Tools Agents Data Destruction Sell to Us Blog Contact
Instagram Log In Get Started

Security & Compliance

Last updated: January 25, 2026

1. Introduction

At ITAD Tools, security is foundational to everything we build. This document describes our Security Agent—an automated security monitoring system that continuously protects our infrastructure, codebase, and user data. The Security Agent operates 24/7 to detect vulnerabilities, monitor for threats, and ensure compliance with security best practices.

2. What is the Security Agent?

The Security Agent is an automated security monitoring service that runs continuously on our infrastructure. It performs the following core functions:

  • Automated Secret Detection: Scans our entire codebase for exposed credentials, API keys, private keys, and database passwords
  • File Permission Monitoring: Validates that critical configuration files maintain proper access restrictions
  • Login Threat Detection: Tracks user authentication events and identifies suspicious access patterns
  • Continuous Compliance Monitoring: Ensures security controls remain in place and alerts administrators to any deviations

3. Secret and Credential Detection

Our Security Agent continuously monitors our codebase across all application directories using sophisticated pattern-matching algorithms to detect potentially exposed secrets. This includes:

Types of Secrets Detected
  • API keys (including service-specific keys for third-party integrations)
  • Database connection strings with embedded credentials
  • Application secret keys and signing tokens
  • Email service credentials (SMTP/IMAP passwords)
  • Bearer tokens and authorization headers
  • SSH and PEM private keys (RSA, DSA, EC, OpenSSH formats)
  • Cloud provider credentials (AWS access keys, etc.)
  • Generic password assignments in code
How Detection Works

The agent uses 19 sophisticated detection patterns that scan all code files including Python, JavaScript, JSON, YAML, configuration files, shell scripts, and environment files. When a potential secret is detected:

  1. The finding is automatically classified by severity (Critical, High, Medium, or Low)
  2. A cryptographic fingerprint is generated to prevent duplicate alerts
  3. The secret value is automatically redacted in all logs and reports
  4. System administrators are immediately notified via email
  5. The finding is tracked until remediation is confirmed

4. File Permission Monitoring

The Security Agent monitors file system permissions on critical configuration files to ensure they maintain proper access restrictions. This includes:

  • Environment Files: Files containing sensitive configuration (database credentials, API keys) are monitored to ensure they have 0600 permissions (owner read/write only)
  • Application Directories: Working directories are monitored for proper ownership and access controls
  • Log Files: Log directories are checked to ensure they cannot be accessed by unauthorized processes

If file permissions deviate from security requirements, administrators are immediately alerted so corrective action can be taken.

5. Login Security and Threat Detection

Every user login to ITAD Tools is monitored for potential security threats. Our login security system tracks:

Monitored Events
  • New IP Address Detection: When a user logs in from a previously unseen IP address, the event is flagged and recorded
  • Suspicious Login Patterns: Multiple logins from different IP addresses within a short time window trigger security alerts
  • Login History: Complete authentication history is maintained for each user account
  • User Agent Analysis: Browser and device information is recorded to help identify unauthorized access attempts
Threat Response

When suspicious activity is detected, our system:

  1. Flags the login event for administrative review
  2. Records detailed information about the access attempt
  3. Enables administrators to investigate and take appropriate action
  4. Maintains an audit trail for compliance and forensic purposes

6. Automated Scanning Schedule

The Security Agent operates on the following schedule to ensure comprehensive coverage:

  • Nightly Scans: Full security scans run automatically every day at 1:00 AM Pacific Time
  • On-Demand Scans: Administrators can trigger immediate scans at any time through the security dashboard
  • Continuous Monitoring: Login security monitoring runs in real-time with every authentication event

All scan results are stored securely in our database for audit purposes and are accessible to authorized administrators through our security dashboard.

7. Severity Classification

Security findings are classified into four severity levels to help prioritize remediation:

Severity Description Examples
Critical Immediate risk of data breach or system compromise Private keys, database URIs, cloud provider credentials
High Significant security risk requiring prompt attention API keys, secret keys, bearer tokens, hardcoded passwords
Medium Moderate risk that should be addressed Encoded credentials, generic authentication tokens
Low Minor issues or potential false positives Generic patterns that may require review

8. Data Protection Measures

The Security Agent implements multiple layers of protection for sensitive information:

Secret Redaction

When secrets are detected, they are never stored or logged in plaintext. The agent implements smart redaction that shows only the first 4 characters followed by a redaction marker, preserving enough context for identification while protecting the actual secret value.

Deduplication

Each finding is assigned a cryptographic fingerprint (SHA256 hash) to prevent duplicate alerts and enable efficient tracking of findings through their lifecycle: open, acknowledged, resolved, or marked as false positive.

Access Control

The security dashboard is restricted to administrator accounts only. All access to security findings and the ability to manage finding status is logged and auditable.

Secure Storage

All security findings and audit logs are stored in our encrypted database with complete audit trails maintained for compliance purposes.

9. System Hardening

The Security Agent runs with restricted permissions following the principle of least privilege:

  • Dedicated Service Account: Runs under a dedicated non-root service account
  • No New Privileges: Prevented from acquiring additional privileges during execution
  • System Protection: Cannot modify core system files or directories
  • Home Protection: Cannot access user home directories
  • Private Temp: Uses isolated temporary file storage
  • Kernel Protection: Restricted from kernel modification capabilities

10. Permissions Agent

In addition to the Security Agent, we operate a Permissions Agent that continuously monitors and hardens service configurations across our infrastructure:

  • Monitors systemd service configurations for security compliance
  • Proposes hardening improvements based on security best practices
  • Tracks all services and their permission profiles
  • Implements approval workflows for permission changes
  • Maintains complete audit logs of all modifications

11. How This Protects You

Our Security Agent protects your information and data in several ways:

Your Account Security
  • Login monitoring detects if someone else gains access to your account
  • New device and location detection helps identify unauthorized access
  • Suspicious pattern detection catches potential account compromise early
Your Data Protection
  • Credential scanning prevents accidental exposure of authentication data
  • File permission monitoring ensures your uploaded data remains protected
  • Continuous monitoring catches vulnerabilities before they can be exploited
Platform Integrity
  • Automated scanning ensures our codebase remains free of exposed secrets
  • System hardening prevents privilege escalation attacks
  • Audit trails enable rapid investigation and response to any incidents

12. Compliance Standards

Our security practices are designed to align with industry-standard security frameworks and best practices, including:

  • OWASP Security Guidelines for web application security
  • CIS Benchmarks for system hardening
  • Principle of Least Privilege for access control
  • Defense in Depth security architecture
  • Continuous monitoring and logging best practices

13. Incident Response

When the Security Agent detects a potential security issue:

  1. Immediate Notification: System administrators receive email alerts for new findings
  2. Severity Assessment: Findings are automatically classified by risk level
  3. Investigation: Security team reviews and investigates the finding
  4. Remediation: Appropriate corrective actions are taken
  5. Verification: Follow-up scans confirm the issue has been resolved
  6. Documentation: All actions are logged for audit and compliance purposes

14. Transparency and Trust

We believe in transparency about our security practices. This document describes the automated security monitoring that protects our platform and your data. We continuously improve our security measures and will update this document as our security capabilities evolve.

15. Questions and Contact

If you have questions about our security practices or want to report a security concern, please contact us:

ITAD Tools Security
Email: admin@itadtools.com
Website: itadtools.com/contact

For security vulnerabilities, please email us directly rather than posting publicly. We take all security reports seriously and will respond promptly.