← Back to Home

Security

Last Updated: June 25, 2026

Security is core to what we do. This page explains how to report a vulnerability and the measures we take to protect your data.

Reporting a vulnerability

If you believe you've found a security issue in Zonemon, please email security@zonemon.io with the details and steps to reproduce. We investigate every report.

We ask that you give us a reasonable opportunity to address an issue before disclosing it publicly, and that you avoid accessing or modifying other users' data while testing. We do not currently run a paid bug-bounty program, but we genuinely appreciate responsible disclosure.

How we protect your data

  • Authentication: sign-in is handled by Firebase Authentication (Google and email/password), with optional multi-factor authentication.
  • Encryption in transit: all traffic to Zonemon is served over HTTPS/TLS.
  • Encryption at rest: your data is stored in Google Cloud, which encrypts data at rest by default.
  • Payments: card payments are processed by Stripe. We do not store your card details on our servers.
  • Access control: accounts support role-based access (owner, admin, member, viewer) so you can limit what each team member can see and do.
  • Infrastructure: Zonemon runs on Google Cloud Platform.

Questions

For anything security-related, contact security@zonemon.io.