Security & Trust

Our Security
Posture.

As a security platform, we hold ourselves to a higher standard. Learn about how we protect our infrastructure and your sensitive data.

Encryption at Rest

All sensitive vulnerability data and researcher PII is encrypted using AES-256-GCM.

Isolated Triage

Our triage environment is logically isolated to prevent cross-account exposure.

Hardware Security

We use Yubikeys and hardware-backed MFA for all internal administrative access.

Immutable Logs

Platform audit trails are stored in an immutable ledger for non-repudiation.

Responsible Disclosure

If you believe you have discovered a vulnerability in XC0MRADE, we encourage you to report it to us immediately. We operate a "Safe Harbor" policy for researchers who act in good faith.

1

Do not attempt to access or modify data that does not belong to you.

2

Provide detailed steps to reproduce the issue.

3

Give us reasonable time to investigate and remediate before disclosure.

Report Signal

Send encrypted reports to our security team.

security@xcomrade.tech
PGP: 0xFD2A...C81F

Want to deep-dive into our infrastructure?

Download Security Whitepaper