Security Policy

This Security Policy outlines the measures Shakhawat LLC takes to protect its systems and data, and explains how to report vulnerabilities responsibly. It is provided for general information and does not constitute legal advice. Business-specific details such as our registered address and contact email are placeholders that should be customized before publishing. Security reports can be sent to abuse@shakhawatllc.online.

Last updated: June 27, 2026

1. HTTPS and TLS

Our website and services are served over HTTPS using modern Transport Layer Security (TLS). This helps protect data exchanged between your browser and our systems from interception and tampering.

2. Encryption in Transit and at Rest

We use encryption to protect data in transit and, where appropriate, at rest. Sensitive data is handled using industry-standard cryptographic protocols, and access to encryption keys is restricted.

3. Secure Authentication

We apply secure authentication practices, including strong password requirements, support for multi-factor authentication where available, and the principle of least privilege for access to systems and data.

4. Infrastructure Protection

We protect our infrastructure using measures such as network segmentation, firewalls, hardened configurations, regular patching and reputable hosting providers. We design our systems to reduce the attack surface and limit the impact of any single failure.

5. Monitoring

We monitor our systems for unusual or unauthorized activity, maintain logging where appropriate, and maintain procedures to respond to security incidents in a timely manner.

6. Coordinated Vulnerability Disclosure

We value the work of security researchers and welcome reports of potential vulnerabilities. If you believe you have found a security issue, please report it to us privately so we can investigate and remediate before any public disclosure.

To report a vulnerability, email abuse@shakhawatllc.online and include:

  • A clear description of the issue and its potential impact.
  • Steps to reproduce, including any proof-of-concept where safe to share.
  • The affected URL, endpoint or component.
  • Your contact details so we can follow up.

7. Safe Harbor

If you make a good-faith effort to comply with this policy during your research, we will consider your activity authorized, will not pursue legal action against you in relation to the report, and will work with you to understand and resolve the issue. Please avoid privacy violations, data destruction, service disruption and accessing more data than necessary to demonstrate the issue.

8. Our Commitment to Respond

We commit to acknowledging valid reports, keeping you informed of our progress where appropriate, and working to remediate confirmed vulnerabilities in a reasonable timeframe based on severity. We appreciate responsible disclosure and the opportunity to fix issues before they are exploited.

9. Scope

This policy applies to systems and services operated by Shakhawat LLC, including our website at https://shakhawatllc.online. Third-party services we rely on are governed by their own security and disclosure policies. Testing that could harm our systems, data or users, or that violates applicable law, is outside the scope of this policy.