Security Policy

Last updated: 11/12/2025

Our Commitment to Security

CodeIn takes security seriously and is committed to protecting our users' data and privacy. We implement industry-standard security measures and continuously monitor and improve our security posture.

Security Measures

🔐 Authentication & Authorization

  • Multi-factor authentication (MFA)
  • OAuth 2.0 integration
  • Secure session management
  • Role-based access controls

🛡️ Data Protection

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Regular data backups
  • Data anonymization

🔍 Monitoring & Detection

  • 24/7 security monitoring
  • Automated threat detection
  • Intrusion detection systems
  • Security audit logging

🏗️ Infrastructure Security

  • Secure cloud infrastructure
  • Network segmentation
  • Regular security updates
  • Firewall protection

Vulnerability Disclosure Program

We welcome security researchers and the community to help us maintain the highest level of security. If you discover a security vulnerability, please follow our responsible disclosure process.

🚨 How to Report a Security Vulnerability

1

Email us directly: security@codein.com (PGP key available)

2

Include details: Steps to reproduce, impact assessment, and proof of concept

3

Allow time: We'll respond within 24 hours and provide updates every 48 hours

Please do not: Publicly disclose the vulnerability before we've had a chance to address it, access user data, or perform destructive actions.

Security Response Timeline

24h

Initial Response

Acknowledgment and initial assessment

7d

Investigation & Fix

Detailed analysis and resolution development

30d

Public Disclosure

Coordinated disclosure after fix deployment

Security Best Practices for Users

Protect Your Account

  • Use a strong, unique password for your CodeIn account
  • Enable two-factor authentication (2FA) when available
  • Regularly review your account activity and settings
  • Log out from shared or public computers
  • Keep your browser and extensions up to date
  • Be cautious about code snippets from untrusted sources
  • Report suspicious activity immediately

Compliance & Certifications

GDPR

General Data Protection Regulation compliant

SOC 2

Type II certification in progress

ISO 27001

Information security management

Security Contact Information

Security Team

security@codein.com

PGP Key

Available at: https://codein.com/pgp-key.asc

Bug Bounty Program

Coming soon - stay tuned for updates

Security Updates

We regularly update this security policy to reflect our evolving security practices and compliance requirements. Major changes will be communicated through our official channels.

Stay informed: Follow our security announcements at https://status.codein.com