Logo

Cyber Silo Threat Search Platform

Effective Date: January 1st, 2024

Privacy Policy

In cybersecurity, trust is everything. At Cyber Silo, we believe trust starts with being open about how we handle your data. That’s why we built ThreatSearch — our always-on threat intelligence platform designed to collect, analyze, and strengthen defenses against cyber risks in real time.

This Privacy Policy explains, in clear and straightforward terms, what information we collect, how we use it, and how we keep it safe. It also outlines your choices and rights regarding your data, so you know exactly what to expect when using our services. Our goal is to give you full transparency and confidence while using the Platform.

By using the ThreatSearch Platform (“Platform”), you agree to the practices described here. If you do not agree, please do not use the Platform.

Information We Collect

The ThreatSearch Platform collects and processes different types of data. Our main focus is on non-personal threat indicators that are important for cybersecurity and protecting your systems. We only collect what is needed for the Platform to work properly and to keep your experience secure and reliable.

  1. Threat Data (Your Submissions):
    • This is the information you provide to the Platform for analysis. It includes IP addresses, URLs, domains, file hashes (MD5, SHA-1, SHA-256), and other related threat indicators (“Submissions”).
    • This data is at the core of how the Platform works. Without this input, the Platform cannot generate meaningful security insights for you.
  2. Technical Data (Automatically Collected):
    • When you use the Platform, certain details are collected automatically. These may include your IP address, browser type, operating system, timestamps, and usage logs.
    • This helps us keep the Platform secure and ensure smooth operations. It also allows us to monitor performance and quickly fix issues if they occur.
  3. Derived Data (Analysis Results):
    • Based on your Submissions, the Platform generates results and insights. These include threat classifications (for example, malware or phishing), risk scores, severity levels, and metadata from behavioral analysis.
    • This processed data helps you take action quickly and effectively. It also allows us to improve the accuracy of our threat intelligence over time.

Important: Please avoid submitting personal or confidential information unless it is absolutely required for threat analysis. The Platform is designed to work with technical threat data, not personal details. Providing unnecessary personal data may create risks, and we want to ensure your information stays protected.

How We Use Your Information

We use the data collected through the ThreatSearch Platform only for clear and legitimate purposes that support our mission of strengthening cybersecurity. Each use is focused on keeping the Platform effective, secure, and valuable for our users.

We do not use your data for advertising or unrelated activities. Our goal is to make sure the information you provide directly contributes to improving protection and security.

  1. Threat Analysis and Validation: The main purpose of your submissions is to be analyzed and enriched so we can confirm whether they represent real threats. This allows us to provide you with accurate results, clear threat classifications, and intelligence that you can act on right away. These results help you make informed security decisions quickly. We also use this process to improve the accuracy of our threat detection over time.
  2. Platform Operation and Improvement: We use collected data to run and maintain the Platform on a daily basis. This includes keeping our systems updated, improving features, and ensuring smooth performance. Data also supports improvements to our automated threat scoring tools and integration with multiple threat feeds. This helps us deliver more reliable outcomes for all users. Regular improvements ensure that the Platform adapts to new and evolving cyber threats.
  3. Security Research: Data helps us perform wider security research that goes beyond individual submissions. We use it for statistical analysis, pattern recognition, and identifying new trends in cyber threats. Insights from this research are then used to create reports, alerts, and guidance that strengthen security for everyone. These insights are shared in a way that protects individual users while still contributing to global cybersecurity knowledge. This ensures that your data serves a greater purpose in advancing security research.
  4. Community Defense: In some cases, we share anonymized and relevant threat intelligence with trusted partners, industry groups (ISACs), and the broader security community. This collective effort helps build stronger defenses and ensures that everyone benefits from shared knowledge of emerging risks.
    • The information shared never contains personal details, and it is carefully handled to focus only on threat indicators. This sharing allows the entire community to stay ahead of attackers more effectively.

Data Sharing and Disclosure

We only share information in limited situations and always for clear, specific purposes. Data is never shared casually or for unrelated use, and we make sure it is handled with care. We carefully review each case of sharing to ensure it is necessary and aligned with our privacy commitments.

  1. Threat Intelligence Sharing: Your submissions may be included in public or private threat intelligence feeds. These feeds are shared with trusted partners, security researchers, and the wider cybersecurity community to strengthen defenses. Sharing this data is a core part of the Platform’s value, as it helps everyone respond faster to new and evolving threats.
    • All shared data is reviewed to ensure it supports security goals and protects user confidentiality. We focus on sharing only the information that is relevant for security purposes, keeping your data safe at all times.
  2. Legal Obligations: In some cases, we may be required by law to share certain information. This can include requests from law enforcement agencies or regulatory authorities. Such disclosures are made only when legally necessary and always in compliance with applicable laws.
    • We will never provide more data than is required for the specific request. If this happens, we handle the process carefully and keep your rights in mind.
  3. Service Providers: We work with trusted third-party providers, such as cloud hosting companies, to help us run the Platform. These service providers may process data on our behalf, but they are bound by strict agreements that prevent them from using your information for their own purposes.
    • They are required to follow the same security and confidentiality standards we apply internally. We regularly review our providers to make sure they continue to meet these standards.

Data Security

We implement reasonable technical and organizational measures to protect data, including encryption in transit and at rest, access controls, and regular security assessments. These steps are in place to make sure your information is kept safe and handled properly at all times. We also review our security measures on a regular basis to keep them effective and up to date with new standards.

However, no system is completely secure, and we are transparent about this inherent risk. We work continuously to reduce risks as much as possible and respond quickly to any potential issues. Users are responsible for ensuring their submissions comply with applicable laws and for not submitting unnecessary sensitive data. Limiting submissions to what is required helps keep both your data and the Platform more secure.

Data Retention

We keep data for different lengths of time depending on its type and purpose. This helps us balance the need for security, research, and platform improvement while avoiding keeping unnecessary information. We clearly define these periods so that data is only stored for as long as it is useful and required.

  1. Threat Data and Analysis Results: These may be kept indefinitely. This is important for ongoing research, long-term trend analysis, and improving how the Platform works over time. Keeping this data allows us to strengthen threat detection and provide better intelligence in the future. This information is stored securely and used only for security-related purposes.
  2. Technical Logs: These are stored for a shorter period of time. Logs are only kept as long as they are needed for security checks, auditing, and fixing technical issues. Once they are no longer required, they are deleted or securely removed. This helps us manage data responsibly while still supporting the safe operation of the Platform.

We regularly review our retention practices to ensure that data is not kept longer than necessary. Our goal is to keep only what is useful and relevant for security purposes. This approach helps protect privacy while still supporting cybersecurity needs.

User Rights and Choices

In some situations, depending on the law that applies (for example, under GDPR), you may have certain rights over your personal data. These rights can include:

  • Accessing the data we hold about you
  • Requesting corrections to your data
  • Requesting deletion of your data
  • Restricting how your personal data is processed

We respect these rights and will handle all valid requests carefully and in line with legal requirements. These rights are designed to give you more control and transparency over how your information is used.

If you wish to exercise these rights, you can contact us at [email protected]

Cookies and Tracking Technologies

The Platform collects certain technical data automatically, such as your IP address and browser details. This information is used to support essential functions, maintain security, and provide analytics that help us improve your overall experience. These measures ensure the Platform works smoothly and reliably for all users. We regularly review this data to make sure it is used only for the purposes explained here.

We may also use cookies to manage active sessions and support Platform performance. Cookies help us keep you logged in securely, remember basic settings, and improve how the Platform responds to your use. All cookies are used only for necessary and operational purposes, not for advertising or unrelated tracking. You can manage or disable cookies through your browser settings, but some features of the Platform may not work properly if cookies are turned off.

Third-Party Links

The Platform may include links to other websites, such as external resources or partner sites. Please note that this Privacy Policy applies only to the ThreatSearch Platform. Once you leave our Platform and visit another site, their privacy practices and policies will apply instead of ours.

  • External links may lead to sites with different privacy practices.
  • Review privacy policies of any external sites you visit.
  • Be cautious about sharing personal or sensitive information on third-party sites.

We are not responsible for how third-party websites collect, use, or protect your information. For your safety, we encourage you to review the privacy policies of any external sites you visit through our links. This will help you understand how your data is handled outside of our Platform. We also recommend being cautious about sharing any personal or sensitive information on third-party sites, as their security measures may differ from ours.

International Data Transfers

Because the Platform uses global cloud systems and shares threat intelligence across regions, your data may be processed or stored in countries outside of your own. This is necessary to ensure fast performance, reliable operations, and effective threat sharing worldwide.

  • Your data may be processed or stored internationally.
  • We use safeguards and work with trusted providers to protect your data.
  • We regularly review transfers to ensure compliance with privacy laws.

By using the Platform, you agree to these international transfers of your data. We take steps to make sure your information remains protected, no matter where it is processed. This includes applying appropriate safeguards and working only with trusted providers who follow strong security and compliance standards.

In addition, we review these transfers regularly to confirm that they meet applicable privacy and data protection laws. Our goal is to ensure that your information is always handled responsibly and with the highest level of care, regardless of the country in which it is stored or processed.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. Whenever updates are made, the latest version will always be posted on this page so you can stay informed.

  • Policy updates will be posted on this page.
  • Continued use after updates means you accept the revised policy.
  • Significant changes may be announced by email or within the Platform.

If you continue to use the Platform after updates are published, it means you accept the revised policy. We encourage you to review this page regularly so that you always understand how your data is being handled.

For significant updates, we may also provide additional notice, such as an email notification or an announcement within the Platform. This ensures that you are aware of any important changes that may affect how your information is managed. Our commitment is to keep you informed and maintain transparency at all times.

Contact Information

If you have any questions about this Privacy Policy or how we handle your data, we are here to help. You can reach our team directly using the details below: