Security & Responsible Disclosure

Controls

• HTTPS/TLS; encryption at rest where supported by providers.
• Role-based access controls; least-privilege operations; audit and request logs.
• Backups and recovery testing; environment segregation where feasible.
• Rate limiting, CSRF protection, input validation.

Reporting vulnerabilities

Send details to admin@weamplifyit.com. Please include steps to reproduce and do not access other users’ data. We will acknowledge and remediate in priority order.

Incident response

We investigate and, where required by law, notify affected customers and regulators.