Privacy Policy

Last updated: June 7, 2026

ALFRED collects the information needed to operate the service, secure accounts, process scans, and provide investigation history.

Information Collected

• Account details such as email address, organization, role, tier, MFA status, and usage history.
• Submitted IOCs, URLs, domains, scan results, generated reports, and related enrichment metadata.
• User-provided threat intel API keys for VirusTotal, AbuseIPDB, urlscan.io, and Hybrid Analysis when saved in a profile.

How Information Is Used

• To run requested scans and AI-supported analysis.
• To show previous scan history, downloadable reports, account usage, and admin approval status.
• To maintain security, troubleshoot issues, prevent abuse, and improve ALFRED.

API Keys

User API keys are stored encrypted and are used only to perform requested enrichment for that account. ALFRED does not display saved API keys after they are submitted.

Third-Party Services

Submitted indicators may be sent to configured enrichment providers, such as VirusTotal, AbuseIPDB, urlscan.io, Hybrid Analysis, and OpenAI, depending on the feature being used.