Traversal
Traversal (https://traversal.com/) is building an AI site reliability engineer to automatically resolve and prevent costly platform reliability issues. We make systems stable by working through backlogs of customer support tickets, un-investigated incidents, or live reliability issues. Our AI parses your metrics, events, logs, and traces to find the root causes of system downtime and even suggests code fixes. Our Slack application allows users to run investigations manually, follow-up with our AI as a copilot, and set up automatic triggers for our ambient AI to triage alerts and root cause incidents.Traversal uses large language models (LLMs) to analyze telemetry and conversation context, generate explanations, and suggest next steps. Because LLMs can sometimes produce inaccurate or incomplete responses, please validate recommendations before acting.
Traversal will be able to view:
Traversal will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Traversal
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Our data retention policy is to keep customer data for as long as an account remains active.
When an account is voluntarily closed, its data is marked “expired.” Expired data is retained for 30 days and then permanently deleted. Customers should download their data before closing an account.
If an account is involuntarily suspended, it becomes inaccessible for a 30-day grace period. During that time, the account can be reopened if payment obligations are met and any Terms-of-Service violations are resolved. After 30 days, the account is closed, its data enters the “expired” state, and it will be deleted 30 days thereafter unless applicable law requires a longer retention period.
The Data Retention Schedule is as follows. Corporate records—such as board and committee minutes, corporate seals, articles of incorporation, bylaws, and annual reports—are stored in Google Drive and retained for five years.
HR records are retained for five years. Employee personnel records (including attendance, applications, status changes, performance reviews, terminations, withholding information, garnishments, test results, and training and qualification records) are stored in Google Drive. Individual employment contracts are stored in Dropbox. Employment-agency correspondence and job-opening advertisements are stored in Google Drive. Job descriptions and postings are also stored in Google Drive.
Log data is typically retained for 15-30 days. CloudWatch logs are stored in AWS CloudWatch and S3, and application logs are stored in Datadog.
Data archiving and removal policy
When an account is voluntarily closed, its data is marked “expired.” Expired data is retained for 30 days and then permanently deleted. Customers should download any needed data before closing an account.
If an account is involuntarily suspended, it becomes inaccessible for a 30-day grace period. During that time, the account can be reopened if payment obligations are fulfilled and any Terms-of-Service violations are resolved. After 30 days, the account is closed; its data is marked “expired” and will be deleted 30 days thereafter, unless applicable law requires a longer retention period.
Traversal’s data archival and removal policy requires that hard-copy materials containing sensitive data be destroyed when they are no longer needed for business or legal reasons. Destruction is carried out through secure means—such as shredding, pulping, or incineration—so the data cannot be reconstructed. Prior to destruction, hard-copy materials are kept in secure storage containers.
Electronic media that holds sensitive data is destroyed or rendered unrecoverable once it is no longer needed for business or legal purposes. Data on hardware (for example, hard drives) is disposed of through secure methods such as verified wiping or physical drive destruction.
Before any equipment is disposed of or reused, Traversal verifies that all storage media has been purged of sensitive data and licensed software. This information is either securely overwritten or completely removed.
When using cloud services, Traversal obtains assurances from its cloud providers that they have established policies and procedures for the secure disposal or reuse of resources. Cloud providers engaged by Traversal must ensure timely, secure disposal or reuse of resources—including equipment, data storage, files, and memory.
Data storage policy
Traversal’s Data Storage Policy requires that all stored data be properly categorized and assigned a retention schedule in alignment with the Asset Management Policy, Data Classification Policy, and Data Retention Policy. When determining how long to retain data, consider any statutory, regulatory, or contractual requirements; the type of data involved (for example, accounting records, database records, or audit logs); and the storage medium (such as paper, hard drives, or servers).
Data must also be properly stored and handled while at rest. In conjunction with the same policies, storage and disposal decisions should account for who is authorized to access or manage the data; clear identification of records and their retention periods; the impact of technology changes on the ability to access data throughout the retention period; acceptable timeframes and formats for retrieval; and appropriate methods of disposal.
Data center location(s)
United States
Data hosting details
We would use Amazon Web Services. S3 and RDS to store relevant data in their cloud based data center in the USA.
Data hosting company
AWS
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
yes
LLM model(s) used
OpenAI o3, Anthropic Claude 4, and possibly others pending future model updates.
LLM retention settings
We have zero data retention agreements with our LLM provider - no data is retained by the provider. We may retain LLM input/outputs for the purposes of improving data, with a default of 2 years but configurable.
LLM data tenancy policy
LLM Tenancy: In SaaS, every prompt/embedding carries an org_id; data, keys, and caches are namespace-isolated, and RLS+IAM block cross-tenant reads. In on-prem, the entire stack runs inside your VPC, eliminating multi-tenant sharing.
LLM data residency policy
LLM Residency: Managed SaaS stays in AWS us-east-1 / us-west-2. All sub-processors are locked to the same geography. LLM providers are also based in the USA.
Certifications & compliance
Data deletion request procedure
Deletion Requests: An admin opens a ticket with tenant ID and date range; automated tasks erase rows, vectors, S3 objects, and backups, then email a deletion confirmation to the requester.
If a user would like to make a request to delete their data, they can email us at security@traversal.com for any of their data concerns.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2025-02-07
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
We support any OIDC-compatible SSO (using Auth0).
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@traversal.com
Has a vulnerability disclosure program
no
Has a bug bounty program
no
Requires third party authorization/connections
yes
Uses token rotation
no