Software Security Statement
Aligned with NIST SSDF concepts: secure development, provenance, and transparent response.
Secure development practices
- Dependencies tracked; updates prioritized for security fixes.
- Builds are reproducible where practical; release artifacts are hashed.
- Least-privilege defaults; sensitive operations are explicit.
Supply chain & provenance
- We maintain release notes and can provide SBOM and hashes on request.
- Artifacts are distributed over HTTPS; integrity checks are supported.
Vulnerability reporting
Email security@fxbgfoundry.com. We acknowledge reports and work toward timely remediation. See security.txt for details.
Data handling
We design products to minimize data collection and support offline-first workflows when feasible. See Privacy.