Security at CyStack

At CyStack, we are aware that our users rely on us and our products to manage critical information such as passwords, sensitive data, vulnerability reports. Therefore, we prioritize the security of our customers' data, as well as our products and services. We have implemented a robust security framework that encompasses internal threat models, regular internal and external security evaluations, and apply DevSecOps during our software development life cycle. By adopting a secure-by-design approach, CyStack provides top-of-the-line security that ensures our users' trust is maintained.

The Security Team

As a cyber security company, we have a full range of positions involved in securing, protecting and improving the security posture of the company and its products. The broader security team consists of:

  • Detection & Response
  • Cloud & Infrastructure Security
  • Product Security
  • Audit Team

Privacy

CyStack places great value on your privacy and is dedicated to safeguarding your Personal Information, which pertains to any information relating to an identified or identifiable individual. We acknowledge that Personal Information provided to us by you is: confidential and personal.

We neither lease, sell nor exchange your Personal Information with any third party.

You can access our complete privacy policy at https://cystack.net/privacy. For any questions concerning privacy matters, please email security@cystack.net.

Vulnerability Reporting

CyStack takes security seriously and is committed to ensuring the safety and privacy of our customer's data. We appreciate any effort to discover and coordinate the disclosure of security vulnerabilities that can help us improve our security posture and better protect our clients.

If you have identified a vulnerability in any of our products or services, we encourage you to report it immediately. This will allow us to take swift action and implement the necessary measures to address the issue.

To report a vulnerability, please go to our bug bounty programs and submit the finding there:

We take all vulnerability reports seriously and aim to respond quickly and validate the vulnerability before taking necessary steps to address it. After we receive your disclosure, we will send you an initial reply and keep you updated periodically on our response and remediation progress.

We also ask that you adhere to responsible disclosure practices and give us a reasonable amount of time to investigate and address the vulnerability before publicly disclosing it. We appreciate your cooperation and support in keeping our products and services secure.