Security
Your security is our top priority at BuildRace Labs
Security Measures
Data Encryption
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for sensitive data at rest
- Encrypted storage for tax documents
Authentication
- Secure OAuth 2.0 with GitHub/Google
- JWT tokens with short expiration
- Rate limiting on auth endpoints
Infrastructure
- Google Cloud Platform hosting
- DDoS protection via Cloudflare
- Regular security updates
Compliance
- PCI DSS compliant payments
- GDPR compliant data handling
- SOC 2 Type II (in progress)
Best Practices for Users
- 1.Use a strong, unique password for your BuildRace account
- 2.Enable two-factor authentication when available
- 3.Never share your account credentials with others
- 4.Keep your GitHub repositories private until after race completion
- 5.Report suspicious activity immediately
Security Bug Bounty
We appreciate the security research community's efforts in helping keep BuildRace safe. If you discover a security vulnerability, please report it responsibly.
Reporting Process:
- Email security@buildrace.io with details
- Include steps to reproduce the issue
- Allow us time to fix before public disclosure
- Eligible reports may receive rewards up to $5,000
Please review our full bug bounty program terms before submitting.
Incident Response
In the unlikely event of a security incident:
- •We will notify affected users within 72 hours
- •We will provide clear information about the impact
- •We will offer guidance on protective measures
- •We will conduct a thorough post-incident review
Contact Security Team
BuildRace Labs Security Team
Email: security@buildrace.io
PGP Key: Available on request
For general support, please use support@buildrace.io