Security policy
This security policy describes the security standards and protective measures for korrekturbeleg.de as a product of OREONX Software GmbH.
korrekturbeleg.de is a product of OREONX Software GmbH.
Scope
This security policy applies to korrekturbeleg.de as a product of OREONX Software GmbH and to the associated web applications, APIs and communication channels.
Security Architecture
How we protect data: From the database layer to the HTTP request, our tech stack is built for isolation, encryption and defence against vulnerabilities.
Encryption & Data Privacy
Your customer data is encrypted at rest with AES-256 by default. All data in transit between clients, APIs and our servers is secured without exception using TLS 1.3.
ENCRYPTION_LAYER: AES-256 (Rest) & TLS 1.3 (Transit) enforced.Identity & Access Management
We apply the principle of least privilege (PoLP). Our systems use strict role-based access control (RBAC). Sensitive admin areas and critical endpoints are protected by multi-factor authentication (MFA) by default.
IAM_STATUS: RBAC System online · MFA policy active for elevated roles.Infrastruktur & Cloud Security
Our physical databases and SaaS nodes are located in ISO 27001-certified high-security data centres within the DACH region (Germany and Switzerland). There is no hidden routing via US servers.
DATA_CENTER: ISO 27001 verified · DACH routing strictly enforced.Vulnerability Management
Code ages. That is why we automatically scan our repositories and dependencies for known CVEs (Common Vulnerabilities and Exposures) via CI/CD pipelines. Regular penetration tests ensure our architectures hold up.
AUDIT_TRAIL: Automated vulnerability scanning & scheduled pentests.Vulnerability Disclosure Program
Security is a shared process. If you are a security researcher and have found a vulnerability in our systems or web applications, we ask you to contact us discreetly. We take reports extremely seriously and guarantee a fast escalation chain.