Security posture, operations, and transparency

Security posture

• Separate session keys per node
• SSH key auth only, strict firewalling
• Intrusion detection and alerting
• Change management + incident documentation

Operations

• Monitoring-first with SLO targets
• Maintenance windows communicated
• Post-incident writeups and corrective actions

Transparency

• Status page + basic telemetry
• Clear channels for security reports
• Public ops notes and change log

Security reporting

To report a security issue, email infobitctrl@gmail.com. Machine-readable disclosure details are published at /.well-known/security.txt.