As a security platform, we hold ourselves to a higher standard. Learn about how we protect our infrastructure and your sensitive data.
All sensitive vulnerability data and researcher PII is encrypted using AES-256-GCM.
Our triage environment is logically isolated to prevent cross-account exposure.
We use Yubikeys and hardware-backed MFA for all internal administrative access.
Platform audit trails are stored in an immutable ledger for non-repudiation.
If you believe you have discovered a vulnerability in XC0MRADE, we encourage you to report it to us immediately. We operate a "Safe Harbor" policy for researchers who act in good faith.
Do not attempt to access or modify data that does not belong to you.
Provide detailed steps to reproduce the issue.
Give us reasonable time to investigate and remediate before disclosure.