Privacy Policy for Threat Intelligence Dashboard
Last Updated: December 2024
Introduction
Threat Intelligence Dashboard ("we", "our", or "the extension") is committed to protecting your privacy. This Privacy Policy explains how we handle information when you use our Chrome extension designed for Security Operations Center (SOC) teams.
Data Collection
We do not collect, store, or transmit any personal data or user information.
The extension operates locally on your device and only sends IOC (Indicator of Compromise) data to threat intelligence APIs when you explicitly request analysis.
What We Do
Local Storage
The extension uses Chrome's local storage API to:
- Store extension settings - Save your preferences such as auto-extract IOCs and API key configuration
- Store API keys - Securely store your optional threat intelligence API keys (VirusTotal, AbuseIPDB, Shodan) locally on your device
- Store IOC analysis results - Cache analysis results locally for your reference (optional, can be cleared)
All data is stored locally on your device using Chrome's secure storage API. API keys are encrypted and never transmitted except to the respective threat intelligence APIs when you request IOC analysis.
IOC Analysis and Threat Intelligence
The extension analyzes Indicators of Compromise (IOCs) when you explicitly request analysis:
- IOC Extraction - Extracts IOCs (IPs, domains, URLs, hashes, emails) from web pages you visit (only when you request extraction)
- Threat Intelligence Lookup - Sends IOC data to threat intelligence APIs (VirusTotal, AbuseIPDB, Shodan) only when you have configured API keys and request analysis
- Threat Scoring - Calculates threat scores locally based on API responses
- Result Storage - Stores analysis results locally for your reference
Important points:
- IOC extraction only happens when you explicitly request it (click "Extract from Page" or use keyboard shortcut)
- IOC data is only sent to threat intelligence APIs when you request analysis
- Only the IOC itself is sent (no personal information, no page content, no browsing history)
- API keys are stored locally and only used for your configured threat intelligence APIs
- Analysis results are stored locally and never transmitted to third parties
- No data is collected about your browsing habits or personal information
Permissions Explained
storage
Used to save your extension settings and optional API keys locally on your device. All data remains on your device and is never transmitted except to threat intelligence APIs when you request IOC analysis.
activeTab
Used to access the current tab's content for IOC extraction. The extension only accesses page content when you explicitly request IOC extraction. No data is collected or transmitted except when you request IOC analysis.
Host Permissions
https://www.virustotal.com/* and https://api.virustotal.com/* - To send IOC analysis requests to VirusTotal API (only when you configure API key and request analysis)https://www.abuseipdb.com/* and https://api.abuseipdb.com/* - To send IP analysis requests to AbuseIPDB API (only when you configure API key and request analysis)https://www.shodan.io/* and https://api.shodan.io/* - To send IP/domain analysis requests to Shodan API (only when you configure API key and request analysis)https://*/* - To extract IOCs from web pages you visit (only when you explicitly request extraction)
These permissions are only used to:
- Extract IOCs from web pages when you request it
- Send IOC data to threat intelligence APIs when you request analysis
- No data is collected or transmitted to third parties except to user-configured threat intelligence APIs
Data Sharing
We do not share, sell, or transfer any data to third parties.
All data remains on your device except:
- IOC Analysis Requests: When you request IOC analysis, the IOC data is sent to the threat intelligence API you have configured (VirusTotal, AbuseIPDB, or Shodan). This is done at your explicit request and only includes the IOC itself (no personal information).
- API Keys: Your API keys are stored locally and only used to authenticate with the respective threat intelligence APIs when you request analysis.
We do not:
- Collect personal information
- Track user behavior
- Share data with advertisers
- Sell data to third parties
- Use data for any purpose other than IOC analysis
- Access or store personal information
- Transmit any data to external servers except to user-configured threat intelligence APIs
Third-Party Services
The extension integrates with the following third-party threat intelligence services (only when you configure API keys):
- VirusTotal - IOC analysis service. See their privacy policy: https://www.virustotal.com/gui/terms-of-service
- AbuseIPDB - IP reputation service. See their privacy policy: https://www.abuseipdb.com/policies
- Shodan - Internet intelligence service. See their privacy policy: https://account.shodan.io/terms
When you use these services through the extension, you are subject to their respective privacy policies and terms of service. The extension only sends IOC data to these services when you explicitly request analysis.
Your Rights
Since we do not collect any personal data, there is no personal data to access, modify, or delete. All stored settings, API keys, and analysis results can be cleared by:
- Clearing extension settings in the extension popup
- Removing API keys from settings
- Uninstalling the extension
- Clearing Chrome's extension storage
- Disabling the extension
Children's Privacy
Our extension does not knowingly collect any information from children. Since we do not collect any personal data, this is not applicable.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify users of any changes by updating the "Last Updated" date at the top of this policy.
Compliance
This extension complies with:
- Chrome Web Store Developer Program Policies
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
By using Threat Intelligence Dashboard, you agree to this Privacy Policy.