Our Security Commitment

Infrastructure Security

SecodX is hosted on Microsoft Azure with encryption at rest (AES-256) and in transit (TLS 1.2+). All source code analysis runs in isolated environments. Source code is never retained after scan completion.

Application Security

This website implements HTTPS enforcement, HSTS preloading, a strict Content Security Policy, anti-CSRF tokens on all forms, rate limiting, and comprehensive security headers (X-Frame-Options, X-Content-Type-Options, Permissions-Policy, Referrer-Policy).

Access Controls

Multi-tenant isolation ensures no customer can access another customer's data. All administrative access is role-based and audit-logged. Passwords are stored using BCrypt with appropriate cost factors.

Responsible Disclosure

We operate a responsible disclosure program. See our Responsible Disclosure Policy and Vulnerability Reporting page.

Contact

Security inquiries: security@secodx.com