Security posture
Security at NEXO is treated as a continuous process: prevention, detection, response, and improvement. We keep controls proportional to the current product stage.
Implemented controls
- Payload validation and input limits to reduce abuse and processing failures.
- Separation between public keys and server-only keys.
- Restricted persistence to operational metadata in Free mode.
- Operational event logging for technical audit and incident investigation.
- Ongoing review of critical API flows (conversion, waitlist, and tracking).
Shared responsibility
NEXO secures infrastructure and application processing. You are responsible for internal access control, source of submitted content, and final document review before institutional use.
Free session
Full markdown content, attachments, and generated PDF are not permanently stored in Free mode. Execution records only technical metadata required for operations and stability.
Vulnerability reporting
To report vulnerabilities, include:
- Risk description and observed impact.
- Step-by-step reproduction details.
- Technical evidence (logs, screenshots, or masked payloads).
Official channel: support@speck-solutions.com.br.
Incident response
We prioritize containment, root cause analysis, remediation, and status communication for incidents affecting availability, integrity, or confidentiality.