Security
Our commitment to protecting your data and our infrastructure
Security & Reputation Status
Last verified: May 26, 2026 — all systems nominal
Our Security Posture
Security is foundational to what we do. BJNexora Solutions builds tools used by federal agencies and enterprises where reliability and data protection are non-negotiable. We apply the same standards to our own infrastructure that we recommend to our clients.
Website Security
The bjnexora-solutions.com website is secured with the following controls:
- HTTPS / TLS — All connections are encrypted. HTTP requests are automatically redirected to HTTPS.
- Security headers — We enforce
X-Frame-Options: DENY,X-Content-Type-Options: nosniff,X-XSS-Protection, and a strictReferrer-Policyon all responses. - Permissions Policy — Camera, microphone, and geolocation access are disabled by policy.
- No inline credentials — No API keys, secrets, or tokens are embedded in any client-side code.
- Content minimization — The site serves only static HTML, CSS, and images. No server-side session state is maintained.
Data Handling
Contact form submissions and trial license requests are processed via Google Firebase Cloud Functions (Google Cloud Platform, US region). We apply the following data protection practices:
- Data is transmitted only over encrypted channels (HTTPS)
- Form submissions are not logged to browser-accessible storage
- Personal data collected is limited to what is necessary to respond to your inquiry
- We do not store payment card data — no payment processing occurs on this site
- We do not collect or process classified, controlled unclassified (CUI), or personally identifiable government information through this website
NexoLoad Software Security
NexoLoad binaries are distributed directly from our Netlify-hosted CDN over HTTPS. Software integrity guidance:
- Always download NexoLoad from bjnexora-solutions.com/downloads/ — do not use third-party mirrors
- Verify binary checksums when provided in your license delivery email
- NexoLoad does not phone home, send telemetry, or transmit test data to BJNexora servers unless explicitly configured
- License keys are validated locally or against our Firebase endpoint over HTTPS
Federal and Compliance Considerations
For federal deployments, we understand that NexoLoad may be used within environments subject to FISMA, NIST 800-53, and agency-specific security frameworks. We support customers in their ATO (Authority to Operate) process by providing:
- Software Architecture and Data Flow documentation upon request
- No persistent outbound network connections during load test execution (Lite mode)
- Air-gapped deployment support for classified or restricted environments
Contact us at contacts@bjnexora-solutions.com for security documentation requests.
Responsible Disclosure
We take vulnerability reports seriously. If you believe you have discovered a security issue in our website, software, or infrastructure, please report it responsibly.
Security Contact
Email: contacts@bjnexora-solutions.com
Subject line: [SECURITY] followed by a brief description
We will acknowledge your report within 3 business days and provide a resolution timeline. We ask that you not publicly disclose vulnerabilities until we have had reasonable time to address them.
Scope
In-scope for responsible disclosure:
- bjnexora-solutions.com and all subdomains
- NexoLoad binary — license validation, CLI behavior, output handling
- Firebase Cloud Functions endpoints used for form/license processing
Out of scope: social engineering attacks, physical security, denial-of-service testing against our production infrastructure, and issues in third-party services (Google Analytics, Netlify, Firebase) that should be reported directly to those vendors.
Contact
For security-related questions or to report an issue:
- Email: contacts@bjnexora-solutions.com
- Phone: 703-928-9090
- Address: BJNexora Solutions, Ashburn, Virginia 20148