email address.