[{"data":1,"prerenderedAt":1386},["ShallowReactive",2],{"nav-products":3,"nav-use-cases":644,"nav-compliance":915,"nav-company":1385},[4,285,305,414],{"id":5,"title":6,"body":7,"description":264,"extension":265,"features":266,"heroImage":266,"image":266,"listingImage":267,"meta":268,"navigation":269,"path":272,"seo":273,"stem":274,"tags":275,"useCases":266,"__hash__":284},"products/products/devtools.md","DevTools - Live Traffic Inspection",{"type":8,"value":9,"toc":261},"minimark",[10,40,50,69,81,113,116,138,142,149,154,159,163,183,190,194,258],[11,12,18,27,33],"prose-hero",{"className":13,"description":15,"subTitle":16,"title":17},[14],"-mb-20","See live traffic without proxies, certificates, \u003Cbr/>or code changes","Chrome-Style Network Tab\u003Cbr/>\u003Cspan class=\"text-grape\">For Your Linux Server\u003C/span>","Qpoint DevTools",[19,20,23],"ux-button",{"href":21,"kind":22},"https://github.com/qpoint-io/qtap","stroke",[24,25,26],"p",{},"View on Github",[19,28,30],{"href":29,"kind":22},"/contact",[24,31,32],{},"See a Demo",[34,35,37],"template",{"v-slot:right":36},"",[38,39],"dev-tools-quick-install",{},[41,42,46],"div",{"className":43},[44,45],"mt-0","md:mt-8",[47,48],"dev-tools-demo-video",{"max-width":49},"1100",[51,52,57,66],"layout-grid",{"className":53,"columns":56},[54,55],"items-center","my-10","2",[58,59],"prose-section-headline",{":border":60,"title":61,"className":62,"description":63,"eyebrow":64,"eyebrowClasses":65},"true","Debugging Live Traffic is Painful",[],"Traditional debugging tools stop working the moment HTTPS encryption enters the picture, leaving you guessing what went wrong when APIs fail in production.","The Challenge","text-red",[67,68],"dev-tools-server-stack",{},[51,70,72,78],{"className":71,"columns":56},[54],[58,73],{":border":60,"title":74,"className":75,"description":76,"eyebrow":77},"Inspect Live Traffic in your Browser",[55],"QTap DevTools gives you a local browser-based view of all HTTP/S traffic on a single host. Perfect for emergency troubleshooting when you need to debug a specific server right now.","The Solution",[79,80],"dev-tools-mini-browser",{},[51,82,85,98],{"className":83,"columns":56},[84],"items-start",[58,86,90],{":border":60,"title":87,"className":88,"description":89},"How It Works",[],"A lightweight, Linux-native sensor running in a guaranteed safe eBPF sandbox, taps into network traffic before and after encryption occurs. The raw data is then re-assembled into protocol-level events and forwarded to a browser-based interface.",[19,91,95],{"href":92,"kind":22,"className":93},"https://docs.qpoint.io/guides/devtools-guides/getting-started-with-devtools",[94],"inline-flex",[24,96,97],{},"View Installation Instructions",[41,99,103],{"className":100},[101,54,102],"flex","flex-col",[41,104,108],{"className":105},[106,107],"w-full","md:mt-20",[109,110],"img",{"className":111,"src":112},[106],"/images/2025.Q4/qtap-server-detailed.svg",[58,114],{":border":60,"title":115},"Key Capabilities",[51,117,121,126,130,134],{"className":118,"columns":120},[119],"mt-20","4",[122,123],"prose-point-simple",{"sub":124,"title":125},"eBPF hooks into TLS libraries before encryption happens","See Inside HTTPS Without Proxies",[122,127],{"sub":128,"title":129},"Know exactly which container made each request","Process & Container Attribution",[122,131],{"sub":132,"title":133},"Full request/response with headers, body, and timing","Complete HTTP Transaction Details",[122,135],{"sub":136,"title":137},"New requests appear instantly via Server-Sent Events","Real-Time Streaming",[58,139],{":border":60,"title":140,"className":141},"What's in the Box?",[119],[143,144],"prose-point",{":images":145,"description":146,"layout":147,"title":148},"[\"/images/2025.Q4/dev-tools-requests-1.a.gif\",\"/images/2025.Q4/dev-tools-requests-1.b.gif\"]","The closest equivalent to Chrome DevTools' Network tab. Click any request to inspect the complete transaction, copy as cURL, and debug authentication failures by seeing exactly what was sent.","[.][+++]","Requests",[143,150],{":images":151,"description":152,"layout":147,"title":153},"[\"/images/2025.Q4/dev-tools-connections-1.a.gif\",\"/images/2025.Q4/dev-tools-connections-1.b.gif\"]","Every network connection with process attribution. See which external services your application connects to and identify unexpected outbound connections.","Connections",[143,155],{":images":156,"description":157,"layout":147,"title":158},"[\"/images/2025.Q4/dev-tools-processes-1.a.gif\",\"/images/2025.Q4/dev-tools-processes-1.b.gif\"]","A real-time inventory of every process on the host. See what's actually running and correlate processes with network activity.","Processes",[58,160],{":border":60,"title":161,"className":162},"What Makes DevTools Different",[119],[51,164,167,171,175,179],{"className":165,"columns":120},[166],"mt-10",[122,168],{"sub":169,"title":170},"Shows plaintext HTTP/S automatically, no TLS keys needed","vs. tcpdump / Wireshark",[122,172],{"sub":173,"title":174},"No certificate installation, no proxy configuration, no restarts","vs. Proxy Tools",[122,176],{"sub":177,"title":178},"Captures complete HTTP/S traffic automatically, no code changes","vs. Application Logging",[122,180],{"sub":181,"title":182},"Single-host emergency troubleshooting vs. fleet-wide monitoring","vs. Qplane",[122,184],{"sub":185,"className":186,"color":189},"QTap DevTools brings the familiar Chrome DevTools experience to server-side debugging. Perfect for emergency troubleshooting and production incident response.",[187,188,166],"max-w-[740px]","m-auto","#DFDFDF",[58,191],{":border":60,"title":192,"className":193},"FAQ",[166],[41,195,203,210,216,222,228,234,240,246,252],{"className":196},[197,198,199,200,201,202,166],"grid","md:grid-cols-2","lg:grid-cols-3","gap-4","gap-y-10","gap-x-20",[204,205,207],"prose-faq",{"question":206},"Does this affect my traffic?",[24,208,209],{},"No, QTap DevTools is out-of-band and read-only, ensuring zero impact on latency or application performance. It captures traffic passively without interfering with your applications.",[204,211,213],{"question":212},"Can this crash my server?",[24,214,215],{},"No, QTap DevTools is safe and secure. The sensor runs in a guaranteed safe eBPF sandbox, which cannot crash your kernel.",[204,217,219],{"question":218},"How much CPU and memory does this use?",[24,220,221],{},"A lot of time and effort is spent to ensure QTap is lightweight and uses minimal resources. For most workloads, you can expect to see less than 1% of CPU and less than 200MB of memory.",[204,223,225],{"question":224},"Isn't this a huge security risk?",[24,226,227],{},"No, root access is required to run QTap, and if running in a production environment, we recommend binding to 127.0.0.1 and using SSH port forwarding to access the interface. There is no more risk than using any other traffic inspection tool.",[204,229,231],{"question":230},"What protocols are supported?",[24,232,233],{},"DevTools currently shows the process and connection metadata and all HTTP/S requests and responses. Additional protocols will be available very soon (PostgreSQL, MySQL, Redis, Kafka, DNS, etc.)",[204,235,237],{"question":236},"What apps and languages will this work with?",[24,238,239],{},"Qtap works with all major apps and languages, including Node.js, Python, Java, Go, Ruby, PHP, and more. If you don't see http traffic from your app, let us know!",[204,241,243],{"question":242},"Is DevTools free and open source?",[24,244,245],{},"Yes, QTap is free and open source. It is available on GitHub under the AGPL-3.0 license.",[204,247,249],{"question":248},"Can I get a different license?",[24,250,251],{},"Yes, QTap Pro is available under a commercial license. Please contact us for more information.",[204,253,255],{"question":254},"Does this work on Mac or Windows?",[24,256,257],{},"No, QTap DevTools is currently only supported on Linux. In the future, we will release QProxy to support non-Linux platforms.",[259,260],"request-demo",{},{"title":36,"searchDepth":262,"depth":262,"links":263},2,[],"Browser-based interface for server-side HTTP/S traffic debugging. See exactly what your applications send and receive in production, without code changes or proxies.","md",null,"/images/2025.Q3/q.tap.simple.hero.listing@2x.png",{},{"order":270,"parent":271},3,"products","/products/devtools",{"title":6,"description":264},"products/devtools",[276,277,278,279,280,281,282,283],"product","devtools","debugging","api-monitoring","troubleshooting","http","https","real-time","zUk3nYfNBcIE-HlblhLfCiTpbBHPFodO34D7vFcOq9Y",{"id":286,"title":287,"body":288,"description":292,"extension":265,"features":266,"heroImage":266,"image":266,"listingImage":293,"meta":294,"navigation":295,"path":297,"seo":298,"stem":299,"tags":300,"useCases":266,"__hash__":304},"products/products/qcontrol.md","QControl",{"type":8,"value":289,"toc":290},[],{"title":36,"searchDepth":262,"depth":262,"links":291},[],"Visibility and control for the AI agents in your environment","/images/2026.Q2/qcontrol-listing.png",{},{"order":296,"parent":271},0,"/products/qcontrol",{"title":287,"description":292},"products/qcontrol",[276,301,302,303],"agents","visibility","control","6IjbXWlzBtEW3i3kn3IZCYfWOAmazIk9TT2O0oQjf3w",{"id":306,"title":307,"body":308,"description":402,"extension":265,"features":266,"heroImage":266,"image":266,"listingImage":314,"meta":403,"navigation":404,"path":405,"seo":406,"stem":407,"tags":408,"useCases":266,"__hash__":413},"products/products/qplane.md","QPlane - Compliance Evidence",{"type":8,"value":309,"toc":400},[310,322,329,335,351,355,375,379,398],[11,311,317],{":maxImgWidth":312,"description":313,"image":314,"imageAlt":315,"title":316},"440","Qplane acts as a persistent, automated auditor for your backend infrastructure, providing the definitive, continuous evidence you need to satisfy auditors with a searchable, historical log of every data flow—source, destination, and data classification.","/images/2025.Q3/qplane@2x.png","Qplane platform dashboard showing automated compliance evidence and audit trails","Qplane",[19,318,319],{"href":29},[24,320,321],{},"Request a Demo",[58,323],{"className":324,"title":327,"eyebrow":328},[325,326],"!mt-0","mb-10","See Everything in One Place","Complete Visibility",[109,330],{"alt":331,"className":332,"src":334},"Qtap platform dashboard showing AI API connections and data classification",[333,106],"screenshot","/images/2025.Q3/screengrabs/inventory.spread.jpg",[51,336,338,342,345,348],{"className":337,"columns":120},[119],[339,340],"prose-big-point",{"title":341},"Vendors",[339,343],{"title":344},"Endpoints",[339,346],{"title":347},"API Tokens",[339,349],{"title":350},"Geolocations",[58,352],{"className":353,"title":354,":border":60},[119],"Key Features",[51,356,358,363,367,371],{"className":357,"columns":56},[119],[359,360],"prose-check",{"description":361,"title":362},"Generate reports that definitively prove regulated data has not left a defined network boundary.","Prove Data Residency",[359,364],{"description":365,"title":366},"Show auditors that traffic from sensitive systems is properly isolated.","Verify Data Segregation",[359,368],{"description":369,"title":370},"Replace weeks of manual log collection with a single source of truth.","Automate Evidence Collection",[359,372],{"description":373,"title":374},"Go beyond point-in-time audits with continuous visibility.","Continuous Compliance",[58,376],{"className":377,"title":378,":border":60},[166,326],"Use Cases",[51,380,382,386,390,394],{"className":381,"columns":56},[119],[339,383],{"title":384,"sub":385},"SOC 2 Compliance","Automated evidence collection for SOC 2 audits",[339,387],{"title":388,"sub":389},"PCI DSS","Prove PCI data has not left defined boundaries",[339,391],{"title":392,"sub":393},"GDPR","Demonstrate data residency and processing compliance",[339,395],{"title":396,"sub":397},"HIPAA","Verify PHI data flows and access controls",[259,399],{},{"title":36,"searchDepth":262,"depth":262,"links":401},[],"Pass audits with push-button simplicity by generating definitive proof of data residency",{},{"order":262,"parent":271},"/products/qplane",{"title":307,"description":402},"products/qplane",[276,409,410,411,412],"governance","compliance","audit","evidence","sTYQ09ugYYnOEenS5VM3L8KPbK05bq-howNnTG5X80k",{"id":415,"title":416,"body":417,"description":630,"extension":265,"features":266,"heroImage":266,"image":266,"listingImage":267,"meta":631,"navigation":632,"path":634,"seo":635,"stem":636,"tags":637,"useCases":266,"__hash__":643},"products/products/qtap.md","QTap - Visibility into Encryption",{"type":8,"value":418,"toc":628},[419,434,447,459,462,490,493,514,517,522,528,533,538,543,547,552,566,570,589,593,605,617,620,626],[11,420,426,430],{"className":421,"description":422,"image":423,"imageAlt":424,"title":425},[14],"See Through Encryption with eBPF","/images/2025.Q3/q.tap.simple.hero.svg","QTap platform dashboard showing encrypted traffic visibility and monitoring","QTap",[19,427,428],{"href":21},[24,429,26],{},[19,431,432],{"href":29,"kind":22},[24,433,321],{},[51,435,437,442],{"className":436,"columns":56},[54,55],[58,438],{"title":439,":border":60,"className":440,"description":441,"eyebrow":64,"eyebrowClasses":65},"The Modern Cloud is Encrypted & Distributed, creating a Critical Visibility Gap",[],"Encryption makes it impossible to see what's happening between your applications, services, and AI agents and the external APIs, services, and vendors they communicate with.",[109,443],{"alt":444,"className":445,"src":446},"Qtap platform dashboard showing encrypted traffic visibility and monitoring",[106],"/images/2025.Q3/invisible-supply-chain@2x.png",[51,448,450,455],{"className":449,"columns":56},[54],[58,451],{"title":452,":border":60,"className":453,"description":454,"eyebrow":77},"Deploy a lightweight eBPF agent that introspects calls before encryption occurs",[55],"Unlike traditional proxies Qtap does not sit in the network path or require certificate management! This provides detailed visibility into requests and responses without affecting the encryption process, and requires zero configuration changes to applications or network.",[109,456],{"alt":444,"className":457,"src":458},[106],"/images/2025.Q3/qtap-simple-overview.svg",[58,460],{"title":461,":border":60},"Key Benefits",[51,463,466,470,474,478,482,486],{"className":464,"columns":465},[119],"3",[339,467],{"sub":468,"title":469},"Works directly with your existing infrastructure","No Proxy Required",[339,471],{"sub":472,"title":473},"Zero application modifications needed","No Code Changes",[339,475],{"sub":476,"title":477},"Integrates seamlessly with current tools","Use Existing Pipeline",[339,479],{"sub":480,"title":481},"Minimal performance impact, in-kernel","Extremely Performant",[339,483],{"sub":484,"title":485},"Doesn't interfere with normal operations","Non-Obtrusive",[339,487],{"sub":488,"title":489},"Eliminates complex SSL/TLS configuration","No Certificate Management",[58,491],{"title":87,"className":492},[119],[494,495,496,502,506,510],"prose-step-wrapper",{"columns":56},[497,498],"prose-step",{":number":499,"description":500,"title":501},"1","QTap sees the pre-encryption request and post-encryption responses via eBPF hooks","Install QTap\u003Cbr/>eBPF Agent",[497,503],{":number":56,"description":504,"title":505},"Configure Rulekit to look for errors or specific conditions you might want to record","Detect Errors / Custom Conditions",[497,507],{":number":465,"description":508,"title":509},"Upload payload data to S3 compatible endpoint","Persist the\u003Cbr/>Payloads / Data",[497,511],{":number":120,"description":512,"title":513},"Generate log entry with all the context & links to the persisted payloads","Submit Log\u003Cbr/>Entry",[58,515],{"title":378,":border":60,"className":516},[119],[143,518],{":screenshot":60,"description":519,"image":520,"layout":147,"title":521},"Monitor all external API calls and responses","/images/2025.Q3/qtap/request-response.png","API Monitoring",[143,523],{":screenshot":60,"description":524,"image":525,"layout":526,"title":527},"Automatically capture failed requests with full context","/images/2025.Q3/qtap/error-detection.png","[+++][.]","Error Detection",[143,529],{":screenshot":60,"description":530,"image":531,"layout":147,"title":532},"Track all encrypted communications for compliance","/images/2025.Q3/screengrabs/inventory.spread.zoomout.jpg","Security Auditing",[143,534],{":screenshot":60,"description":535,"image":536,"layout":526,"title":537},"Analyze encrypted traffic patterns without decryption","/images/2025.Q3/data-flow.png","Performance Analysis",[143,539],{":screenshot":60,"description":540,"image":541,"layout":147,"title":542},"Troubleshoot issues in encrypted services","/images/2025.Q3/sensitive-source-destination.png","Debugging",[58,544],{"title":545,":border":60,"className":546},"Technical Architecture",[119],[143,548],{":screenshot":60,"description":549,"image":550,"layout":147,"title":551},"Direct access to network stack events","/images/2025.Q3/qtap/qtap-architecture.svg","Unmatched visibility",[494,553,554,558,562],{},[359,555],{"description":556,"title":557},"Captures traffic before encryption occurs","TLS function hooking",[359,559],{"description":560,"title":561},"Minimal overhead on production systems","Zero-performance impact",[359,563],{"description":564,"title":565},"Works across different Linux distributions","Cross-platform support",[58,567],{"title":568,":border":60,"className":569},"Getting Started",[119],[51,571,573,577,581,585],{"className":572,"columns":56},[],[497,574],{":number":499,"description":575,"title":576},"on your target systems","Deploy the eBPF agent",[497,578],{":number":56,"description":579,"title":580},"for your specific use cases","Configure monitoring rules",[497,582],{":number":465,"description":583,"title":584},"(S3, logging, monitoring)","Integrate with your observability stack",[497,586],{":number":120,"description":587,"title":588},"immediately","Start capturing encrypted traffic",[58,590],{"title":591,":border":60,"className":592},"Resources",[119],[594,595,596],"ul",{},[597,598,599],"li",{},[600,601,604],"a",{"href":21,"rel":602},[603],"nofollow","GitHub Repository",[594,606,607,611],{},[597,608,609],{},[600,610,321],{"href":29},[597,612,613],{},[600,614,616],{"href":615},"/pricing","Pricing",[618,619],"hr",{},[24,621,622],{},[623,624,625],"em",{},"QTap provides unprecedented visibility into encrypted traffic without compromising security or performance. Get started today and eliminate your encryption blind spots.",[259,627],{},{"title":36,"searchDepth":262,"depth":262,"links":629},[],"QTap provides unmatched visibility into all encrypted traffic without proxies, code changes, or certificate management",{},{"order":633,"parent":271},1,"/products/qtap",{"title":416,"description":630},"products/qtap",[276,638,639,640,641,642,302],"security","data-access","encryption","ebpf","tls","88JqI6_K1v3dieVGUnHGSz7wFvvAtW2RmIaFFBQbrYE",[645,743,821],{"id":646,"title":647,"body":648,"complianceFrameworks":266,"description":730,"extension":265,"heroImage":266,"image":266,"listingImage":731,"meta":732,"navigation":733,"path":735,"seo":736,"stem":737,"tags":738,"__hash__":742},"useCases/use-cases/ai-data-exposure.md","AI Data Exposure",{"type":8,"value":649,"toc":728},[650,659,673,677,692,700,703,706,726],[11,651,655],{"description":652,"image":653,"imageAlt":331,"title":654},"Your teams are using external AI APIs from your production servers and cloud infrastructure, but you have no visibility into what they are sending. Qpoint illuminates every connection from your backend to AI services, so you can innovate safely.","/images/2025.Q3/ai.svg","What Is Your Backend Really Telling AI Models?",[19,656,657],{"href":29},[24,658,32],{},[51,660,662,668],{"className":661,"columns":56},[54],[58,663],{":border":60,"className":664,"title":665,"description":666,"eyebrow":667,"eyebrowClasses":65},[55],"Proprietary Data is Leaking from Your Production Systems","When developers use AI APIs in backend services or CI/CD pipelines, they can inadvertently send sensitive information like proprietary source code and customer PII to public models without your knowledge.","The Problem",[109,669],{"alt":670,"className":671,"src":672},"Diagram showing data flowing from backend systems to AI APIs",[106,333],"/images/2025.Q3/complicated-data-flow.png",[58,674],{":border":60,"className":675,"title":676},[55],"Key Pains",[51,678,680,684,688],{"className":679,"columns":465},[119],[339,681],{"sub":682,"title":683},"Backend services can send proprietary code snippets to AI models, risking your IP.","Leaked Source Code",[339,685],{"sub":686,"title":687},"Customer PII from your production databases can be sent as context to AI services, violating privacy.","Exposed Customer Data",[339,689],{"sub":690,"title":691},"Encrypted TLS traffic from your servers to AI vendors is a black box, making it impossible to audit.","Zero Visibility",[58,693,697],{":border":60,"className":694,"title":695,"description":696,"eyebrow":77},[55],"Visibility for Safe AI Adoption in Your Infrastructure","See Every AI Connection. Classify Every Payload.",[24,698,699],{},"Qpoint gives you the ground truth needed to embrace AI confidently. We show you exactly what data is being sent from your backend infrastructure to any AI service, before it's encrypted.",[109,701],{"alt":331,"className":702,"src":541},[333,106],[58,704],{":border":60,"className":705,"title":115},[55],[51,707,709,714,718,722],{"className":708,"columns":120},[119],[339,710],{"sub":711,"title":712,"color":713},"Get a complete, real-time inventory of every backend process connecting to external AI APIs.","Identify Every AI Connection","blue",[339,715],{"sub":716,"title":717},"See the exact contents of the payloads, with automatic classification of source code, PII, and credentials.","Classify Transmitted Data",[339,719],{"sub":720,"title":721},"Use definitive evidence to create and enforce safe AI usage guidelines for your teams.","Build Safe Usage Policies",[339,723],{"sub":724,"title":725},"Trace every AI-bound request back to the specific process, container, and host in your production environment.","Link to the Source",[259,727],{},{"title":36,"searchDepth":262,"depth":262,"links":729},[],"Your teams are using external AI APIs from your production servers and cloud infrastructure, but you have no visibility into what they are sending. Qpoint illuminates every connection from your backend to AI services.","/images/2025.Q3/ai-hero@2x.png",{},{"order":262,"parent":734},"use-cases","/use-cases/ai-data-exposure",{"title":647,"description":730},"use-cases/ai-data-exposure",[739,740,741,638],"use-case","ai","data-exposure","AVGvN08Jk3M2NNJ6AAxArvPOtlfoNf-dW5b4G4Og0Js",{"id":744,"title":745,"body":746,"complianceFrameworks":266,"description":750,"extension":265,"heroImage":266,"image":266,"listingImage":334,"meta":811,"navigation":813,"path":815,"seo":816,"stem":817,"tags":818,"__hash__":820},"useCases/use-cases/automate-data-in-motion.md","Compliance Evidence",{"type":8,"value":747,"toc":809},[748,757,765,768,783,788,793,796,807],[11,749,753],{":screenshot":60,"description":750,"image":334,"imageAlt":751,"title":752},"Proving data residency and segregation for audits like SOC 2, PCI, and GDPR is a nightmare of manual evidence collection. Qpoint acts as a persistent, automated auditor for your backend infrastructure.","Qtap platform dashboard showing compliance evidence and audit reports","Pass Audits with Push-Button Simplicity",[19,754,755],{"href":29},[24,756,32],{},[51,758,760],{"className":759,"columns":56},[54],[58,761],{":border":60,"className":762,"title":763,"description":764,"eyebrow":667,"eyebrowClasses":65},[55],"Auditors Ask Questions You Can't Answer","Answering \"Can you prove that regulated PII has not left a specific geographic boundary?\" is nearly impossible. You rely on screenshots and manual logs, which don't provide definitive proof for modern systems.",[58,766],{":border":60,"className":767,"title":676},[55],[51,769,771,775,779],{"className":770,"columns":465},[119],[339,772],{"sub":773,"title":774},"Teams spend weeks collecting evidence for each audit cycle.","Manual Drudgery",[339,776],{"sub":777,"title":778},"Disparate logs don't provide the full picture of data flows.","Incomplete Evidence",[339,780],{"sub":781,"title":782},"Between audits, you have no continuous assurance that policies are being followed.","Constant Risk",[58,784],{":border":60,"className":785,"title":786,"description":787,"eyebrow":77},[55],"Your Automated, Persistent Auditor","Qpoint provides the definitive, continuous evidence you need to satisfy auditors with a searchable, historical log of every data flow—source, destination, and data classification.",[109,789],{"alt":790,"className":791,"src":792},"Qtap platform dashboard showing automated compliance evidence collection",[106],"/images/2025.Q3/data-flow-big-transparent.png",[58,794],{":border":60,"className":795,"title":115},[55],[51,797,799,801,803,805],{"className":798,"columns":120},[119],[339,800],{"sub":361,"title":362,"color":713},[339,802],{"sub":365,"title":366},[339,804],{"sub":369,"title":370},[339,806],{"sub":373,"title":374},[259,808],{},{"title":36,"searchDepth":262,"depth":262,"links":810},[],{"framework":812},"Multi-Framework",{"order":270,"parent":814},"compliance-evidence","/use-cases/automate-data-in-motion",{"title":745,"description":750},"use-cases/automate-data-in-motion",[739,410,411,412,819],"data-residency","2pcEZqY6WF9q-v_qKNRkDbG6jTL_8Vq0mUCSrq5Srqc",{"id":822,"title":823,"body":824,"complianceFrameworks":266,"description":905,"extension":265,"heroImage":266,"image":266,"listingImage":830,"meta":906,"navigation":907,"path":908,"seo":909,"stem":910,"tags":911,"__hash__":914},"useCases/use-cases/third-party-data-risk.md","Third-Party Data Risk",{"type":8,"value":825,"toc":903},[826,836,850,853,868,876,879,882,901],[11,827,832],{":maxImgWidth":828,"description":829,"image":830,"imageAlt":444,"title":831},"400","Your backend systems are connected to hundreds of third-party services, creating a massive, invisible attack surface. Qpoint discovers every outbound connection and classifies the data inside, turning your biggest blind spot into your biggest strength.","/images/2025.Q3/case-stydy-1@2x.png","Who Are You Really Connected To?",[19,833,834],{"href":29},[24,835,32],{},[51,837,839,847],{"className":838,"columns":56},[54],[58,840,844],{":border":60,"className":841,"title":842,"description":843,"eyebrow":667,"eyebrowClasses":65},[55],"The Invisible Supply Chain","If a Vendor in Your Supply Chain is Breached, Are You Exposed?",[24,845,846],{},"You can't answer that question because you don't know what data you're sending them. Modern applications rely on a complex web of third-party APIs, but since the traffic is encrypted, you're blind to the risk.",[109,848],{"alt":444,"className":849,"src":446},[106],[58,851],{":border":60,"className":852,"title":676},[55],[51,854,856,860,864],{"className":855,"columns":465},[119],[339,857],{"sub":858,"title":859},"You can't produce a complete, real-time inventory of every third-party service your applications connect to.","Unknown Connections",[339,861],{"sub":862,"title":863},"You have no idea if PII, credentials, or other sensitive data is being sent to vendors.","Invisible Data",[339,865],{"sub":866,"title":867},"When a vendor announces a breach, it takes days or weeks of manual effort to determine your exposure.","Manual Investigations",[58,869,873],{":border":60,"className":870,"title":871,"description":872,"eyebrow":77},[55],"From Blind Spot to Certainty","See Every Connection. Classify Every Payload.",[24,874,875],{},"Qpoint provides the ground truth for your third-party data risk by observing traffic directly from the Linux kernel, bypassing encryption to give you a complete and immediate inventory.",[109,877],{"alt":444,"className":878,"src":334},[333,106],[58,880],{":border":60,"className":881,"title":115},[55],[51,883,885,889,893,897],{"className":884,"columns":120},[119],[339,886],{"sub":887,"title":888,"color":713},"Instantly generate a real-time map of every external service your backend communicates with.","Discover Every Connection",[339,890],{"sub":891,"title":892},"Automatically scan payloads to detect and classify PII, PCI, PHI, and other sensitive data patterns.","Classify Sensitive Data",[339,894],{"sub":895,"title":896},"Prioritize threats based on actual data exposure, not just guesswork.","Quantify Your Risk",[339,898],{"sub":899,"title":900},"Get an immediate, definitive answer on your exposure during a third-party breach.","Accelerate Incident Response",[259,902],{},{"title":36,"searchDepth":262,"depth":262,"links":904},[],"Your backend systems are connected to hundreds of third-party services, creating a massive, invisible attack surface. Qpoint discovers every outbound connection and classifies the data inside.",{},{"order":633,"parent":734},"/use-cases/third-party-data-risk",{"title":823,"description":905},"use-cases/third-party-data-risk",[739,912,913,741],"risk-management","third-party","VFRFiR0tfUosZEtrfR8zOQI-gYFeApGMbjWqfC775E0",[916,1014,1096,1227,1307],{"id":917,"title":918,"body":919,"description":1004,"extension":265,"framework":392,"heroImage":266,"image":266,"listingImage":266,"meta":1005,"navigation":1006,"path":1007,"seo":1008,"stem":1009,"tags":1010,"__hash__":1013},"complianceEvidence/use-cases/compliance-evidence/gdpr.md","GDPR Compliance - Demonstrate Data Residency",{"type":8,"value":920,"toc":996},[921],[922,923,924,925,924,930,924,933,938,943,946,949,952,956,959,963,987,990],"hero",{},"\n  ",[926,927,929],"h1",{"id":928},"gdpr-compliance","GDPR Compliance",[24,931,932],{},"Ensure GDPR compliance with automated evidence collection and definitive proof of data residency.",[934,935,32],"button",{"className":936},[937],"btn-cta",[939,940,942],"h2",{"id":941},"gdpr-overview","GDPR Overview",[24,944,945],{},"The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organizations processing personal data of EU residents.",[939,947,64],{"id":948},"the-challenge",[24,950,951],{},"GDPR requires organizations to demonstrate data residency and processing compliance, but traditional methods rely on manual evidence collection that doesn't provide definitive proof of where personal data flows.",[939,953,955],{"id":954},"our-solution","Our Solution",[24,957,958],{},"Qpoint provides the definitive, continuous evidence you need to satisfy GDPR auditors with a searchable, historical log of every data flow—source, destination, and data classification.",[960,961,115],"h3",{"id":962},"key-capabilities",[594,964,965,971,977,982],{},[597,966,967,970],{},[968,969,362],"strong",{},": Generate reports that definitively prove personal data has not left defined geographic boundaries",[597,972,973,976],{},[968,974,975],{},"Verify Data Processing",": Show auditors that personal data processing follows GDPR requirements",[597,978,979,981],{},[968,980,370],{},": Replace weeks of manual log collection with a single source of truth",[597,983,984,986],{},[968,985,374],{},": Go beyond point-in-time audits with continuous visibility",[939,988,32],{"id":989},"see-a-demo",[24,991,992],{},[993,994,995],"span",{},"Call-to-action placeholder for demo",{"title":36,"searchDepth":262,"depth":262,"links":997},[998,999,1000,1003],{"id":941,"depth":262,"text":942},{"id":948,"depth":262,"text":64},{"id":954,"depth":262,"text":955,"children":1001},[1002],{"id":962,"depth":270,"text":115},{"id":989,"depth":262,"text":32},"Ensure GDPR compliance with automated evidence collection and definitive proof of data residency",{},{"order":270,"parent":814},"/use-cases/compliance-evidence/gdpr",{"title":918,"description":1004},"use-cases/compliance-evidence/gdpr",[410,1011,1012,412],"gdpr","privacy","XpwB3PPB5MTfQa1Fm4xIxg_sxPTm0l1IO33qL2do6Wk",{"id":1015,"title":1016,"body":1017,"description":1085,"extension":265,"framework":396,"heroImage":266,"image":266,"listingImage":266,"meta":1086,"navigation":1087,"path":1089,"seo":1090,"stem":1091,"tags":1092,"__hash__":1095},"complianceEvidence/use-cases/compliance-evidence/hipaa.md","HIPAA Compliance - Verify PHI Data Flows",{"type":8,"value":1018,"toc":1077},[1019],[922,1020,924,1021,924,1025,924,1028,1031,1035,1038,1040,1043,1045,1048,1050,1071,1073],{},[926,1022,1024],{"id":1023},"hipaa-compliance","HIPAA Compliance",[24,1026,1027],{},"Achieve HIPAA compliance with automated evidence collection and verification of PHI data flows.",[934,1029,32],{"className":1030},[937],[939,1032,1034],{"id":1033},"hipaa-overview","HIPAA Overview",[24,1036,1037],{},"The Health Insurance Portability and Accountability Act (HIPAA) establishes national standards for protecting sensitive patient health information.",[939,1039,64],{"id":948},[24,1041,1042],{},"HIPAA requires healthcare organizations to verify that PHI data flows are properly controlled and documented, but traditional methods rely on manual evidence collection that doesn't provide comprehensive visibility into data-in-motion.",[939,1044,955],{"id":954},[24,1046,1047],{},"Qpoint provides the definitive, continuous evidence you need to satisfy HIPAA auditors with a searchable, historical log of every data flow—source, destination, and data classification.",[960,1049,115],{"id":962},[594,1051,1052,1058,1063,1067],{},[597,1053,1054,1057],{},[968,1055,1056],{},"Verify PHI Data Flows",": Generate reports that definitively prove PHI has not left defined network boundaries",[597,1059,1060,1062],{},[968,1061,366],{},": Show auditors that traffic from sensitive systems is properly isolated",[597,1064,1065,981],{},[968,1066,370],{},[597,1068,1069,986],{},[968,1070,374],{},[939,1072,32],{"id":989},[24,1074,1075],{},[993,1076,995],{},{"title":36,"searchDepth":262,"depth":262,"links":1078},[1079,1080,1081,1084],{"id":1033,"depth":262,"text":1034},{"id":948,"depth":262,"text":64},{"id":954,"depth":262,"text":955,"children":1082},[1083],{"id":962,"depth":270,"text":115},{"id":989,"depth":262,"text":32},"Achieve HIPAA compliance with automated evidence collection and verification of PHI data flows",{},{"order":1088,"parent":814},4,"/use-cases/compliance-evidence/hipaa",{"title":1016,"description":1085},"use-cases/compliance-evidence/hipaa",[410,1093,1094,412],"hipaa","healthcare","ksCz8Qm5JzD-i6WnmBM3qICexJ1RYVQzPal9UNKUB3M",{"id":1097,"title":752,"body":1098,"description":750,"extension":265,"framework":266,"heroImage":266,"image":266,"listingImage":266,"meta":1220,"navigation":1221,"path":1222,"seo":1223,"stem":1224,"tags":1225,"__hash__":1226},"complianceEvidence/use-cases/compliance-evidence/index.md",{"type":8,"value":1099,"toc":1210},[1100],[922,1101,924,1102,924,1105,924,1107,1110,1114,1117,1119,1124,1141,1145,1148,1150,1155,1177,1181,1204,1206],{},[926,1103,752],{"id":1104},"pass-audits-with-push-button-simplicity",[24,1106,750],{},[934,1108,32],{"className":1109},[937],[939,1111,1113],{"id":1112},"the-problem-unanswerable-audit-questions","The Problem: Unanswerable Audit Questions",[960,1115,763],{"id":1116},"auditors-ask-questions-you-cant-answer",[24,1118,764],{},[24,1120,1121],{},[968,1122,1123],{},"Key Pains:",[594,1125,1126,1131,1136],{},[597,1127,1128,1130],{},[968,1129,774],{},": Teams spend weeks collecting evidence for each audit cycle.",[597,1132,1133,1135],{},[968,1134,778],{},": Disparate logs don't provide the full picture of data flows.",[597,1137,1138,1140],{},[968,1139,782],{},": Between audits, you have no continuous assurance that policies are being followed.",[939,1142,1144],{"id":1143},"the-solution-your-automated-persistent-auditor","The Solution: Your Automated, Persistent Auditor",[960,1146,786],{"id":1147},"your-automated-persistent-auditor",[24,1149,787],{},[24,1151,1152],{},[968,1153,1154],{},"Key Capabilities:",[594,1156,1157,1162,1167,1172],{},[597,1158,1159,1161],{},[968,1160,362],{},": Generate reports that definitively prove regulated data has not left a defined network boundary.",[597,1163,1164,1166],{},[968,1165,366],{},": Show auditors that traffic from sensitive systems is properly isolated.",[597,1168,1169,1171],{},[968,1170,370],{},": Replace weeks of manual log collection with a single source of truth.",[597,1173,1174,1176],{},[968,1175,374],{},": Go beyond point-in-time audits with continuous visibility.",[939,1178,1180],{"id":1179},"compliance-frameworks","Compliance Frameworks",[594,1182,1183,1189,1194,1199],{},[597,1184,1185,1188],{},[968,1186,1187],{},"SOC 2",": Automated evidence collection for SOC 2 audits",[597,1190,1191,1193],{},[968,1192,388],{},": Prove PCI data has not left defined boundaries",[597,1195,1196,1198],{},[968,1197,392],{},": Demonstrate data residency and processing compliance",[597,1200,1201,1203],{},[968,1202,396],{},": Verify PHI data flows and access controls",[939,1205,32],{"id":989},[24,1207,1208],{},[993,1209,995],{},{"title":36,"searchDepth":262,"depth":262,"links":1211},[1212,1215,1218,1219],{"id":1112,"depth":262,"text":1113,"children":1213},[1214],{"id":1116,"depth":270,"text":763},{"id":1143,"depth":262,"text":1144,"children":1216},[1217],{"id":1147,"depth":270,"text":786},{"id":1179,"depth":262,"text":1180},{"id":989,"depth":262,"text":32},{},{"order":270,"parent":734},"/use-cases/compliance-evidence",{"title":752,"description":750},"use-cases/compliance-evidence/index",[739,410,411,412],"FQtEOrh40JoTKDK9WIe7nkObOtheVKW6TXY5W1SY_lM",{"id":1228,"title":1229,"body":1230,"description":1296,"extension":265,"framework":388,"heroImage":266,"image":266,"listingImage":266,"meta":1297,"navigation":1298,"path":1300,"seo":1301,"stem":1302,"tags":1303,"__hash__":1306},"complianceEvidence/use-cases/compliance-evidence/pci-dss.md","PCI DSS Compliance - Prove Data Residency",{"type":8,"value":1231,"toc":1288},[1232],[922,1233,924,1234,924,1238,924,1241,1244,1248,1251,1253,1256,1258,1261,1263,1282,1284],{},[926,1235,1237],{"id":1236},"pci-dss-compliance","PCI DSS Compliance",[24,1239,1240],{},"Achieve PCI DSS compliance with automated evidence collection and definitive proof of data residency.",[934,1242,32],{"className":1243},[937],[939,1245,1247],{"id":1246},"pci-dss-overview","PCI DSS Overview",[24,1249,1250],{},"The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.",[939,1252,64],{"id":948},[24,1254,1255],{},"PCI DSS requires organizations to prove that cardholder data has not left defined network boundaries, but traditional methods rely on manual log collection and incomplete evidence that doesn't provide definitive proof.",[939,1257,955],{"id":954},[24,1259,1260],{},"Qpoint provides the definitive, continuous evidence you need to satisfy PCI DSS auditors with a searchable, historical log of every data flow—source, destination, and data classification.",[960,1262,115],{"id":962},[594,1264,1265,1270,1274,1278],{},[597,1266,1267,1269],{},[968,1268,362],{},": Generate reports that definitively prove PCI data has not left a defined network boundary",[597,1271,1272,1062],{},[968,1273,366],{},[597,1275,1276,981],{},[968,1277,370],{},[597,1279,1280,986],{},[968,1281,374],{},[939,1283,32],{"id":989},[24,1285,1286],{},[993,1287,995],{},{"title":36,"searchDepth":262,"depth":262,"links":1289},[1290,1291,1292,1295],{"id":1246,"depth":262,"text":1247},{"id":948,"depth":262,"text":64},{"id":954,"depth":262,"text":955,"children":1293},[1294],{"id":962,"depth":270,"text":115},{"id":989,"depth":262,"text":32},"Achieve PCI DSS compliance with automated evidence collection and definitive proof of data residency",{},{"order":1299,"parent":814},5,"/use-cases/compliance-evidence/pci-dss",{"title":1229,"description":1296},"use-cases/compliance-evidence/pci-dss",[410,1304,1305,412],"pci-dss","payment-security","_N_iz0UTH6dqKgYliyorsh67wKtff2M9Lc8b13jfl5o",{"id":1308,"title":1309,"body":1310,"description":1375,"extension":265,"framework":1187,"heroImage":266,"image":266,"listingImage":266,"meta":1376,"navigation":1377,"path":1379,"seo":1380,"stem":1381,"tags":1382,"__hash__":1384},"complianceEvidence/use-cases/compliance-evidence/soc2.md","SOC 2 Compliance - Automated Evidence Collection",{"type":8,"value":1311,"toc":1367},[1312],[922,1313,924,1314,924,1317,924,1320,1323,1327,1330,1332,1335,1337,1340,1342,1361,1363],{},[926,1315,384],{"id":1316},"soc-2-compliance",[24,1318,1319],{},"Streamline your SOC 2 compliance process with automated evidence collection and push-button audit preparation.",[934,1321,32],{"className":1322},[937],[939,1324,1326],{"id":1325},"soc-2-overview","SOC 2 Overview",[24,1328,1329],{},"SOC 2 (System and Organization Controls 2) is a framework for managing customer data based on five trust service criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.",[939,1331,64],{"id":948},[24,1333,1334],{},"Traditional SOC 2 audits require weeks of manual evidence collection, with teams scrambling to gather logs, screenshots, and documentation to prove compliance with data-in-motion requirements.",[939,1336,955],{"id":954},[24,1338,1339],{},"Qpoint provides the definitive, continuous evidence you need to satisfy SOC 2 auditors with a searchable, historical log of every data flow—source, destination, and data classification.",[960,1341,115],{"id":962},[594,1343,1344,1349,1353,1357],{},[597,1345,1346,1348],{},[968,1347,362],{},": Generate reports that definitively prove regulated data has not left a defined network boundary",[597,1350,1351,1062],{},[968,1352,366],{},[597,1354,1355,981],{},[968,1356,370],{},[597,1358,1359,986],{},[968,1360,374],{},[939,1362,32],{"id":989},[24,1364,1365],{},[993,1366,995],{},{"title":36,"searchDepth":262,"depth":262,"links":1368},[1369,1370,1371,1374],{"id":1325,"depth":262,"text":1326},{"id":948,"depth":262,"text":64},{"id":954,"depth":262,"text":955,"children":1372},[1373],{"id":962,"depth":270,"text":115},{"id":989,"depth":262,"text":32},"Streamline SOC 2 compliance with automated evidence collection and push-button audit preparation",{},{"order":1378,"parent":814},6,"/use-cases/compliance-evidence/soc2",{"title":1309,"description":1375},"use-cases/compliance-evidence/soc2",[410,1383,412],"soc2","rq4WsehsjX1hcBV0R3ydjeadpU6W6B7QlkB3ICGcKxk",[],1779303432576]