We take security seriously at BlackRoad OS. The following versions are currently supported with security updates:
| Version | Supported |
|---|---|
| Latest | ✅ |
| < Latest | ❌ |
DO NOT create a public GitHub issue for security vulnerabilities.
Please report security vulnerabilities by emailing:
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if available)
- Acknowledgment: Within 24 hours
- Initial Assessment: Within 72 hours
- Regular Updates: Every 7 days until resolved
- Disclosure Timeline: Coordinated disclosure after fix is deployed
This repository adheres to:
- OWASP Top 10 security best practices
- SEC Rule 17a-4 recordkeeping requirements (where applicable)
- NIST Cybersecurity Framework
- SOC 2 Type II controls (in progress)
For compliance-related security concerns:
- Chief Compliance Officer: Alexa Amundson
- CRD#: 7794541
- Email: blackroad.systems@gmail.com
Last Updated: 2026-01-04 Compliance Framework: BlackRoad OS Master Compliance Framework v1.0