Security you can verify before you buy
Everything a procurement or security team needs to evaluate CyberXplore - how we handle engagement data, the certifications we hold, the sub-processors behind this website, and how to report a vulnerability.
How we handle your data
Clear, least-privilege defaults on every engagement - from kickoff to report delivery.
Data handling & retention
We collect only what an engagement or enquiry requires, keep it only as long as necessary, and delete it on a defined schedule. Full details are in our Privacy Policy.
Access control
Consistent with our ISO 27001 certification, access to client data is limited to the personnel who need it and protected by appropriate technical and organisational measures.
Confidentiality
Engagements can run under a mutual NDA on request, and every finding is treated as strictly confidential - reported to you first, never disclosed publicly.
Secure delivery
Data submitted through this website is encrypted in transit with TLS, and reports are delivered through secure, access-controlled channels.
Independently certified
CyberXplore maintains ISO 27001 for information security and ISO 9001 for quality management. Certificates are available for vendor review on request.
Who processes your data
The third-party services and infrastructure involved in operating this website. This site sets no tracking or advertising cookies.
| Provider | Purpose | Data | Region |
|---|---|---|---|
| SlackSalesforce, Inc. | Internal notification of new website enquiries and quote requests. | Name, email, company, message content | United States |
| PostgreSQL database | Secure storage of website enquiry records and editable site content. | Name, email, company, phone, message content | Managed cloud hosting |
This list covers processors used to run the website. An engagement-specific sub-processor list and Data Processing Agreement are available under NDA on request.
Report a vulnerability
Found a security issue on our website? We welcome good-faith reports and will work with you to resolve them quickly.
Security contact
[email protected]Scope
This policy covers the cyberxplore.com website and its subdomains. Please do not access, modify, or exfiltrate data that is not your own, and avoid actions that could degrade service for others.
Safe harbor
We will not pursue legal action against researchers who act in good faith, follow this policy, and give us a reasonable opportunity to remediate before any public disclosure.
Machine-readable policy:
/.well-known/security.txtNeed documentation for vendor review?
Request our ISO certificates, insurance details, or a redacted sample report to pre-clear a vendor-risk review.
