Data retention and data availability for expired licenses
Data retention for expired licenses in Invicti Enterprise is a key aspect for organizations managing security scans and vulnerability data. When a license expires, it is important to understand how Invicti Enterprise handles stored information, including scan results and reports. Clear retention policies help organizations maintain compliance, safeguard historical records, and manage their data effectively.
This document outlines Invicti Enterprise’s approach to data retention after license expiration.
Data retention after license expiry
Invicti Enterprise On-Demand
The Data Retention period for expired licenses, regardless of whether they are a POC (Proof of Concept), is 60 days. For customers with licenses that have expired for more than 60 days, the following actions will be taken on day 61:
- Deletion of all scan files
- Deletion of all reports
- Deletion of all user information
- Deletion of all trouble tickets
- Deletion of all demo targets and related data
Additionally, data can be permanently deleted from Invicti Enterprise On-demand upon request.
Invicti Enterprise On-Premises
With Invicti Enterprise On-Premises, the responsibility of data retention and deletion is entirely on your organization using the software since it is installed and managed locally. This gives you full control over your data—how it is stored, secured, and eventually disposed of, according to your own policies and regulations.
Data availability after license expiry
Invicti Enterprise On-Demand
On the expiry date, the account gets disabled, making the data invisible to the customer. Sixty (60) days after expiry, on the 61st day, the account and all its cloud data are deleted.
Invicti Enterprise On-Premises
With Acunetix 360 On-Premises, all data remains within your own infrastructure. Since it is hosted on your servers, you have full control over data retention, management, and deletion policies. You can still log in to view old data; however, you cannot create new scans.