Legal
Security
Security is a first-class concern at AxionCoreTech. We design our systems with defence-in-depth and regularly validate our posture through independent testing.
Security Practices
Encryption in Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.3. We enforce HTTPS across all endpoints and reject insecure connections.
Encryption at Rest
Sensitive data stored in our databases is encrypted at rest using AES-256. Encryption keys are managed via a dedicated key management service with regular rotation.
Access Controls
We enforce the principle of least privilege. Employee access to production systems requires multi-factor authentication and is reviewed quarterly. All access is logged and audited.
Penetration Testing
We engage independent third-party security firms to conduct annual penetration tests on our infrastructure and applications. Critical findings are remediated within 30 days.
Vulnerability Disclosure
We operate a responsible disclosure programme. If you discover a vulnerability, please report it to security@axioncoretech.com. We commit to acknowledging your report within 48 hours.
Dependency Management
All third-party dependencies are tracked and scanned for known CVEs using automated tooling on every build. We maintain a private SBOM (Software Bill of Materials) for all production services.
Certifications & Compliance
Report a Vulnerability
We take security reports seriously. If you have found a potential vulnerability in our systems, please disclose it responsibly by emailing us directly. Do not exploit the vulnerability or disclose it publicly before we have had a chance to address it.
security@axioncoretech.com