Skip to content

Security Disclosure

Security Disclosure Policy

Last updated: March 2025

Codex Vitae takes the security of our platform and the privacy of our users with the utmost seriousness. We are committed to working with security researchers and the broader community to identify and address vulnerabilities responsibly.

Reporting a Vulnerability

If you have discovered a potential security vulnerability in the Codex Vitae platform, we want to hear from you. Please report it to us as soon as possible so we can investigate and address the issue before it is publicly disclosed.

Security contact: security@codexvitae.life

What To Include in Your Report

  • A clear description of the vulnerability and its potential impact
  • The steps required to reproduce the vulnerability
  • Any supporting screenshots, logs, or proof-of-concept code
  • Your contact information for follow-up

Our Commitment to Researchers

  • We will acknowledge receipt of your report within 24 hours
  • We will provide a status update within 5 business days
  • We will not pursue legal action against researchers who report vulnerabilities in good faith and follow this policy
  • We will credit researchers (if desired) when we publicly disclose resolved vulnerabilities

Scope

This policy applies to security vulnerabilities identified in:

  • codexvitae.life (company website)
  • codexvitae.cloud (application platform)
  • Codex Vitae mobile applications
  • Codex Vitae APIs

Out of Scope

  • Social engineering attacks targeting Codex Vitae employees
  • Physical security attacks
  • Denial of service attacks
  • Vulnerabilities in third-party services we use
  • Theoretical vulnerabilities without demonstrated impact

Responsible Disclosure

We ask that researchers:

  • Allow us reasonable time to investigate and resolve vulnerabilities before public disclosure
  • Avoid accessing, modifying, or deleting user data during research
  • Avoid disrupting service availability
  • Act in good faith toward our users and our platform

We are committed to responding promptly and transparently to all legitimate security reports. Thank you for helping keep Codex Vitae secure.

For security disclosures, contact security@codexvitae.life