VĪQNG Intelligence Security
Legal

Security

Last reviewed: June 2026  ·  VĪQNG Intelligence

We take the security of your account and data seriously. This page describes the technical measures in place and how to report a vulnerability.

Infrastructure Security

Transport
TLS 1.2+ enforced
Email Authentication
SPF · DKIM · DMARC
Password Storage
Bcrypt hashed
Payment Data
Stripe — not stored by us
Database Access
Localhost-only, no public port
Admin Routes
Caddy IP-gated

What We Do

  • All traffic between your browser and our platform is encrypted using TLS. HTTP connections are automatically redirected to HTTPS.
  • Passwords are hashed using bcrypt before storage. We never store plaintext passwords.
  • Database access is restricted to localhost — no external network exposure.
  • Admin and analytics endpoints are restricted at the reverse proxy level to authorized IPs only.
  • Email sending is authenticated with SPF, DKIM, and DMARC to prevent spoofing.
  • Payment card data is handled exclusively by Stripe and is never transmitted to or stored by our systems.
  • Session tokens are scoped to authenticated accounts and expire on logout.

What We Don't Do

  • We do not store payment card numbers or CVVs.
  • We do not share subscriber data with advertisers or data brokers.
  • We do not log full request bodies containing sensitive input fields.
  • We do not use third-party analytics scripts on the platform dashboard.

Responsible Disclosure

If you discover a security vulnerability in VĪQNG Intelligence, we ask that you disclose it to us responsibly before making it public. To report a vulnerability:

  • Email: security@viqng.com
  • Include a clear description of the vulnerability and steps to reproduce it.
  • We will acknowledge your report within 48 hours and work to address confirmed vulnerabilities promptly.

We do not operate a formal bug bounty program at this time but we genuinely appreciate responsible disclosure and will acknowledge contributors where appropriate.

Scope

In-scope for responsible disclosure:

  • Authentication and authorization flaws on viqng.com
  • Data exposure vulnerabilities affecting subscriber records
  • Injection vulnerabilities (SQL, XSS, etc.) on platform endpoints

Out of scope: denial-of-service attacks, social engineering, physical security, or issues in third-party dependencies outside our control.

Contact

Security: security@viqng.com

VĪQNG · Pursuit-Ready Intelligence
Terms Privacy Disclaimer Security