CloudSploit first makes a series of API calls to your connected IaaS account. These results are stored as a JSON file in an AWS S3 bucket, isolated from other accounts, and encrypted at rest and in transit. This file is then fed into the CloudSploit engine, which parses it and produces the results you see in your scan reports. These results are stored in the CloudSploit database and the original source data in S3 is permanently deleted within 36 hours.