Sign In

Keeping Episolo Secure

We take security seriously, and we're grateful for the builders who help us keep things safe. If you've found a vulnerability, bug, or any issue that could affect the security of Episolo or our users, please let us know right away. We'll review and address it quickly.

Found a Security Issue?

Report it directly to our security team for a prompt response.

Report Security Issue

The Episolo Approach to Safety

Security Built In

That commitment to security runs through every part of the product. From the moment you start building, your app is protected by default. Every Episolo app runs on secure infrastructure with managed hosting, encrypted data, and built-in authentication. You can define exactly who can access your app, set up role-based permissions, and apply user-specific access rules. For example, if you're building a task management app, you can set it up so each user only sees their own tasks. No complex backend configuration required.

Data Protection

All data stored in Episolo is encrypted both in transit and at rest. We use industry-standard encryption protocols to ensure your applications and user data remain secure. Our database infrastructure is hosted on secure, compliant platforms with regular security audits and monitoring. We implement strict access controls and logging to track all data access and modifications.

Secure Deployment

When you deploy your app with Episolo, it's automatically configured with security best practices. This includes HTTPS encryption, secure headers, CORS protection, and protection against common vulnerabilities like XSS and CSRF attacks. Our deployment infrastructure is isolated and sandboxed to prevent cross-contamination between applications.

Privacy First

We believe in transparency and user privacy. Your code and applications belong to you. We don't use your proprietary code to train our AI models without explicit consent. We collect only the minimum data necessary to provide and improve our services. Our privacy practices are detailed in our Privacy Policy, and we're committed to compliance with GDPR, CCPA, and other privacy regulations.

Security Best Practices for Your Apps

1
Use Strong Authentication

Enable authentication for your apps and use strong password requirements. Consider implementing multi-factor authentication for sensitive applications.

2
Set Proper Access Controls

Define clear access rules for your data. Use role-based permissions to ensure users can only access the data they need.

3
Validate User Input

Always validate and sanitize user input to prevent injection attacks and data corruption.

4
Keep Secrets Safe

Never hardcode API keys or sensitive credentials in your application code. Use environment variables or secure secret management.

5
Regular Security Reviews

Periodically review your application's security settings and permissions, especially before making your app public or adding new features.

Responsible Disclosure

We appreciate the security research community's efforts to keep Episolo safe. If you discover a security vulnerability, we ask that you:

  • Email us at security@episolo.com with details of the vulnerability
  • Give us reasonable time to respond and address the issue before public disclosure
  • Avoid accessing, modifying, or deleting data that isn't yours
  • Don't disrupt our services or degrade the user experience
  • Act in good faith and avoid privacy violations

We commit to acknowledging your report promptly, keeping you informed of our progress, and publicly crediting you for your discovery (if you wish) once the issue is resolved.

Security Contact

For security-related inquiries and vulnerability reports:

security@episolo.com

For general support and non-security issues, please contact support@episolo.com