Execution Model

Sttor Code is designed to work in CI-like workflows without forcing teams to change how they develop:

Triggers

• Automatic scans on every Pull Request and every push (based on your configured GitHub connection and scan settings).
• On-demand branch scans from the UI (useful for baselines, audits, and periodic checks).

Where Scanning Runs

You can run scanning in multiple modes:

• Sttor-hosted scanning (SaaS) for fast onboarding.
• Enterprise / in-house scanner for regulated environments (scanner can run on-prem).

Where Data is Stored

• Tenant data is stored in your own S3-compatible bucket (including “in-house hosting of bucket” for enterprise).
• Sttor does not store tenant scan data; the platform reads/writes via your configured storage boundary.