Security Policy
Last updated: May 1, 2026
Responsible DisclosureMyDojoPath and Viglascode maintain security controls to protect service availability, confidentiality, and integrity.
This policy describes our operational practices and disclosure channel. It is not a contractual SLA or legal advice.
1. Security Program Overview
- Use of administrative, technical, and organizational safeguards.
- Access management based on role and operational need.
- Periodic review of infrastructure and application risks.
2. Data Protection Controls
- Encryption in transit for supported web communications (HTTPS/TLS).
- Restricted access to operational systems and support channels.
- Logging and monitoring where appropriate for reliability and abuse prevention.
3. Vulnerability Reporting
If you identify a potential vulnerability, report it to security@viglascode.com with reproducible steps, impact, and supporting details.
- Please avoid public disclosure while remediation is in progress.
- Do not access data that is not your own.
- Do not perform destructive testing, service disruption, or extortion attempts.
4. Response Commitments
- Acknowledgment target: within 5 business days.
- Status updates during investigation when applicable.
- Reasonable remediation effort for confirmed issues.
5. Incident Handling
When a confirmed security incident is detected, we follow internal response procedures that include triage, containment, remediation, and post-incident review.
6. Third-Party Services
We may use trusted service providers for hosting, communications, and analytics. These providers are selected with security and reliability considerations.
7. Contact
Security reports: security@viglascode.com
General support: info@viglascode.com