Sttor Documentation

Appearance

First Branch Scan

Branch scans give you a “full picture” for a branch (commonly main/master), and are also how you typically generate branch-level SBOMs.

How It Runs

  1. Scans run automatically on pushes, and you can also trigger a branch scan manually from the UI.
  2. Branch scans are typically used for:
    • Baseline security posture
    • Compliance readiness reporting
    • SBOM generation per branch
    • Tracking issue history over time

Expected Outcomes

  • A complete issue list for the branch
  • A branch SBOM (where enabled)
  • Trend/history visibility for recurring issues

Data Storage, In-House Scanner, and Enterprise Options

Sttor Platform is designed so enterprises can keep control of data and execution.

Supported Enterprise Models

  • In-house scanner (Enterprise): run the scanner in your environment.
  • In-house bucket hosting: store scan artifacts in your own S3-compatible bucket.
  • Hybrid: scanner on-prem + bucket in your cloud account.

Data Handling Principles

  • All tenant scan data can be stored in a customer-managed S3-compatible bucket.
  • In enterprise setups, Sttor does not store tenant data (data lives in your storage).
  • This model supports stronger internal governance and easier compliance alignment.

Copyright © 2026 Sttor