Vulnerability Disclosure Policy

Fortuna Cysec is committed to ensuring the security and reliability of our platform. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities and to convey our preferences in how to submit discovered vulnerabilities to us.

This policy describes what systems and types of research are covered under this policy, how to send us vulnerability reports, and how long we ask security researchers to wait before publicly disclosing vulnerabilities.

READ POLICY

SOC 2 TYPE 2

Our security services are SOC 2 Type 2 certified, setting a new standard for excellence and reliability in safeguarding your valuable information. This certification underscores our commitment to upholding the highest standards in security practices, ensuring that our systems are designed to protect against unauthorized access, data breaches, and other potential risks. This certification signifies that we meet all five of the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria concerning internal controls relevant to security, availability, processing integrity, confidentiality, and privacy.

READ IMPLICATIONS

ISO 22301:2019

At Fortuna Cysec, our services are aligned with ISO 22301:2019, the international standard for Business Continuity Management Systems (BCMS). This globally recognized certification demonstrates our proactive commitment to ensuring your business can withstand and recover from disruptions—swiftly, efficiently, and with minimal impact.

ISO 22301:2019 establishes a structured framework that empowers organizations to identify threats, mitigate operational risks, and maintain continuity of critical services, no matter the circumstances.

READ more

ISO/IEC 27001:2022

At Fortuna Cysec, our security practices are certified to the globally recognized ISO/IEC 27001:2022 standard, the gold standard for information security management. This certification demonstrates our unwavering commitment to proactively managing risk, protecting sensitive information, and maintaining the resilience of our information systems.

The ISO/IEC 27001:2022 framework establishes rigorous requirements for creating, implementing, maintaining, and continually improving an Information Security Management System (ISMS)—ensuring that data protection is built into everything we do.

READ more