MYSTRIBUTION

Encryption

• Transport: HTTPS/TLS for all web traffic.
• At rest: encrypted storage for critical data and backups.
• Secrets: restricted vaulting and rotation practices.

Access Controls

• Least-privilege roles; need-to-know data access.
• MFA for privileged accounts and production access.
• Audit trails for sensitive operations.

Vulnerability Management

• Regular dependency and image scanning.
• Patch management based on risk severity.
• Security reviews for critical changes.

Incident Response

• Detect → assess impact → contain → eradicate → recover → postmortem.
• Customer notifications where required by law or contract.
• Continuous improvement from lessons learned.

Data Protection

• Regional data handling aligned with applicable laws.
• Data minimization and retention aligned with product needs & regulation.
• Controls for copyright/DMCA requests and content integrity.

Responsible Disclosure Security@

If you believe you've found a vulnerability, report it responsibly to security@mystribution.com. Please include a clear description and steps to reproduce. We’ll acknowledge and follow up.