Security at FN Coding Agent

Your code and data security is important to us. We implement security best practices to protect your code and personal information.

Our Security Measures

Security practices we implement

Data Encryption

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Secure password hashing with bcrypt
  • Encrypted JWT tokens for API authentication

Authentication & Access

  • OAuth 2.0 with PKCE for VS Code extension
  • Social login via Google and GitHub
  • Secure OTP-based password reset
  • Rate limiting on authentication endpoints

Infrastructure Security

  • Regular security audits and penetration testing
  • Automated security updates and patches
  • Firewall and DDoS protection
  • 24/7 system monitoring and alerts

Code & Data Protection

  • Your code remains your intellectual property
  • Opt-out available for AI training on your code
  • Temporary storage only for active sessions
  • No sharing or selling of your code or data

Security Compliance

Meeting industry standards and best practices

OWASP Top 10

We actively protect against the OWASP Top 10 security vulnerabilities including SQL injection, XSS, CSRF, and authentication issues.

Input Validation & Sanitization

All user inputs are validated and sanitized to prevent injection attacks and ensure data integrity.

CSRF Protection

Cross-Site Request Forgery protection is enabled on all state-changing operations.

Rate Limiting

API rate limiting prevents abuse and protects against brute force attacks.

Secure Payment Processing

We use Stripe for payment processing. We never store credit card information on our servers.

Responsible Disclosure

Help us keep FN Coding Agent secure

Report a Security Vulnerability

If you discover a security vulnerability in FN Coding Agent, we appreciate your help in disclosing it to us responsibly. We take all security reports seriously and will investigate all legitimate reports.

How to Report

  • Email security reports to: hello@fairenation.com
  • Include detailed steps to reproduce the vulnerability
  • Provide any relevant screenshots or proof-of-concept code
  • Allow us reasonable time to fix the issue before public disclosure

What to Expect

  • Acknowledgment of your report within 48 hours
  • Regular updates on the status of your report
  • Recognition in our security acknowledgments (if desired)
  • Potential rewards for significant vulnerability discoveries

Security Best Practices

How you can help keep your account secure

Use Strong Passwords

Create unique, complex passwords and consider using a password manager.

Enable 2FA (Coming Soon)

Two-factor authentication adds an extra layer of security to your account.

Keep Software Updated

Always use the latest version of the VS Code extension and keep your IDE updated.

Review Account Activity

Regularly check your account activity and report any suspicious behavior immediately.

Don't Share Credentials

Never share your API keys, tokens, or account credentials with anyone.

Secure Your Workspace

Keep your development environment secure with proper access controls and encryption.

Questions About Security?

If you have questions about our security practices or need to report a security concern, we're here to help.

Report Security Issue General Inquiries