Skip to content
CyberXplore - Xplore the Unseen
Trust Center

Security you can verify before you buy

Everything a procurement or security team needs to evaluate CyberXplore - how we handle engagement data, the certifications we hold, the sub-processors behind this website, and how to report a vulnerability.

Data handling

How we handle your data

Clear, least-privilege defaults on every engagement - from kickoff to report delivery.

Data handling & retention

We collect only what an engagement or enquiry requires, keep it only as long as necessary, and delete it on a defined schedule. Full details are in our Privacy Policy.

Access control

Consistent with our ISO 27001 certification, access to client data is limited to the personnel who need it and protected by appropriate technical and organisational measures.

Confidentiality

Engagements can run under a mutual NDA on request, and every finding is treated as strictly confidential - reported to you first, never disclosed publicly.

Secure delivery

Data submitted through this website is encrypted in transit with TLS, and reports are delivered through secure, access-controlled channels.

Certifications

Independently certified

CyberXplore maintains ISO 27001 for information security and ISO 9001 for quality management. Certificates are available for vendor review on request.

ISO 27001Information Security
ISO 9001Quality Management
Sub-processors

Who processes your data

The third-party services and infrastructure involved in operating this website. This site sets no tracking or advertising cookies.

ProviderPurposeDataRegion
SlackSalesforce, Inc.Internal notification of new website enquiries and quote requests.Name, email, company, message contentUnited States
PostgreSQL databaseSecure storage of website enquiry records and editable site content.Name, email, company, phone, message contentManaged cloud hosting

This list covers processors used to run the website. An engagement-specific sub-processor list and Data Processing Agreement are available under NDA on request.

Responsible disclosure

Report a vulnerability

Found a security issue on our website? We welcome good-faith reports and will work with you to resolve them quickly.

Security contact

[email protected]

Scope

This policy covers the cyberxplore.com website and its subdomains. Please do not access, modify, or exfiltrate data that is not your own, and avoid actions that could degrade service for others.

Safe harbor

We will not pursue legal action against researchers who act in good faith, follow this policy, and give us a reasonable opportunity to remediate before any public disclosure.

Machine-readable policy:

/.well-known/security.txt

Need documentation for vendor review?

Request our ISO certificates, insurance details, or a redacted sample report to pre-clear a vendor-risk review.

Get a Quote