Privado scans code repositories of your products, applications, and backend services to surface privacy information. Like SAST tools, Privado connects with source code management (SCM) tools like GitHub, GitLab, Bitbucket.

Privacy code scanning provides real-time visibility and governance for how personal data is collected, used, shared, and stored by continuously scanning the code that runs your websites, user-facing applications, and backend systems. The scanning approach is similar to SAST tools in that they both connect SCM and CI/CD tools to scan code repositories, but they scan code for different purposes. SAST tools look for security vulnerabilities, and privacy code scanning identifies personal data usage and privacy risks.

Per laws like GDPR and CPRA, personal data is defined as any data linked directly or indirectly to a user. This includes identifiers like PII (email, SSN, ad IDs), sensitive data (health data, biometric data, PCI data), and a broader set of personal data. Privado currently supports and identifies over 200 personal data elements.

The privacy code scanning platform has the following components:

For applications built by your company's developers, Privado automates privacy compliance reporting and discover risks such as excessive data sharing or leaks to logs. See the following key use cases of Privado: