# Security

### Responsible Disclosures

Countercyclical continuously improves the security of the platform through rapid and continuous development & deployment cycles.

While we do not offer a bug bounty program at this time, we greatly appreciate and welcome any responsible disclosures sent to us as a means of improving the overall security & infrastructure of our platform. We greatly value the detailed work ethical security researchers perform across the Internet.

If you do report a security vulnerability to us, we ask that you:

* Do not attempt to access, modify, or delete data belonging to Countercyclical users.
* Report issues promptly once they've been discovered.
* Do not attempt denial of service, or any other harmful actions, against Countercyclical.

### FAQs

<details>

<summary>Do you have a trust center?</summary>

Yes!&#x20;

Visit [security.countercyclical.io](https://security.countercyclical.io/) to see everything relating to our security posture for our internal systems, subprocessors, enterprise functionality, and more.

</details>

<details>

<summary>What service(s) do you use for your cloud infrastructure?</summary>

We use [Heroku](https://heroku.com/) as our cloud infrastructure provider, and we use the Common Runtime located in the United States.

For more information, you visit the following resources:

* <https://devcenter.heroku.com/articles/dyno-runtime#common-runtime>
* <https://devcenter.heroku.com/articles/regions>

</details>

<details>

<summary>How are vulnerabilities reported?</summary>

You can report any suspected security issues, along with getting information about what is in scope for our reports and other guidelines, by emailing us at <security@countercyclical.io>

</details>

{% hint style="info" %}
Please email us at <security@countercyclical.io> for all matters relating to security with Countercyclical.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.countercyclical.io/extras/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.