Security
Security designed into the system
Controls are selected for each application’s users, data, risk and operating environment.
Threats, trust boundaries, access roles, sensitive data and failure modes are considered during discovery and architecture.
Validation, least privilege, secret isolation, secure browser policy and auditable server behaviour are applied where relevant.
Deployment, rollback, logging, backup, monitoring and incident responsibilities are documented for the engagement.
Responsible reporting
Report a security concern
Email admin@workroot.in with “Security report” in the subject. Avoid including personal data beyond what is needed for initial triage.