Privado
  • Privado
  • Getting Started With Privado
    • Quick Start
    • Running a Scan
    • Understanding Results
    • Command Reference
    • Understanding privado.json
      • Sources
      • Processing
      • Data Flow
      • Collections
      • Violations
  • Understanding Rules
    • What are Rules?
    • Sources
    • Sinks
      • Understanding Sinks
      • Storages
      • Third Parties
      • Leakages
      • Internal APIs
    • Collections
    • Policies
  • Tutorials
    • How to scan a repository using Privado
  • Customizing Privado
    • Add a new Source
    • Add a new Leakage Sink
    • Add a new Storage Sink
    • Add a new Third Party Sink
    • Add a new Policy
  • ROPA Report
    • Generating ROPA Report
  • Play Store Data Safety Report
    • Generate Play Store Data Safety Report
    • Uploading results to Play Store
  • Extra
    • Configurations
    • Contributing through GitHub
  • About Privado
    • LICENSING
    • Privacy Policy
    • Security
Powered by GitBook
On this page
  • Privado Dashboard
  • Data Elements
  • Data Flow Diagrams
  • Data Inventory
  • Code Analysis
  • Issues
  • privado.json
Edit on GitHub
  1. Getting Started With Privado

Understanding Results

PreviousRunning a ScanNextCommand Reference

Last updated 2 years ago

When a scan is complete, by default a local result file (<source directory>/.privado/privado.json) is generated. This result file contains details of what all Privado found while scanning your code - this includes data elements, data flows, inventory of 3rd party sinks etc. To know more about what is inside privado.json head to

Privado Dashboard

When configured, results can also be directly shown o the Privado’s cloud dashboard for better analysis. Let’s see what all we can see in the dashboard.

Data Elements

These are personal data elements that are being collected, processed, or shared in the code.

Data Flow Diagrams

They show detailed usage of any particular data element, making it easier to understand data flows and identify privacy and security risks.

Data Inventory

These are either third parties where the data is being shared for processing or databases where it is being stored.

Code Analysis

For developers, it also generates a line-by-line flow of the data element for easy identification of the detected flow.

Issues

Privacy and data security threats, and compliance policy violations result into issues. Threat issues can be directly mitigated by applying the code fix. Example: Email and Date of Birth are logged as plain text in the log file. The guidance is provided to developers on how to fix the issues. The compliance issues are result of the governing policies such as no application can access credit card data except “payment” micro-service.

Check out some of our blogs on how these issues can sometimes lead to big problems. (links to case studies on data leaks)

privado.json

With all the results neatly compiled in a JSON file, it enables developers to extract other useful information from the code scan to create their own analysis. The resulting privado.json file looks something like this,

this section.
Example data elements found in a repository scan
Example data inventory found in a repository scan