When it comes to data, keeping data secure is critical. We understand that
and this page is to help explain how we protect our data.
Security Steps We Take
- Every page you visit on https://www.TrioSoft.com/
(excluding links to external sites) is secured with a minimum of 2048-bit SSL encryption.
This means that all data you transmit to and from our web site is encrypted, including your portfolios. You should see every page
you visit on our web site start with https://
Our servers are automatically kept up to date with the latest security
patches and updates keeping us one step ahead.
- Our data is protected by a high-end hardware based firewall which features Intrusion Detection and Prevention and also includes real-time packet scanning for malware and Trojans.
- We log traffic on multiple levels. All traffic to our web site is logged at 4 different
levels. We log web site requests at the HTTP level, web site request at the
server level in W3C format, we log all server logins and we log all TCP/UDP
traffic at the router level.
- Our servers are protected by Anti-Virus software 24/7 and automatically updates
itself with the latest security threats.
- We are 100% committed to data security and confidentiality.
- Our website has been tested and scanned for security vulnerabilities
- SQL Injection attacks are blocked an two layers
Our responsible disclosure policy.
If you're a security researcher and think you've found a security vulnerability, we want to hear about it right away.
We ask that you give us a reasonable amount of time to respond to your report before making any information public.
Please don't access or modify user data without permission of the account owner and act in good faith not to degrade the performance of our services (including denial of service).
If you comply with these requests, we won't take legal action against you.
We're interested in the following areas:
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF/XSRF)
- SQL injection (SQLi)
- Authentication/authorization for devices or clients
- Sharing/public model
- Remote code execution
- Data exposure
- Denial of Service (DoS)
- Wireless vulnerabilities
- Leaked Credentials
- Targeted Trojans
If you have identified a security vulnerability, please contact firstname.lastname@example.org