DiagnosticPro takes security seriously. If you discover a security vulnerability, please report it responsibly.
- Email: security@diagnosticpro.io
- Response Time: Within 24 hours
- Confidentiality: We will keep your report confidential until the issue is resolved
- Create public GitHub issues for security vulnerabilities
- Share vulnerabilities on social media or forums
- Attempt to access data that doesn't belong to you
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Any proof-of-concept code (if applicable)
| Version | Supported |
|---|---|
| Latest | ✅ Yes |
| 1.0.x | ✅ Yes |
| < 1.0 | ❌ No |
- Customer diagnostic data encrypted in transit and at rest
- Firestore security rules enforce access controls
- Google Cloud Secret Manager for API keys
- Vertex AI for secure AI processing
- Firebase Hosting with HTTPS enforcement
- Cloud Functions with IAM authentication
- API Gateway with request validation
- Branch protection on main repository
- Regular security audits of npm packages
- Automated vulnerability scanning
- Prompt updates for security patches
We follow responsible disclosure practices:
- Initial Response: Acknowledgment within 24 hours
- Investigation: Assessment within 72 hours
- Resolution: Fix deployed based on severity
- Recognition: Public acknowledgment (with permission)
For security concerns, contact:
- Primary: security@diagnosticpro.io
- Backup: jeremy@intentsolutions.io
Last Updated: September 30, 2025 Version: 1.0