Last Updated: September 23, 2025

Velda is currently in proof-of-concept (POC) stage. This notice outlines our current security practices and how to report security issues.

🔄 In Development:

• Comprehensive security testing procedures
• Penetration testing and vulnerability scanning
• Security compliance certifications

✅ Basic Security Measures:

• HTTPS/TLS encryption for all communications
• Secure cloud infrastructure (AWS/Google Cloud/Azure)
• Container isolation for development environments
• Basic access controls and authentication
• Regular system updates

If you find a security vulnerability, please report it responsibly:

Contact: [email protected]
Subject: [SECURITY] Vulnerability Report
Response Time: We aim to respond within 24 hours

• Clear description of the issue
• Steps to reproduce
• Potential impact
• Your contact information

• Quick acknowledgment of reports
• Regular updates on progress
• Recognition for responsible disclosure (with your permission)

Please:

• Give us time to fix issues before public disclosure
• Test only on your own accounts/data
• Follow responsible disclosure practices

Don't:

• Access other users' data
• Perform attacks that could harm our infrastructure
• Publicly disclose vulnerabilities before we've addressed them

As we're in proof-of-concept stage:

• Security measures are continuously evolving
• Full compliance certifications are planned for production
• Some enterprise security features are still in development

Security Team: [email protected]
General Contact: [email protected]

POC Notice: Velda is currently in proof-of-concept stage. Our security practices will evolve significantly as we develop toward production release.

Last Updated: September 23, 2025