Security

RAW SLU takes the security of its infrastructure, partners and users seriously. This page outlines our security posture and how to report potential issues responsibly.

Infrastructure

Our properties are hosted on industry-grade infrastructure with hardened defaults: TLS encryption in transit, secure HTTP headers, regular OS and dependency patching, and isolated environments for production workloads.

Application security

• Inputs are validated and sanitized at boundary layers
• Authentication relies on industry-standard protocols (OAuth 2.0, session tokens)
• Secrets are stored in dedicated environment configuration, never committed to code
• Access to sensitive systems is restricted via SSH keys and least-privilege principles

Reporting a vulnerability

If you believe you have found a security vulnerability on any of our properties, we appreciate responsible disclosure. Please contact us at contact@rawmedia.network with:

• A clear description of the issue
• Steps to reproduce
• The potential impact
• Your contact details (so we can follow up)

We will acknowledge your report within 5 business days and work in good faith to address valid issues. We ask that you do not publicly disclose the vulnerability until we have had a reasonable opportunity to remediate.

Safe harbor

Security research conducted in good faith, in accordance with this policy and without harming our users or services, will not result in legal action from RAW SLU.