Inside Our Security Vulnerability Response Process
What happens when a security vulnerability is reported — from triage to patch to disclosure, step by step.
Every software has vulnerabilities. What matters is how quickly and transparently you respond to them. Here is our end-to-end process from initial report to customer notification.
The Process
- Triage within 4 hours of report — assess severity using CVSS scoring
- Assign to a dedicated security engineer who owns the fix end-to-end
- Develop and test the patch in an isolated environment
- Deploy the fix to production within 24 hours for critical issues
- Notify affected customers with clear, honest communication
- Publish a post-mortem and update our security practices
Bug Bounty
Our bug bounty programme rewards security researchers who report vulnerabilities responsibly. We pay between $100 and $10,000 depending on severity and impact.
Related Articles
View all
Introducing TrueValue CRM — The All-in-One Business Platform
Today we are launching TrueValue CRM, a comprehensive platform that brings together CRM, marketing automation, payroll, appointments, and more into a single unified suite.
Why Privacy-First Architecture Matters for Your Business
In an era of data breaches and surveillance capitalism, we built TrueValue from the ground up with privacy as a core principle. Here is why that matters.
Deep Dive: Our Multi-Tenant Architecture
How we built a secure, scalable multi-tenant platform that ensures complete data isolation while keeping costs manageable.