Security Policy

Last updated: January 2025

Reporting Vulnerabilities

We encourage responsible disclosure of security vulnerabilities. If you discover a potential vulnerability in our systems, please contact us at: contact@lxapps.com

Scope

This policy applies to all LXApps websites, web applications, and public APIs.

Disclosure Process

When reporting vulnerabilities, please follow these guidelines:

  • Send an email describing the vulnerability with as much detail as possible
  • Include steps to reproduce the issue, if applicable
  • Do not exploit the vulnerability beyond what is necessary to demonstrate it
  • Do not access data that does not belong to you

Our Commitment

We are committed to maintaining the security of our systems and your data:

  • Encryption in transit: all communications use TLS/SSL
  • Encryption at rest: stored data is encrypted
  • Regular backups: automatic and redundant backup copies
  • Monitoring: systems continuously monitored for anomaly detection
  • Code review and security testing

Security Best Practices

Our applications are developed following security best practices, including validation and sanitization of all inputs, protection against common attacks (XSS, CSRF, SQL Injection), secure authentication and session management, and the principle of least privilege for data access.