Security

Security

How we approach platform security, scanner limitations, and responsible vulnerability reporting.

Security Approach

We use layered safeguards appropriate to the service, which may include encrypted transport, access controls, secure hosting, secrets management, logging, backups, dependency review, and incident response processes.

Scanner Limitations

The website security scan checks visible headers and configuration signals. It is not a penetration test, vulnerability certification, source-code audit, or guarantee against compromise.

Responsible Disclosure

Send suspected vulnerabilities to kapilav@varshyl.com with steps to reproduce, affected URL, impact, and contact information. Do not access data that is not yours, disrupt service, or publicly disclose an issue before reasonable remediation time.

Security Headers

The release package includes a Cloudflare Pages _headers file. Review the Content Security Policy against actual production domains and integrations before deployment.