Skip to content

Qdrant Security (Vector Database)

Overview

Overview

Qdrant is the vector database engine used for whitebox pentesting and web crawling. It stores vector embeddings of: - Source Code: Uploaded source code artifacts are indexed here to enable semantic search during code analysis. - Crawled Content: Data scraped from target web applications by the crawler mechanism.

Security Features

1. Proxy & Authentication

  • Protected by Nginx reverse proxy.
  • API Key: Requests must include the QDRANT_API_KEY.
  • HTTPS: TLS encryption for all vector data in transit.

2. Database Isolation

  • Logical Separation: We utilize Qdrant's collection/tenancy features to separate data.
  • Per-Pentest Context: Data ingestion and retrieval are scoped to specific collections representing the pentest or retest, ensuring the AI doesn't mix context between different security assessments.