# eSolia Pulse Security Information
# https://securitytxt.org/

Contact: mailto:security@esolia.co.jp
Contact: https://esolia.com/contact
Expires: 2026-12-10T19:12:50.865Z
Preferred-Languages: en, ja
Canonical: https://pulse.esolia.com/.well-known/security.txt
Policy: https://pulse.esolia.com/security
Acknowledgments: https://pulse.esolia.com/security/acknowledgments

# Security Standards
# This application is developed following:
# - OWASP Top 10 (2021) security guidelines
# - ISO 27001/27002 information security controls
# - Japan FSA cybersecurity guidelines for financial services

# Infrastructure Security
# - Cloudflare Pages (edge deployment, DDoS protection)
# - Cloudflare D1 (encrypted SQLite databases)
# - Cloudflare R2 (encrypted object storage)
# - TLS 1.3 for all communications
# - Regional data placement (APAC, EU, NA)

# Authentication & Authorization
# - JWT tokens in httpOnly, Secure, SameSite cookies
# - Role-based access control (RBAC)
# - Multi-tenant data isolation
# - Server-side session validation

# For technical security details, see:
# https://pulse.esolia.com/security/technical