Trust Center
Resonance is designed for production incident response. This hub summarises the controls already in-place—security headers, signed desktop payloads, transparent updates—and where to escalate questions.
Strict Content Security Policy, HSTS, frame protections, and hardened cookies mirror OWASP best practices across every page load.
View security baseline →Platform binaries ship with signing + notarisation guidance for macOS, Authenticode for Windows, and GPG for Linux plus staged auto-update manifests.
Review signing guide →Incremental updates are SHA256 verified, staged, and never applied silently—operators choose when to promote a download.
Inspect update workflow →Every deployment inherits the baseline documented above: TLS-only session cookies, constant-time API key checks, and CSP rules that explicitly admit Intercom, Stripe, and Resonance-controlled origins. Dashboard releases are versioned and tagged; the agent exposes version metadata so you can confirm what is running directly from the UI. Export a JSON/CSV health snapshot from the dashboard Overview to capture the same data for audits.
For urgent issues you can page the operations desk directly. Non-urgent security questions are triaged within one business day.