Cookie Policy

Cookie Policy

Last Updated May 14, 2026

This Cookie Policy explains how Externalsight uses cookies and similar local storage technologies to operate our platform securely and effectively. As a professional cybersecurity tool, our approach is minimal and purpose-driven.

1. Essential Cookies & Storage

We utilize strictly necessary cookies and local storage mechanisms to deliver our core services. These cannot be disabled without breaking platform functionality.

  • Authentication & Security: We use JSON Web Tokens (JWT) via our authentication provider (Supabase) to securely verify your identity and maintain session continuity over secure endpoints. Tokens are stored in sessionStorage and are cleared automatically when your browser tab closes.
  • Abuse Prevention: Essential tokens to verify authorized traffic and prevent automated abuse against our infrastructure.

Security-first storage design: JWT tokens are never stored in localStorage (which persists across browser restarts). We use sessionStorage exclusively, so your credentials are automatically cleared when the tab is closed.

2. Functional Storage

We may utilize local browser storage to retain certain non-sensitive User Interface (UI) preferences, ensuring a consistent operational environment across browsing sessions — for example, preserving filter states or column layout preferences within the security dashboard.

No personally identifiable information or security findings are stored in browser-level storage. All sensitive data resides exclusively server-side, encrypted at rest.

3. No Tracking or Advertising

Externalsight does not use advertising cookies, behavioral trackers, or analytics SDKs that report to third parties. Our local storage usage is strictly limited to application delivery and security. We do not build user profiles, retarget visitors, or share behavioral data with any advertising network.

The following table documents every cookie and storage item used by the Externalsight platform:

Name / Key Storage Type Purpose Category Duration
sb-* sessionStorage Supabase access and refresh token state for authenticated API calls Essential Session (tab close)
sg-last-domain / sg-detail-* sessionStorage Current-tab dashboard snapshot cache for faster navigation Essential Session or short-lived cache expiry
UI preferences localStorage Dashboard layout & filter state persistence Functional Persistent (clearable)
Analytics / Ads None used

5. Managing Cookies

You possess the ability to govern cookie and local storage permissions directly through your web browser configuration. Most modern browsers allow you to:

  • View and delete all cookies and stored data for a specific domain.
  • Block third-party cookies (Externalsight does not set any, but this is good practice).
  • Clear sessionStorage and localStorage via your browser's developer tools.

Disabling essential cookies will prevent you from accessing authenticated areas of the Externalsight platform, including the security dashboard and scan reports. Non-essential UI preference storage can be cleared at any time without affecting platform security.

Cookie Enquiries Questions about how we use cookies or storage? Our privacy team can help.
privacy@externalsight.com