Trust Center

Security Policy

CyberFurl protects customer data with layered application controls, audited release workflows, and a responsible disclosure process for researchers.

Core Controls

Production traffic is served behind hardened HTTP response headers and a centralized CSP.
Authentication is cookie-based with CSRF-aware API requests and short-lived session refresh logic.
Sensitive application secrets stay server-side and are excluded from client bundles.
Frontend releases are gated by type-check, build validation, dependency auditing, and secret scanning.

Responsible Disclosure

Report security issues to security@cyberfurl.com. Include reproduction steps, impacted routes, and any proof-of-concept artifacts needed to validate the issue safely.

Trust Center

Security Policy

CyberFurl protects customer data with layered application controls, audited release workflows, and a responsible disclosure process for researchers.

Core Controls

Production traffic is served behind hardened HTTP response headers and a centralized CSP.
Authentication is cookie-based with CSRF-aware API requests and short-lived session refresh logic.
Sensitive application secrets stay server-side and are excluded from client bundles.
Frontend releases are gated by type-check, build validation, dependency auditing, and secret scanning.

Responsible Disclosure

Report security issues to security@cyberfurl.com. Include reproduction steps, impacted routes, and any proof-of-concept artifacts needed to validate the issue safely.