Data Retention
Orithos offers two data retention policies: Standard (30-day) and Zero-Knowledge. Choose based on your compliance requirements.
Retention policies
Standard (30-day)
Scan data, findings, and evidence are retained for 30 days. After this period, data is automatically purged by the cleanup cron job. Audit logs follow the same schedule. This is the default policy for all organizations.
Zero-Knowledge
Probe payloads and agent responses are never persisted beyond the scan execution window. Only metadata (scan ID, verdict, finding severity counts) is retained for 30 days. Agent API keys are still encrypted at rest but decrypted per-request.
Policy switching
Switching from Standard to Zero-Knowledge triggers an immediate purge of all stored probe payloads and agent responses. This operation is irreversible. A confirmation prompt is required before switching.
curl -X PATCH https://api.orithos.dev/v1/org/settings -H "Authorization: Bearer {admin_key}" -H "Content-Type: application/json" -d '{
"retention_policy": "zero-knowledge"
}'Cleanup cron
A daily cleanup job runs at 00:00 UTC and removes all expired data. The job logs the number of records purged per table. Failed purges are retried with exponential backoff up to 3 times before alerting.