Security at AuthenlySign
We take security seriously. Learn about our comprehensive security measures, compliance certifications, and how to report vulnerabilities.
- RSA-4096 for PKI signatures
- AES-256-GCM for data at rest
- TLS 1.3 for data in transit
- HSM integration available
- SOC 2 Type II (In Progress)
- GDPR Compliant
- HIPAA Ready
- eIDAS Compliant
- Web Application Firewall
- DDoS Protection
- 24/7 Security Monitoring
- Automated Threat Detection
Program Overview
We reward security researchers who help us identify and fix vulnerabilities in our platform. Our bug bounty program is designed to encourage responsible disclosure and recognize the valuable contributions of the security community.
Reward Tiers
- Critical (RCE, Auth Bypass)$1,000 - $5,000
- High (SQL Injection, XSS)$500 - $1,000
- Medium (CSRF, Info Disclosure)$100 - $500
- Low (Best Practices)$50 - $100
In Scope
- AuthenlySign web application (app.authenlysign.com)
- API endpoints (api.authenlysign.com)
- Authentication and authorization
- Document processing and storage
Out of Scope
- Social engineering attacks
- Physical security testing
- Third-party services and integrations
- Denial of service attacks
Reporting Process
- 1
Submit Your Report
Email security@authenlysign.com with details of the vulnerability
- 2
Acknowledgment
We will acknowledge receipt within 24 hours
- 3
Investigation
Our security team will investigate and validate the issue
- 4
Resolution & Reward
We will fix the issue and reward you for your contribution
What to Include
- Detailed description of the vulnerability
- Steps to reproduce the issue
- Proof of concept (if applicable)
- Impact assessment
- Suggested remediation (optional)
We are grateful to the security researchers who have responsibly disclosed vulnerabilities to us. With their permission, we recognize their contributions here.
Your Name Here
Growing Community
Want to be listed? Report a valid security vulnerability to join our Hall of Fame.