RedCon1ResponseReady Before the Breach
ServicesPricingInsightsReadiness ScenariosResourcesAboutContact

Security and confidentiality

Security & Confidentiality Statement

Trust starts with clear boundaries. RedCon1Response treats website submissions as business inquiry information and designs public forms for readiness conversations, not active incident evidence exchange.

Last updated: May 2026

HTTPS enabled

The public site is served over encrypted HTTPS.

Business inquiry data

Forms are intended for business contact and readiness inquiry information.

Separate secure workflow

Sensitive client materials should be handled through agreed secure channels.

Important: Do not submit credentials, malware samples, forensic evidence, regulated data, privileged legal material, or active incident details through public website forms.

How we protect website data

  • Use of HTTPS/TLS for encrypted browser connections.
  • Use of reputable hosting and infrastructure providers.
  • Limited collection of information through website forms.
  • Routine review of website content, links, redirects, and public-facing assets.
  • Administrative access limited to authorized accounts where practical.

Data we do not want through public forms

  • Passwords, API keys, session tokens, private keys, or credentials.
  • Malware samples, forensic images, packet captures, or exploit code.
  • Regulated data, protected health information, financial account data, or personal identifiers not required for a readiness inquiry.
  • Privileged legal communications or confidential board materials.
  • Live incident evidence or urgent containment instructions.

Lead capture and company domains

  • Resource download forms may request name, company, role, and business email.
  • Where practical, forms should prioritize company-domain email addresses and discourage generic consumer email domains for business readiness resources.
  • Form validation improves lead quality, but it does not verify authority to represent an organization.

Confidentiality posture

  • Information submitted through the website is treated as business inquiry information, not as a secure evidence exchange portal.
  • Confidentiality obligations for paid services should be documented in a separate agreement, statement of work, NDA, or engagement terms.
  • Do not use website forms as a substitute for a secure client portal, legal hold workflow, incident bridge, or evidence repository.

Responsible disclosure

  • If you believe you found a security issue on this website, provide a concise description through the contact form without including exploit payloads, sensitive data, or disruptive proof-of-concept activity.
  • Do not perform destructive testing, credential attacks, social engineering, denial-of-service testing, or attempts to access data that is not yours.

Operational limitations

  • This website is not monitored as a 24/7 emergency response queue.
  • A website submission does not guarantee immediate review, acceptance of an engagement, or availability for urgent support.
  • Organizations with active incidents should use retained IR providers, cyber insurance hotlines, outside counsel, or established emergency response channels.

Continuous improvement

RedCon1Response will continue improving the site’s security, privacy, content accuracy, and lead-capture experience as the firm grows.