Security is the product. Omega Guard protects brands, so we hold our own systems to the same standard. Member data and preserved evidence are encrypted, access-controlled, tamper-evident, and never acted on without a human in the loop.
Encrypted, edge-delivered infrastructure
Omega Guard runs on Cloudflare's global network. All traffic is served over HTTPS with HSTS enforced, and connections to our systems are encrypted in transit. The public site ships a strict Content-Security-Policy and a full set of security response headers (X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy).
Tamper-evident evidence (chain of custody)
When a clone or impostor site is confirmed, we preserve an evidence bundle — page capture, registration data, certificate, and an archive copy. Each artifact is hashed with SHA-256 and recorded in a custody log, so the evidence can be shown not to have changed after collection. This is what makes a takedown request or legal complaint credible.
Access control & audit logging
- Administrative and write operations are gated behind authenticated, least-privilege access and fail closed.
- Every significant action is recorded in an append-only audit log.
- Member-facing access is scoped per member and revocable.
Human-in-the-loop by design
Detection is automated; action is not. A trained reviewer confirms a finding before any member alert, evidence preservation, or takedown step proceeds. Our systems never autonomously contact a third party, and any AI involvement in triage is disclosed.
Data minimization
We collect only what the service needs, analyze impostor website artifacts rather than people, and do not build profiles of individuals. See our Privacy Policy for details on what we collect and why.
Responsible disclosure
If you believe you have found a security vulnerability in Omega Guard or any Omega Point Solutions service, we want to hear from you. Please email [email protected] with the subject line "Security Disclosure" and enough detail to reproduce the issue. Please give us a reasonable opportunity to address it before any public disclosure, and do not access or modify data that isn't yours. We appreciate good-faith research and will not pursue action against researchers who follow this policy.
Continuous improvement
Security is an ongoing practice, not a checkbox. We review our systems regularly and update our controls as the threat landscape changes. This page will be revised as our posture evolves.
Contact
Security questions? Email [email protected] or visit omegapointsolutions.com.