Settings — ThunderScan

Profile Information

IS

Isaac Shi

isaac@goldensection.vc

Admin Enterprise

First Name

Last Name

Work Email

Job Title

Organization

Phone (optional)

Time Zone

Date Format

Change Password

Use a strong, unique password with at least 12 characters, including uppercase, lowercase, numbers, and symbols.

Current Password

New Password

Confirm New Password

Display Preferences

Compact sidebar

Collapse sidebar to icon-only mode by default

Show severity badges in nav

Display issue count badges on sidebar links

Animate score rings

Play fill animation on score arc rings when loading

Workspace Settings

Workspace Name

Workspace Slug

app/

Default Connection

Default Export Format

Workspace Logo URL (optional)

Team Members

Member	Role	Connections	Last Active	Status
IS Isaac Shi isaac@goldensection.vc	Admin	All (4)	Just now	Active	You
JL Jen Lin jen@goldensection.vc	Analyst	Production, Staging	3 h ago	Active
MK Mike Kim mike@portfolio.co	Viewer	Production	Never	Invited

Admin — Full access, manage team & billing

Analyst — Run scans, view all results

Viewer — Read-only access to reports

Workspace Audit Log

View Full Log

Scan completed on Production DB

Isaac Shi · Today 9:12 AM

Success

Invite sent to mike@portfolio.co

Isaac Shi · Yesterday 4:40 PM

Pending

New connection added: Analytics DB

Isaac Shi · Jan 28, 2026

Success

Email Alerts

Critical issues detected

Immediate alert when critical severity issues are found during any scan

Scan completed

Email summary when any scan finishes, including score changes

Scan failed

Alert if a scan errors out or cannot connect to the database

Health score degradation

Alert when overall health score drops by more than 10 points scan-over-scan

Compliance score changes

Alerts for GDPR, SOC 2, HIPAA, or ISO 27001 score movements

New team member joined

Notify when a workspace invite is accepted

Weekly digest

Monday morning summary: health trends, top issues, and upcoming scans

Scheduled Scans

Auto-scan frequency

Target Connection

Send alert if scheduled scan is missed

Notify if the scheduled scan window is skipped due to connectivity issues

Webhook & Slack

Slack Webhook

Not connected — push alerts to a Slack channel

Custom Webhook URL (optional)

POST JSON payload on scan complete, critical issue, or score change.

Third-Party Integrations

Jira

Auto-create Jira tickets from critical ThunderScan findings · goldensection.atlassian.net

Connected

GitHub

Push AI-generated SQL fix scripts as pull requests to your repo

Not Connected

Slack

Real-time scan alerts, critical issue pings, and weekly digest to a Slack channel

Not Connected

PagerDuty

Trigger on-call incidents for critical database security or integrity failures

Not Connected

Microsoft Teams

Post scan summaries and critical alerts to a Teams channel via webhook

Not Connected

Datadog

Forward health score metrics and issue counts as Datadog custom metrics

Not Connected

Single Sign-On (SSO)

Enterprise

Okta SAML 2.0

Provision and deprovision users automatically via SCIM

Not Configured

Azure Active Directory

OIDC-based SSO with Azure AD groups mapped to ThunderScan roles

Not Configured

API Keys

API keys grant programmatic access to scan results, issue lists, and reports. Keys are shown only once at creation — store them in your secret manager (e.g., AWS Secrets Manager, GitHub Secrets). Use scoped permissions — never grant write access unless required.

Name / Purpose	Key Prefix	Scope	Last Used	Expires
CI/CD Pipeline GitHub Actions · nightly scan trigger	`ts_k8f2…`	Read-only	2 h ago	Jan 12, 2027
Slack Bot Issue alert webhook consumer	`ts_m3x9…`	Read-only	5 days ago	Dec 28, 2026

Webhook Events Reference

ThunderScan fires POST requests to your webhook URL for the following events:

scan.completed Scan finished — includes scores & issue count

scan.failed Scan error or connection timeout

issue.critical Critical severity issue newly detected

score.degraded Health score dropped > 10 points

report.ready PDF/HTML report generated and available

Two-Factor Authentication

Enabled

Authenticator App (TOTP)

Google Authenticator · Last used 2 h ago

Active Sessions

Chrome / macOS · Houston, TX

192.168.1.42 · Active now

Current

Safari / iPhone · Houston, TX

192.168.1.56 · Yesterday 8:02 PM

Recent Login Activity

Date & Time	Location	Device	IP Address	Result
Feb 23, 2026 · 9:14 AM	Houston, TX	Chrome / macOS	192.168.1.42	Success
Feb 22, 2026 · 8:02 PM	Houston, TX	Safari / iPhone	192.168.1.56	Success
Feb 20, 2026 · 2:45 PM	Dallas, TX	Chrome / Windows	10.44.22.8	Success
Feb 18, 2026 · 11:22 AM	Unknown	Unknown browser	82.111.44.2	Failed

IP Allowlist

Restrict workspace access to specific IP addresses or CIDR ranges. Leave empty to allow all.

192.168.1.0/24Office LANActive

10.44.0.0/16VPN rangeActive

Current Plan

Enterprise Plan

Unlimited connections · All compliance frameworks · Priority support · SAML SSO

$799/mo

Renews Mar 22, 2026

Unlimited database connections

All compliance frameworks

AI Readiness module

Priority support (4h SLA)

SAML SSO & SCIM provisioning

Unlimited report storage

API access & webhooks

Custom data retention policy

Usage This Month

Resets Mar 1, 2026

Connections4 / ∞

Scans Run47 / ∞

Team Members3 / ∞

Report Storage2.1 GB / ∞

Payment Method

Visa ending in 4242

Expires 08/2028 · Billing contact: isaac@goldensection.vc

Recent Invoices

Period	Amount	Status
Feb 2026	$799.00	Paid
Jan 2026	$799.00	Paid
Dec 2025	$799.00	Paid

Danger Zone

Actions in this section are permanent and irreversible. Proceed with caution.

Clear All Scan History

Permanently delete all past scan results, issue lists, and reports. Cannot be undone.

Revoke All API Keys

Immediately invalidate all existing API keys. Connected integrations will stop working instantly.

Remove All Database Connections

Disconnect and remove all saved connection credentials from the workspace.

Delete Account

Permanently delete your account, all workspace data, connections, scans, reports, and team members. Irreversible.