Security Notice
Last Updated: September 23, 2025
Velda is currently in proof-of-concept (POC) stage. This notice outlines our current security practices and how to report security issues.
Current Security Status
🔄 In Development:
- Comprehensive security testing procedures
- Penetration testing and vulnerability scanning
- Security compliance certifications
✅ Basic Security Measures:
- HTTPS/TLS encryption for all communications
- Secure cloud infrastructure (AWS/Google Cloud/Azure)
- Container isolation for development environments
- Basic access controls and authentication
- Regular system updates
Vulnerability Disclosure
How to Report Security Issues
If you find a security vulnerability, please report it responsibly:
Contact: security@velda.io
Subject: [SECURITY] Vulnerability Report
Response Time: We aim to respond within 24 hours
What to Include
- Clear description of the issue
- Steps to reproduce
- Potential impact
- Your contact information
Our Commitment
- Quick acknowledgment of reports
- Regular updates on progress
- Recognition for responsible disclosure (with your permission)
Security Guidelines
Please:
- Give us time to fix issues before public disclosure
- Test only on your own accounts/data
- Follow responsible disclosure practices
Don't:
- Access other users' data
- Perform attacks that could harm our infrastructure
- Publicly disclose vulnerabilities before we've addressed them
POC Limitations
As we're in proof-of-concept stage:
- Security measures are continuously evolving
- Full compliance certifications are planned for production
- Some enterprise security features are still in development
Contact
Security Team: security@velda.io
General Contact: contact@velda.io
POC Notice: Velda is currently in proof-of-concept stage. Our security practices will evolve significantly as we develop toward production release.
Last Updated: September 23, 2025