Files

Overview of the Files page for managing and accessing files in the Praetorian Guard Platform

Overview

The Files page provides a secure file store for your organization within the Praetorian Guard Platform (PGP). It serves as a central location for files related to your security engagements — including vulnerability evidence, proof of exploitation, compliance reports, and configuration documents shared between your team and Praetorian.

What You'll Find on the Files Page

The Files page contains files that are relevant to your organization's security assessments and ongoing engagements. Common file types include:

  • Proof and evidence files — Technical evidence supporting vulnerability findings. These files are generated during scanning and assessment activities and are linked to specific vulnerabilities. You can also view evidence files directly from the Evidence tab on any vulnerability's detail drawer.

  • Compliance reports — Penetration test reports and other deliverables produced by Praetorian operators for your engagements. These include executive summaries, findings, remediation guidance, and supporting appendices.

  • Engagement configuration files — Documents you upload for your engagements, such as scope exclusion lists or standard operating procedure exceptions.

  • Credential files — Securely shared credentials for authenticated testing, such as domain user accounts provided for internal security assessments.

Uploading and Downloading Files

File access is governed by your role:

  • Admin and Analyst roles can upload and manage files.

  • Read Only role can download and export files but cannot upload or modify them.

To upload a file, use the upload interface on the Files page. Files are associated with your organization's account and are accessible to authorized users within your organization.

Files can also be uploaded programmatically using the Guard Platform API and Python SDK (praetorian-cli). For example, proof files can be attached to specific vulnerabilities through the SDK's file operations.

File Security

Files stored in PGP are protected by multiple layers of security:

  • Encryption at rest — All files are stored in Amazon S3 with AES-256 encryption. Each tenant's data is protected by unique encryption keys, ensuring that your files are cryptographically isolated from other organizations.

  • Encryption in transit — All communication between your browser and the platform is secured with TLS 1.3, using strong cipher suites (AES-GCM, ChaCha20-Poly1305) with Perfect Forward Secrecy.

  • Tenant isolation — File access is restricted to authorized users within your organization through row-level security and tenant-specific identifiers.

  • Secure deletion — When files are no longer needed, they are removed using standard S3 deletion APIs. Full account deletion includes comprehensive cleanup of all stored files and artifacts.

PGP's file storage infrastructure aligns with SOC 2 Type 2, PCI DSS, and HIPAA compliance requirements.

Support

If you have questions about accessing or managing files, contact our support team at support@praetorian.com.