Skip to content

Security: StealthTensor/Vertex1

Security

SECURITY.md

Security Policy

Supported Versions

We actively support and provide security updates for the following versions:

Version Supported
1.0.x

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly:

  1. Do NOT create a public GitHub issue
  2. DO email us directly or contact maintainers privately
  3. Include detailed steps to reproduce
  4. We will acknowledge and work on a fix

Security Practices

Authentication

  • JWT-based authentication with secure token handling
  • Passwords hashed with bcrypt
  • Secure cookie configuration (HttpOnly, Secure, SameSite)

Data Protection

  • Environment-based secrets management
  • Input validation and sanitization
  • SQL injection prevention via parameterized queries

API Security

  • Rate limiting on sensitive endpoints
  • CORS configuration
  • Proper HTTP status codes

Infrastructure

  • HTTPS enforcement
  • Regular dependency updates
  • Docker containerization for isolation

Best Practices for Users

  • Use strong, unique passwords
  • Enable notifications for important updates
  • Keep your profile information up to date
  • Log out from shared devices

Changelog

Security fixes will be documented in the project changelog.

There aren't any published security advisories