Administration
Manage your GraphNode deployment including license configuration, email notifications, and enterprise security settings. The Administration panel is accessible to users with the Admin role.
License Management
GraphNode uses a license-based model that controls the scale of your deployment. License details are viewable in the Administration panel and define the maximum capacity for projects, users, and scan engines.
Project Count
Maximum number of projects that can be created in the system. Each project represents a distinct codebase or application being scanned.
User Count
Maximum users per role type: Auditor (security analysts who review findings), Team Leader (manages projects and teams), and Developer (views assigned findings and resolves vulnerabilities).
Engine Count
Maximum number of scan engines that can be registered with the platform. Multiple engines enable parallel scanning and faster analysis of large codebases.
Tip: License Monitoring
GraphNode can send email notifications when your license is approaching expiration or when quotas are nearing their limits. Configure notification thresholds in the Notifications settings to stay ahead of capacity planning.
Notifications
GraphNode uses email notifications via SMTP to keep your team informed about scan results, security findings, and system events. Notification recipients can be configured globally or per project.
Configurable Notification Events
| Event | Description |
|---|---|
| Scan Completed | Notification sent when a scan finishes successfully, including a summary of findings by severity. |
| New Critical Vulnerabilities | Immediate alert when new critical-severity vulnerabilities are discovered in a scan. |
| Scan Failed / Error | Notification when a scan encounters an error or fails to complete, including error details. |
| License Expiring Soon | Advance warning when your license is approaching its expiration date. |
Security & Encryption
GraphNode implements enterprise-grade security measures to protect your source code, scan results, and user data. As an on-premise solution, all data remains within your own infrastructure.
Data at Rest
AES-256 bit encryption for all stored data including source code snapshots, scan results, and user credentials.
Data in Transit
TLS 1.3 encryption for all communications between the web application, scan engines, and user browsers.
Authentication
JWT-based session management with configurable token expiration, refresh token rotation, and secure cookie handling.
Database Encryption
Transparent Data Encryption (TDE) support for the underlying database, ensuring data is encrypted at the storage level.
Access Control
RBAC (Role-Based Access Control) for user permissions and ABAC (Attribute-Based Access Control) for fine-grained policies governing project-level and resource-level access.
Audit Logging
All user actions are logged for compliance, including login events, project access, scan operations, finding triage changes, and configuration modifications.
Data Sovereignty
On-premise deployment ensures all source code and scan results stay within your infrastructure. No data is sent to external servers. Your organization retains complete control over where data is stored and processed.
GDPR Compliance Features
GraphNode includes features to help your organization meet GDPR and data privacy requirements.
Security Summary
| Layer | Technology | Standard |
|---|---|---|
| Encryption at Rest | AES-256 | NIST SP 800-38A |
| Encryption in Transit | TLS 1.3 | RFC 8446 |
| Session Management | JWT with HMAC-SHA256 | RFC 7519 |
| Database | Transparent Data Encryption | Platform-native TDE |
| Access Control | RBAC + ABAC | NIST ABAC SP 800-162 |