WebsitePlatform Login

Security Overview

Central point of contact for security reports and bug bounty program

Detailed Security Documentation: Comprehensive technical details, incident response plans, and operational procedures are available after signing an NDA.

Overview

The security of our platform and the protection of your data are our highest priority. This page is your central point of contact for all security-related reports and inquiries.

Security Areas

🏗️ Infrastructure Security

Cloud-native Zero Trust architecture with enterprise-grade services:

  • Managed Kubernetes: Service mesh with mTLS end-to-end encryption
  • Monitoring & Alerting: Comprehensive monitoring with automated notifications
  • Compliance: GDPR compliant, ISO 27001 in preparation, SOC 2 Type II planned for 2026

💻 Software Security

Modern type-safe development architecture with security by design:

  • Secure Development: TypeScript Strict Mode, Python with typing, OWASP Top 10
  • Automated Security: AI-based code analysis, automatic dependency updates
  • External Testing: Bug bounty program, external penetration test planned for August 2025

🔒 DataVault Privacy

OnPremise solution for maximum data security:

  • Local Data Storage: All data remains in your infrastructure
  • Encrypted Transfer: Only relevant text sections via VPN
  • GDPR Compliance: Complete control over your data

🚨 Report Security Vulnerability

Immediate Reporting

If you have discovered a security vulnerability:

📧 Email: security@meingpt.com 📝 Subject: URGENT - Critical Security Issue (for critical issues)

What You Should Include

  • Detailed description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact and risk assessment
  • Screenshots or code examples (if possible)

⏱️ Our Response Times

We have implemented a structured incident response system:

  • Critical vulnerabilities: Immediate response (0-15 minutes)
  • High priority: Response within 30 minutes
  • Medium priority: Response within 2 hours

Detailed Incident Response Procedures: Specific escalation paths, communication plans, and operational procedures are documented in our internal incident response plan and available after NDA signing.

💰 Bug Bounty Program

We reward responsible security researchers for finding and reporting vulnerabilities in our systems.

Rewards

The amount of the reward is based on:

  • Severity of the vulnerability
  • Quality of the report
  • Potential impact
  • First-time reporting

Participation

For details about our Bug Bounty Program and current terms, please contact: bounty@meingpt.com

We will then discuss individually:

  • The scope of allowed tests
  • Testing methods
  • Reporting procedures
  • The verification process

Responsible Disclosure Policy

✅ Allowed

  • Coordinated disclosure after successful resolution
  • Recognition in our Security Hall of Fame
  • Legal protection for responsible researchers
  • Constructive collaboration with our security team

❌ Not Allowed

  • Access to customer data without permission
  • Denial of Service (DoS) attacks
  • Social engineering of employees
  • Physical attacks on our infrastructure

🏆 Security Champions

Hall of Fame

We thank all security researchers who have contributed to improving our platform. With their consent, we will publish their names here.

Details about specific vulnerabilities are not shared publicly for security reasons.

📞 Contact

For Different Concerns

Email Subject Lines

  • URGENT - Critical Security Issue - Critical vulnerabilities
  • Security Vulnerability Report - General vulnerability reports
  • Bug Bounty Submission - Bug Bounty Program
  • Security Question - General security questions

PGP Encryption

For particularly sensitive reports, our public PGP key is available upon request.


Further Information: