Skip to content

Security

  • Encryption in transit; environment secrets in a credential vault.
  • Role-based access control; least-privilege and regular key rotation.
  • Immutable logs, anomaly detection, and incident playbooks.
  • Dependency scanning and SBOM tracking for supply-chain security.

Responsible Disclosure

If you believe you’ve found a vulnerability, please email security@standora.co.uk with a concise description and reproduction steps. Do not publicly disclose before we confirm a fix. We aim to acknowledge within 48 hours and provide status updates until resolution. Thank you for helping us keep users safe.

Standora is a software platform, not a broker or advisor.