Davis Assistant data security

Davis Assistant uses an HTTP API using TLS with a 2048-bit RSA certificate issued by Amazon. SSL termination is done at the Amazon Elastic Load Balancer and communication within AWS is secured using Security Groups. Communication with Dynatrace environments is also secured with TLS. By default, Davis Assistant requires a certificate signed by a trusted authority. However an administrator of a Dynatrace Managed environment may configure Davis Assistant to accept a self-signed certificate. Authorization between Davis Assistant and your Dynatrace environment is handled by a shared API token.

What Dynatrace data can Davis Assistant access?

Davis Assistant communicates over the public Dynatrace REST API and may access any data from the API that the configured API token has permission to access. This may include details of problems, time series data such as response times, environment Smartscape topology information, events collected by Dynatrace, and some configurations, including custom event thresholds and maintenance windows. See the REST API documentation for details about what is available over the REST API.

What data captured by Dynatrace is stored in Davis Assistant?

Davis Assistant caches a minimal amount of data from the REST API for a short period of time (about 10 minutes or less) to reduce the number of API calls made to your Dynatrace environment and thereby reduce response times.

What data is shared with the Chrome extension?

The Davis Assistant Chrome extension is used to enable voice navigation in Davis Assistant. Only the bare minimum of data needed to accomplish this is shared with the chrome extension. The extension makes a TLS encrypted WebSocket connection back to Davis Assistant and authenticates itself using a shared token, which is user-provided. This token is stored in Chrome local storage and is kept safely away from other web pages, tabs, and extensions. The extension communicates with Davis Assistant using a set of messages. On connection, the extension authenticates with Davis Assistant using the shared token. After the extension is authenticated, Davis Assistant sends the URL of a page associated with the response from the Davis Assistant Alexa skill to the Chrome extension. No Dynatrace data is shared with the Chrome extension beyond for URLs of pages associated with responses from the Davis Assistant Alexa skill.

Where is Davis Assistant hosted?

Davis Assistant is hosted in Amazon Web Services in the US East (N. Virginia) region.