Skip to content

Security: bylickilabs/CompactSecuritySuite

Security

Report a vulnerability

SECURITY.md

Security Policy

Supported Versions

The following table lists the versions of Compact Security Suite that are currently supported with security updates.

Version Supported
1.0.x ✅ Fully supported

Reporting a Vulnerability

If you discover a security vulnerability in Compact Security Suite, please DO NOT open a public GitHub Issue.
Instead, follow the secure reporting process below:

  1. Contact: Send an email to bylicki@mail.de (replace with your real contact) with the subject: 
    Security Vulnerability Report – Compact Security Suite
  2. Include:
    • A detailed description of the vulnerability
    • Steps to reproduce the issue
    • Potential security impact
    • Suggested fix or mitigation (if available)
  3. Encryption (recommended): Use PGP encryption for email.
    The public key is available on our official website.

Response Process

Once we receive a valid security report:

  1. Acknowledgement within 48 hours.
  2. Assessment of severity and scope.
  3. Fix development in a private branch.
  4. Security release and public disclosure once the fix is deployed.

Security Best Practices for Users

To ensure the security of your installation:

  • Always download Compact Security Suite from the official GitHub releases.
  • Verify digital signatures of executable files when available.
  • Keep your software updated to the latest supported version.
  • Use strong, unique passwords for all encryption operations.
  • Never share your encryption keys or passwords.
  • Secure your device with full-disk encryption for additional protection.
  • When using the secure delete feature, understand that physical overwrite on SSD/NVMe may not be fully guaranteed due to wear-leveling.

Scope of Responsibility

We are responsible for addressing vulnerabilities found in the official Compact Security Suite source code and releases.
We are not responsible for:

  • Modified or recompiled versions of the software
  • Third-party integrations or scripts not maintained by BylickiLabs
  • Misuse or insecure configurations by end users

Disclaimer

Compact Security Suite is a security-focused tool, but no software can guarantee absolute protection.
Users are encouraged to combine this tool with other security measures (firewalls, backups, full-disk encryption) for comprehensive protection.

There aren’t any published security advisories