Security Approach
We use layered safeguards appropriate to the service, which may include encrypted transport, access controls, secure hosting, secrets management, logging, backups, dependency review, and incident response processes.
Scanner Limitations
The website security scan checks visible headers and configuration signals. It is not a penetration test, vulnerability certification, source-code audit, or guarantee against compromise.
Responsible Disclosure
Send suspected vulnerabilities to kapilav@varshyl.com with steps to reproduce, affected URL, impact, and contact information. Do not access data that is not yours, disrupt service, or publicly disclose an issue before reasonable remediation time.
Security Headers
The release package includes a Cloudflare Pages _headers file. Review the Content Security Policy against actual production domains and integrations before deployment.