Security

Learn more about how our compliance and security best practices keeps your data safe.

Responsible Disclosures

Countercyclical continuously improves the security of the platform through rapid and continuous development & deployment cycles.

While we do not offer a bug bounty program at this time, we greatly appreciate and welcome any responsible disclosures sent to us as a means of improving the overall security & infrastructure of our platform. We greatly value the detailed work ethical security researchers perform across the Internet.

If you do report a security vulnerability to us, we ask that you:

  • Do not attempt to access, modify, or delete data belonging to Countercyclical users.

  • Report issues promptly once they've been discovered.

  • Do not attempt denial of service, or any other harmful actions, against Countercyclical.

FAQs

Do you have a trust center?

Yes!

Visit security.countercyclical.io to see everything relating to our security posture for our internal systems, subprocessors, enterprise functionality, and more.

What service(s) do you use for your cloud infrastructure?

We use Heroku as our cloud infrastructure provider, and we use the Common Runtime located in the United States.

For more information, you visit the following resources:

How are vulnerabilities reported?

You can report any suspected security issues, along with getting information about what is in scope for our reports and other guidelines, by emailing us at [email protected]

Please email us at [email protected] for all matters relating to security with Countercyclical.

Last updated