All Cognito endpoints require TLS. TLS is enforced using HSTS. SSL is not allowed on any endpoint and TLS 1.2 is preferred.
We receive occasional white box security audits. If you would like to see a copy of our latest report, please contact support.
We accept any and all security disclosures through email@example.com. If you would like to encrypt your message, we provide a PGP key below with which to do that. We offer a bug bounty program through Cobalt.
We use PGP for secure email communications. Below you can find our public key along with additional information allowing you to verify messages from us as well as encrypt messages for us.
|Fingerprint||DC61 8E96 0E24 258A 6583 4274 83D9 7AE0 CEE2 96AD|