How we protect ussoftware.io and the information you share with us — and how to report a vulnerability if you find one.
We follow widely accepted security practices to protect ussoftware.io and the information you share with us. No system is perfectly secure, and we won’t pretend otherwise — but the controls below describe what we do today.
The Site is served exclusively over HTTPS. Connections are protected by modern TLS, and HTTP requests are redirected to their HTTPS equivalents.
The Site is hosted on Amazon Web Services. Operating-system and application updates are applied on a regular cadence. Administrative access is restricted to a small group of named engineers using SSH keys; password authentication for administrative access is disabled.
Our public-facing forms (contact and job applications) are protected by Cloudflare Turnstile, which blocks automated abuse. Form submissions are routed through FormSubmit.co to info@ussoftware.io and jobs@ussoftware.io over TLS.
WordPress core, our theme, and our plugins are kept up to date, and unused themes and plugins are removed. Administrative accounts use strong, unique passwords.
If you believe you’ve discovered a security issue affecting ussoftware.io or any of our public services, please email legal@ussoftware.io with:
We commit to acknowledging your report within five business days. We ask that you give us a reasonable opportunity to investigate and remediate before any public disclosure, and that you avoid actions that could harm us, our users, or third parties — including denial-of-service testing, social engineering, or accessing data that doesn’t belong to you.
This page describes our practices for ussoftware.io. It does not create a contractual or legal obligation, and it is not a warranty or guarantee about the security of any specific system or the safety of any specific data. The Site is provided “as is” under our Terms.
Security questions or reports: legal@ussoftware.io.
