Security at Formula Genius

1. Security Model

Formula Genius, operated by DEXIUM LABS LLC, is designed with secure-by-default controls across authentication, request validation, rate limiting, data access, and operational monitoring. We continuously test and harden the service while preserving product reliability for production spreadsheet workflows.

2. Authentication and Access Control

• Email OTP and OAuth sign-in are supported through managed identity providers.
• Session cookies are HTTP-only and protected with CSRF checks on state-changing endpoints.
• Admin endpoints are isolated and require elevated authorization checks.

3. Application Security Controls

• Input validation and route-level guardrails are applied at public and authenticated boundaries.
• Security headers, origin controls, and request throttling are enforced at runtime.
• Webhook endpoints validate signatures and reject tampered payloads.

4. Infrastructure and Data Security

• Production traffic is served over TLS.
• Sensitive operations are restricted to server-side service credentials.
• Database access follows least-privilege principles and policy-based controls.

5. Monitoring and Incident Response

We monitor availability, abnormal traffic patterns, and security-relevant events. Incident response includes containment, root-cause investigation, and user communication when required.

6. Responsible Disclosure

If you discover a vulnerability, please report it to security@formulagenius.co with steps to reproduce and impact details. Please avoid automated disruption or data exfiltration while testing.

7. Security and Compliance Questions

For customer security questionnaires or architectural clarifications, contact security@formulagenius.co.