🛡️ SecureCheck

← Home

Security Policy

Last updated July 2026. This is a plain-language summary for this demo build, not formal legal advice.

How we protect the SecureCheck platform itself.

Application security

Passwords are hashed with bcrypt. Sessions are httpOnly and marked secure in production. All forms are protected against CSRF, and logins are rate-limited.

Transport security

All traffic is served over HTTPS with strong TLS and HSTS in production.

Scanning safety

Our scanner refuses to target internal/private network addresses (SSRF protection), and intrusive checks require verified ownership of the target.

Reporting a problem

See our Responsible Disclosure Policy to report a vulnerability.

See also: Privacy · Cookies · Terms · DPA · Security · Disclosure · Refunds · Acceptable use